urlscan.io logo urlscan.io
SecurityTrails logo

controlc.com Open in urlscan Pro
172.67.219.69  Public Scan

Go To Rescan Add Verdict Report
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Submission: On October 03 via manual from IE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 5 countries across 61 domains to perform 252 HTTP transactions. The main IP is 172.67.219.69, located in United States and belongs to CLOUDFLARENET, US. The main domain is controlc.com. The Cisco Umbrella rank of the primary domain is 888112.
TLS certificate: Issued by WE1 on September 20th 2024. Valid for: 3 months.
This is the only time controlc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 172.67.219.69 13335 (CLOUDFLAR...)
7 104.18.21.206 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
9 34.160.152.31 396982 (GOOGLE-CL...)
10 172.253.62.157 15169 (GOOGLE)
3 2600:9000:26f... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 34.111.152.239 396982 (GOOGLE-CL...)
2 172.64.144.166 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 34.221.217.118 16509 (AMAZON-02)
4 34.120.111.33 396982 (GOOGLE-CL...)
2 5 35.244.193.51 396982 (GOOGLE-CL...)
2 34.200.65.202 14618 (AMAZON-AES)
2 54.198.126.40 14618 (AMAZON-AES)
14 2606:4700:10:... 13335 (CLOUDFLAR...)
3 44.193.142.207 14618 (AMAZON-AES)
2 4 15.197.193.217 16509 (AMAZON-02)
2 18.236.67.200 16509 (AMAZON-02)
1 3 2620:116:800b... 14618 (AMAZON-AES)
15 142.251.111.155 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
5 23.62.164.208 16625 (AKAMAI-AS)
1 34.36.214.49 396982 (GOOGLE-CL...)
8 54.81.176.122 14618 (AMAZON-AES)
8 34.107.140.113 396982 (GOOGLE-CL...)
10 3.224.48.30 14618 (AMAZON-AES)
4 2620:100:a00b... 19750 (AS-CRITEO)
2 207.65.37.179 62713 (AS-PUBMATIC)
2 3.208.175.5 14618 (AMAZON-AES)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 173.194.66.148 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.211.226.62 14618 (AMAZON-AES)
1 2600:9000:21d... 16509 (AMAZON-02)
1 1 23.220.128.23 16625 (AKAMAI-AS)
1 10 44.227.183.117 16509 (AMAZON-02)
2 3 68.67.181.211 29990 (ASN-APPNEX)
2 2 8.28.7.83 62713 (AS-PUBMATIC)
1 69.173.151.100 26667 (RUBICONPR...)
4 4 34.111.113.62 396982 (GOOGLE-CL...)
1 2 142.251.174.155 15169 (GOOGLE)
1 69.194.240.13 26120 (RHYTHMONE)
2 2 50.16.193.48 14618 (AMAZON-AES)
1 1 2620:112:f008... 26120 (RHYTHMONE)
2 2620:100:a00b::4 19750 (AS-CRITEO)
1 35.186.253.211 15169 (GOOGLE)
1 3.226.63.171 14618 (AMAZON-AES)
1 2602:803:c002... 26667 (RUBICONPR...)
2 130.211.23.194 396982 (GOOGLE-CL...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 142.251.163.103 15169 (GOOGLE)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 54.87.127.173 14618 (AMAZON-AES)
2 2 185.167.164.39 198622 (ADFORM)
1 35.71.139.29 16509 (AMAZON-02)
1 151.101.193.108 54113 (FASTLY)
1 2 151.101.130.49 54113 (FASTLY)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
1 34.201.158.95 14618 (AMAZON-AES)
1 23.50.125.215 16625 (AKAMAI-AS)
2 3 35.211.202.130 19527 (GOOGLE-2)
2 142.251.179.156 15169 (GOOGLE)
2 142.251.179.155 15169 (GOOGLE)
1 34.226.166.142 14618 (AMAZON-AES)
1 1 35.190.90.30 15169 (GOOGLE)
1 69.169.85.6 29838 (AMC)
1 2620:100:a00b... 19750 (AS-CRITEO)
2 8.28.7.95 62713 (AS-PUBMATIC)
13 172.66.41.9 13335 (CLOUDFLAR...)
4 172.66.42.247 13335 (CLOUDFLAR...)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 2600:9000:26f... 16509 (AMAZON-02)
1 1 67.202.105.24 32748 (STEADFAST)
1 1 67.202.105.33 32748 (STEADFAST)
1 67.202.105.34 32748 (STEADFAST)
1 108.139.29.127 16509 (AMAZON-02)
1 2 2600:9000:26f... 16509 (AMAZON-02)
1 162.19.138.82 16276 (OVH)
3 4 162.19.138.116 16276 (OVH)
1 1 23.83.76.53 395954 (LEASEWEB-...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 3.87.177.86 14618 (AMAZON-AES)
1 52.7.57.123 14618 (AMAZON-AES)
1 1 54.88.183.94 14618 (AMAZON-AES)
1 34.199.38.231 14618 (AMAZON-AES)
1 209.85.232.132 15169 (GOOGLE)
1 1 74.214.194.131 19189 (PULSEPOINT)
2 2a04:4e42:200... 54113 (FASTLY)
4 104.17.25.14 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
252 83
15    172.67.219.69 (United States)

ASN13335 (CLOUDFLARENET, US)
controlc.com
7    104.18.21.206 (None, )

ASN13335 (CLOUDFLARENET, US)
a.pub.network
2    2607:f8b0:4004:c09::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
10    172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
securepubads.g.doubleclick.net
3    2600:9000:26fa:6400:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.inmobi.com
1    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c08::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4004:c0b::9a (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
4    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
2    172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
2    2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
4    34.221.217.118 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-221-217-118.us-west-2.compute.amazonaws.com
pb-rtd.ccgateway.net
pb-ing.ccgateway.net
4    34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com
cdn.edkt.io
api.edkt.io
5    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    54.198.126.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-126-40.compute-1.amazonaws.com
fid.agkn.com
14    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
p.ad.gt
3    44.193.142.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-142-207.compute-1.amazonaws.com
idx.liadm.com
4    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    18.236.67.200 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-236-67-200.us-west-2.compute.amazonaws.com
pb-ing.ccgateway.net
3    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
15    142.251.111.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net
pagead2.googlesyndication.com
1    2607:f8b0:400d:c07::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
d0867346db9452d1fff2d62a7f27f941.safeframe.googlesyndication.com
5    23.62.164.208 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-164-208.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com
pa.openx.net
8    54.81.176.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-176-122.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
8    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
10    3.224.48.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-48-30.compute-1.amazonaws.com
g2.gumgum.com
4    2620:100:a00b::30 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
grid.bidswitch.net
2    207.65.37.179 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    3.208.175.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-175-5.compute-1.amazonaws.com
tlx.3lift.com
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
3    173.194.66.148 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f148.1e100.net
ad.doubleclick.net
3    2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:1f18:730:b120:a80c:fec8:4759:b1e1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    3.211.226.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-226-62.compute-1.amazonaws.com
rp4.liadm.com
1    2600:9000:21dd:8400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    23.220.128.23 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-128-23.deploy.static.akamaitechnologies.com
hbx.media.net
10    44.227.183.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-183-117.us-west-2.compute.amazonaws.com
ids.ad.gt
3    68.67.181.211 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
2    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    142.251.174.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f155.1e100.net
cm.g.doubleclick.net
1    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    50.16.193.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-193-48.compute-1.amazonaws.com
dpm.demdex.net
1    2620:112:f008:200::101 (United States)

ASN26120 (RHYTHMONE, US)
d.turn.com
2    2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    3.226.63.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-63-171.compute-1.amazonaws.com
ads.yieldmo.com
1    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
3    2607:f8b0:4004:c09::8a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
seg.ad.gt
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
pixels.ad.gt
proton.ad.gt
1    142.251.163.103 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f103.1e100.net
www.google.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    54.87.127.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-127-173.compute-1.amazonaws.com
usersync.gumgum.com
2    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    151.101.193.108 (San Francisco, United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    151.101.130.49 (San Francisco, United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
1    34.201.158.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-158-95.compute-1.amazonaws.com
ads.yieldmo.com
1    23.50.125.215 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-125-215.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    35.211.202.130 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 130.202.211.35.bc.googleusercontent.com
x.bidswitch.net
2    142.251.179.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f156.1e100.net
googleads.g.doubleclick.net
2    142.251.179.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f155.1e100.net
googleads.g.doubleclick.net
1    34.226.166.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-166-142.compute-1.amazonaws.com
protected-by.clarium.io
1    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
1    69.169.85.6 (Warwick, United States)

ASN29838 (AMC, US)
global.ib-ibi.com
1    2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    8.28.7.95 (United States)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
13    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3044.infolinks.com
4    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
router.infolinks.com
rt3044.infolinks.com
resources.infolinks.com
1    172.64.152.89 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    2600:9000:26fa:7e00:1c:2afd:fb00:93a1 (United States)

ASN16509 (AMAZON-02, US)
d-code.liadm.com
1    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
1    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
hde.tynt.com
1    108.139.29.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-127.jfk50.r.cloudfront.net
api.intentiq.com
2    2600:9000:26fa:dc00:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
1    23.83.76.53 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync-global.smartadserver.com
1    2607:f8b0:4004:c1d::95 (Washington, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    3.87.177.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-87-177-86.compute-1.amazonaws.com
ice.360yield.com
1    52.7.57.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-57-123.compute-1.amazonaws.com
match.prod.bidr.io
1    54.88.183.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-183-94.compute-1.amazonaws.com
ap.lijit.com
1    34.199.38.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-38-231.compute-1.amazonaws.com
ce.lijit.com
1    209.85.232.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f132.1e100.net
tpc.googlesyndication.com
1    74.214.194.131 (Amsterdam, Netherlands)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
4    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2607:f8b0:400d:c00::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
Apex Domain
Subdomains		 Transfer
28 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1450
a.ad.gt — Cisco Umbrella Rank: 1552
p.ad.gt — Cisco Umbrella Rank: 1739
ids.ad.gt — Cisco Umbrella Rank: 1464
seg.ad.gt — Cisco Umbrella Rank: 1970
pixels.ad.gt — Cisco Umbrella Rank: 1626
proton.ad.gt — Cisco Umbrella Rank: 8121
77 KB
21 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
td.doubleclick.net — Cisco Umbrella Rank: 192
ad.doubleclick.net — Cisco Umbrella Rank: 150
cm.g.doubleclick.net — Cisco Umbrella Rank: 283
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
584 KB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
d0867346db9452d1fff2d62a7f27f941.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
215 KB
17 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 6615
router.infolinks.com — Cisco Umbrella Rank: 2473
rt3044.infolinks.com — Cisco Umbrella Rank: 57390
111 KB
16 pub.network
a.pub.network — Cisco Umbrella Rank: 4334
d.pub.network — Cisco Umbrella Rank: 4827
c.pub.network — Cisco Umbrella Rank: 4413
338 KB
15 controlc.com
controlc.com — Cisco Umbrella Rank: 888112
110 KB
12 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1420
usersync.gumgum.com — Cisco Umbrella Rank: 1549
21 KB
11 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 557
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 480
image2.pubmatic.com — Cisco Umbrella Rank: 867
st.pubmatic.com — Cisco Umbrella Rank: 1294
21 KB
10 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 495
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1912
3 KB
8 t13.io
s2s.t13.io — Cisco Umbrella Rank: 2681
13 KB
7 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1340
cdn-ima.33across.com — Cisco Umbrella Rank: 1183
ssc-cms.33across.com — Cisco Umbrella Rank: 902
8 KB
6 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 1307
rp.liadm.com — Cisco Umbrella Rank: 925
rp4.liadm.com — Cisco Umbrella Rank: 5447
d-code.liadm.com — Cisco Umbrella Rank: 3396
47 KB
6 ccgateway.net
pb-rtd.ccgateway.net — Cisco Umbrella Rank: 6369
pb-ing.ccgateway.net — Cisco Umbrella Rank: 5543
1 KB
5 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1291
x.bidswitch.net — Cisco Umbrella Rank: 399
1 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
36 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
5 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 446
1 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 267 Failed
secure.adnxs.com — Cisco Umbrella Rank: 479
acdn.adnxs.com — Cisco Umbrella Rank: 613
16 KB
4 openx.net
pa.openx.net — Cisco Umbrella Rank: 3256
rtb.openx.net — Cisco Umbrella Rank: 556 Failed
u.openx.net — Cisco Umbrella Rank: 743
554 B
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 373
2 KB
4 edkt.io
cdn.edkt.io — Cisco Umbrella Rank: 6945
api.edkt.io — Cisco Umbrella Rank: 7705
7 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 883
api.btloader.com — Cisco Umbrella Rank: 1013
20 KB
4 optimise.net
optimise.net — Cisco Umbrella Rank: 5282
1 KB
3 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 2329
sync.intentiq.com — Cisco Umbrella Rank: 993
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
23 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 535
eb2.3lift.com — Cisco Umbrella Rank: 415
13 KB
3 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 745
gum.criteo.com — Cisco Umbrella Rank: 461
437 B
3 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492 Failed
token.rubiconproject.com — Cisco Umbrella Rank: 486
eus.rubiconproject.com — Cisco Umbrella Rank: 600
7 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1471
pixel.quantserve.com — Cisco Umbrella Rank: 1044
cms.quantserve.com — Cisco Umbrella Rank: 839
10 KB
3 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 5253
46 KB
2 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 5947
170 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 774
ce.lijit.com — Cisco Umbrella Rank: 912
243 B
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1465
hde.tynt.com — Cisco Umbrella Rank: 3448
749 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 780
496 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 604
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 545
921 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 776
31 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 243
1 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 904
1 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 559 Failed
365 B
2 agkn.com
fid.agkn.com — Cisco Umbrella Rank: 2117
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1693
123 KB
2 google.com
analytics.google.com — Cisco Umbrella Rank: 147
www.google.com — Cisco Umbrella Rank: 3
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
184 KB
1 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 501
145 KB
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 541
1 KB
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 598
433 B
1 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2208
506 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 364
39 KB
1 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1767
214 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 917
284 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 2194
72 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1302
646 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1576
244 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1290
443 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 503
99 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1077
925 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1501
1 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1601
12 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 5953
667 B
0 rlcdn.com Failed
api.rlcdn.com Failed
252 61
Domain Requested by
15 pagead2.googlesyndication.com securepubads.g.doubleclick.net
cdn.edkt.io
controlc.com
pagead2.googlesyndication.com
blank
googleads.g.doubleclick.net
15 controlc.com 1 redirects controlc.com
10 ids.ad.gt 1 redirects
10 g2.gumgum.com a.pub.network
10 securepubads.g.doubleclick.net a.pub.network
securepubads.g.doubleclick.net
controlc.com
pagead2.googlesyndication.com
imasdk.googleapis.com
9 resources.infolinks.com securepubads.g.doubleclick.net
controlc.com
resources.infolinks.com
router.infolinks.com
8 s2s.t13.io a.pub.network
8 c2shb.pubgw.yahoo.com a.pub.network
8 c.pub.network a.pub.network
7 id.hadron.ad.gt a.pub.network
cdn.hadronid.net
7 a.pub.network controlc.com
a.pub.network
5 rt3044.infolinks.com resources.infolinks.com
5 p.ad.gt a.ad.gt
p.ad.gt
5 ads.pubmatic.com a.pub.network
controlc.com
blank
5 pb-ing.ccgateway.net a.pub.network
5 lexicon.33across.com 2 redirects cdn-ima.33across.com
4 cdnjs.cloudflare.com a.pub.network
4 id5-sync.com 3 redirects resources.infolinks.com
4 googleads.g.doubleclick.net controlc.com
blank
pagead2.googlesyndication.com
4 pixel.tapad.com 4 redirects
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
4 match.adsrvr.org 2 redirects a.pub.network
4 optimise.net a.pub.network
3 router.infolinks.com resources.infolinks.com
3 x.bidswitch.net 2 redirects
3 www.google-analytics.com p.ad.gt
www.google-analytics.com
3 ad.doubleclick.net googleads.g.doubleclick.net
3 idx.liadm.com a.pub.network
d-code.liadm.com
3 cmp.inmobi.com a.pub.network
cmp.inmobi.com
2 vjs.zencdn.net a.pub.network
2 sync.intentiq.com 1 redirects
2 api.edkt.io cdn.edkt.io
2 st.pubmatic.com controlc.com
blank
2 u.openx.net 1 redirects a.pub.network
2 sync-tm.everesttech.net 1 redirects a.pub.network
2 c1.adform.net 2 redirects
2 usersync.gumgum.com a.pub.network
2 creativecdn.com 2 redirects
2 seg.ad.gt p.ad.gt
2 api.btloader.com freestar-io.videoplayerhub.com
2 static.criteo.net a.pub.network
static.criteo.net
2 dpm.demdex.net 2 redirects
2 cm.g.doubleclick.net 1 redirects
2 image2.pubmatic.com 2 redirects
2 secure.adnxs.com 2 redirects
2 a.ad.gt cdn.hadronid.net
p.ad.gt
2 ad-delivery.net
2 tlx.3lift.com a.pub.network
2 ads.yieldmo.com a.pub.network
2 grid.bidswitch.net a.pub.network
2 hbopenbid.pubmatic.com a.pub.network
2 bidder.criteo.com a.pub.network
2 fid.agkn.com a.pub.network
2 ups.analytics.yahoo.com a.pub.network
2 cdn.edkt.io a.pub.network
cdn.edkt.io
2 btloader.com freestar-io.videoplayerhub.com
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 www.googletagmanager.com controlc.com
p.ad.gt
1 imasdk.googleapis.com a.pub.network
1 cms.quantserve.com 1 redirects
1 bh.contextweb.com 1 redirects
1 ce.lijit.com a.pub.network
1 ap.lijit.com 1 redirects
1 match.prod.bidr.io
1 ice.360yield.com 1 redirects
1 s0.2mdn.net blank
1 ssbsync-global.smartadserver.com 1 redirects
1 lb.eu-1-id5-sync.com resources.infolinks.com
1 api.intentiq.com resources.infolinks.com
1 hde.tynt.com a.pub.network
1 de.tynt.com 1 redirects
1 ssc-cms.33across.com 1 redirects
1 d-code.liadm.com resources.infolinks.com
1 cdn-ima.33across.com resources.infolinks.com
1 gum.criteo.com static.criteo.net
1 global.ib-ibi.com
1 odr.mookie1.com 1 redirects
1 proton.ad.gt p.ad.gt
1 protected-by.clarium.io controlc.com
1 pixel.quantserve.com
1 eus.rubiconproject.com a.pub.network
1 acdn.adnxs.com a.pub.network
1 eb2.3lift.com a.pub.network
1 www.google.com tpc.googlesyndication.com
1 pixels.ad.gt p.ad.gt
1 d.turn.com 1 redirects
1 sync.1rx.io
1 token.rubiconproject.com
1 hbx.media.net 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 rp4.liadm.com
1 rp.liadm.com 1 redirects
1 rtb.openx.net a.pub.network
1 fastlane.rubiconproject.com a.pub.network
1 ib.adnxs.com a.pub.network
1 pa.openx.net a.pub.network
1 d0867346db9452d1fff2d62a7f27f941.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.quantserve.com a.pub.network
1 pb-rtd.ccgateway.net a.pub.network
1 cdn.hadronid.net a.pub.network
1 freestar-io.videoplayerhub.com 1 redirects
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 d.pub.network controlc.com
0 api.rlcdn.com Failed a.pub.network
252 106

This site contains links to these domains. Also see Links.

Domain
ads.freestar.com
Subject Issuer Validity Valid
controlc.com
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
pub.network
WE1		 2024-09-17 -
2024-12-16		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
d.pub.network
WR3		 2024-09-12 -
2024-12-11		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2024-07-31 -
2025-07-31		 a year crt.sh
*.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
c.pub.network
WR3		 2024-09-09 -
2024-12-08		 3 months crt.sh
optimise.net
WR3		 2024-09-09 -
2024-12-08		 3 months crt.sh
confiant-integrations.net
WE1		 2024-09-09 -
2024-12-08		 3 months crt.sh
hadronid.net
WE1		 2024-09-24 -
2024-12-23		 3 months crt.sh
ccgateway.net
E5		 2024-08-07 -
2024-11-05		 3 months crt.sh
edkt.io
WR3		 2024-10-01 -
2024-12-30		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-08-29 -
2025-02-19		 6 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2024-09-13 -
2025-09-29		 a year crt.sh
id.hadron.ad.gt
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-07-31 -
2025-08-29		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
quantserve.com
R11		 2024-08-23 -
2024-11-21		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
pa.openx.net
WR3		 2024-09-17 -
2024-12-16		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-09-06 -
2025-03-05		 6 months crt.sh
s2s.t13.io
WR3		 2024-09-05 -
2024-12-04		 3 months crt.sh
va-ad-exch-dev-eks.dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M03		 2024-07-14 -
2025-08-12		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-25		 3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-23 -
2024-12-21		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2024-03-13 -
2025-04-10		 a year crt.sh
btloader.com
WE1		 2024-08-10 -
2024-11-08		 3 months crt.sh
ad-delivery.net
WE1		 2024-09-12 -
2024-12-11		 3 months crt.sh
a.ad.gt
WE1		 2024-08-07 -
2024-11-05		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
*.ad.gt
Amazon RSA 2048 M02		 2024-03-10 -
2025-04-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2024-06-13 -
2025-07-14		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-21		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M03		 2024-07-15 -
2025-08-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
api.btloader.com
WR3		 2024-10-01 -
2024-12-30		 3 months crt.sh
seg.ad.gt
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh
pixels.ad.gt
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-09		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-06-13 -
2025-07-15		 a year crt.sh
protected-by.clarium.io
Amazon RSA 2048 M03		 2023-11-16 -
2024-12-15		 a year crt.sh
proton.ad.gt
WE1		 2024-09-07 -
2024-12-06		 3 months crt.sh
infolinks.com
WE1		 2024-08-10 -
2024-11-08		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-30		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-30		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M03		 2024-03-26 -
2025-04-24		 a year crt.sh
*.eu-1-id5-sync.com
R10		 2024-09-01 -
2024-11-30		 3 months crt.sh
lexicon.33across.com
WR3		 2024-09-06 -
2024-12-05		 3 months crt.sh
*.id5-sync.com
E5		 2024-09-01 -
2024-11-30		 3 months crt.sh
*.lijit.com
Amazon RSA 2048 M03		 2024-02-11 -
2025-03-12		 a year crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-06 -
2025-04-07		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 36 frames:

Primary Page: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Frame ID: 57A4531DAEEA8E47603ADBAF725F4A9D
Requests: 179 HTTP requests in this frame

Frame: https://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: E29D95D687B040CCF4AD2D394C13B910
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-3KD3DPS4TE&gacid=366337405.1727944347&gtm=45je4a10v9125033100za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529666~101671035~101747727&z=1095187767
Frame ID: 6726E6906272A7D3DDA3472577C1E55B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: D4F3EFBE7401D46A19268BDE482F4B71
Requests: 1 HTTP requests in this frame

Frame: https://d0867346db9452d1fff2d62a7f27f941.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8B344695E4A11064F726867221A8AF95
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 6A88492C106760D69A365E2A52AEECAF
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: D1C6B68AB1945524B105CC223843F7CE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.edkt.io/check/index.html
Frame ID: DAAC7E33C74F6C53A0B8FEE9E697B174
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: FB14D058307A53BD123A8DB76E231F71
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7C39688154CF298687322B916AADDFC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=WBPVVLQ6Fq2JTSROh7nt4ortBvM32I4yjl-jxR3VuUI&pi=gumgum&tc=1
Frame ID: A710117B0B6F9C3247E398DDC79910A2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=8375283706388319130&gdpr=0&gdpr_consent=
Frame ID: ADF413963CC6F831C110BC97EE426F91
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 6E73717681B8AF5CA9F436D26554CC30
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D2437231008846B8A2F63E3021847908
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
Frame ID: 419CC87215C0A3F8BBA546A44FAF1085
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Zv5WnQAGlHfEAAA3
Frame ID: DBAE0A9CB8153221D3CC3FD6C85F0991
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 16A2647C2335DF403EB5B789148C56D3
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 51857114742D3AA0DDD1F22B22FE153C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: C504AC87F12E26AFF4FD73BF97C57701
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2536424872&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=162.245.206.248&odt=2&output=html&psd=W10%3D&unviewed_position_start=1&url=https://controlc.com/e4d11035+benign.exe+https://controlc.com/e4d11035+benign.exe&sub_client=bidder-269885&hl=en&u_h=1200&u_w=1600&aceid=MOQVtAD6WDQBRls0AdKQNAErozQBHKY0AVumNAG9pjQBv6Y0AcqmNAHUpjQBaac0Aa2nNAGwpzQBxac0Ac6nNAHTpzQB4Kc0AeGnNAHupzQB86c0AfynNAEAqDQBAag0AQmoNAEKqDQBDKg0ARCoNAEkqDQBS3NBAVNzQQFYc0EBmR1cAvUhXAICIlwC1_aIAgz_iALAAIkCAAGJAicBiQIwAYkCJ0KqAihCqgKKb6oCgJuqAoGbqgKCm6oCTNWqAkf4qgIl-6oCQvuqAk8LqwJaIasChCerAlQoqwL7K6sC1DarAiU6qwIoOqsCLTqrAj5BqwI0SKsCbEqrAt1PqwKuWasCxXSrAsaXqwKImasCT6GrAhmkqwJPpqsC26urAhWuqwJCrqsCO6-rAmOyqwIWtKsCGrSrAiG0qwIltKsCKbSrArtBEQPBbCQEMl73BPdf9wRIYPcETGD3BGCE9wTkhPcEHH2uBUB-rgXGiK4FbI2uBVeWrgUumK4FNZiuBT2YrgVUmK4FfJquBZqcrgXfnK4Fs5-uBSyirgWvo64FuaOuBRCnrgXjq64FnqyuBamsrgUMra4F5rCuBQGxrgVnsa4FZrKuBeayrgUWtK4FGriuBe-4rgWQuq4Fo7uuBWS8rgUvva4FzL2uBYW-rgXAvq4Ftb-uBTbCrgWhwq4FY8OuBfDDrgUrxa4FkcauBdHGrgUmyK4FTsiuBfLJrgUEyq4FdMquBeHKrgUCy64FncuuBZ_LrgUczK4FCc2uBVvNrgXcza4FEs6uBarOrgX6zq4FIM-uBUPPrgVUz64Fmc-uBdPQrgUq0a4F2tGuBf3RrgVG0q4FpNKuBbPSrgXW0q4F2NKuBfrTrgWg1K4F_NSuBS_VrgWqNaAMrc5lDs7R-xLW4fsSi_X7Ep4L_BK7JfwSACb8EgEm_BKqK_wShSz8EvAu_BIxL_wSeC_8EsEv_BJgMPwSaKLqFPdWaxo&awbid_c=AKAmf-B-Jb9Xxhbr6B5Z6GDDOy8300dmg1Ioa0CGTkJuZEKIJirADk6BUOPhP_5hsU4xBdctj52sNKQItM88qJVBKeimnZ72VyiwLbBHdIyIzSVoHYZ4ecYOiVTQigKNiGsFkajkNhVxyKoFxtBKBd1R2HbYyAc4BIKYK-UCS_MZ2OuT-aXK7RbNYD3rYfJPy34z821XaV-arLfygWKV6FeVEun4ZoOBBbXePa01eCvwRP_ZxQwKPEt6IRfYaN92M7rlsJ_ZUzjX&awbid_d=AKAmf-DjKGSi5KL6-Sfesg7GweWof63jecBBb6bTqxy7KJhs_vyh_YnGFF9zacXLmSFS_0RR5GrOkrY8GK1CBOAavI7dqkR9TmqxigH-kMJ_p1grpGwDcKJnGAvsYUBaa6_UeKoGnAtVXsh5COtELL0QgwskC9DkYg5vEpCs7VlABGykRzvr24KXsPVrquv-laARDklDQr3MURYKbsI6b4IZCDSg0VKeS3r5GIRGHaIObbTLwxB2PrWDD78YujvBgthPxKgU8hPvSVOZ0Psjq24bZ4bmKSzg6xQznOW5nJQqyRL0WvXq-Dhy266Y3hEE-WF4eCAPUvFZM7FDjpvngQmSdjRUkttsldGlJiGX-9uX9PCa_rRkv3UEKP4S9PKbmQnuvhTnokB364FyCl-M6P9XRyWARztX3gWX8kHkhTVjKTiFkcQrbl6x8B6J30L4a62FCv4AXBDsbZolr4UGba3cUQDqWeSBvUaZDvEw3zkpbhilfYZG8jjFOLYt7euzaY_S17_RBAabw0bxWJ-UhB8TgD8Y2VFZl0PPhaj8Xo8_Z5i63aTjc_LyGqrkIA_YDt2lzTlX_ZrCgRhmuld-rCCFJtVuunXhsknchg5ZbaEo-PayVLIIRy_ySBVGyZr5xIbAL4wsAjjviwCdNLQxS3rNOoblzgyHzT-2cYUCp3GOUlqvVbnnXAakC5NrscZhqLGFWoHCN6m9V0lhp12lUDWj9ZpmMpbEHct2RRb8GA36W4PkkQ_ET_vHmr6jozcFhUZk7WUa3yfAck2sRXc-XrcZLjfga7e9skWNvyBo11rPJqdQlzhyhAWTKBw2RcUH-3H5Ehu5V4ufB_IROVaAAnOeDyn6d8qsn5AYfzj96sRz8RYX-phPLZLoeMiOP18wD5IYIviNpJ69&cid=CAQSMgDpaXnfvi3OYVkcGA0XA0Ksl8nQ1U-Kn_LH16fRM9rUL2Wfm7qBtfs716p-HojHOfvJGAE&exk=900208128&rfl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&a_pr=6:0.144841
Frame ID: 8E67A16D6FAFB768A357A6B402F63059
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: E23224ADB9C9D60E7B63275CAC2B7217
Requests: 3 HTTP requests in this frame

Frame: https://proton.ad.gt/join-ad-interest-groups.html
Frame ID: 644438326ED4C7393C6FA4435FD8522F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: C0AEF0E22B4F151DC6FA09F2CBDCC8D8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=controlc.com&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 479BAEE6B111D66E9DBEDD985BCA8294
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 881932B0EB141D18FD9F651F93D5CA77
Requests: 1 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=4682884&imprId=F33F2A41-AA74-4C60-83B6-5297C38127C5&cksum=EAF8CE3FC84F0720&adType=35&adServerId=243&kefact=0.141529&kaxefact=0.141529&kadNetFrequecy=0&kadwidth=970&kadheight=250&kadsizeid=32&kltstamp=1727944349&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.144841&dcId=2&tldId=0&passback=0&svr=BIDNJE10669&adsver=_156897652&adsabzcid=0&cls=BID&i0=0x3100000000000000&i1=0x41112100&ekefact=nVb-Zra2AgAp-5v49G9-4xR26Q25LAymoHGyAR61Te23qOK5&ekaxefact=nVb-Zry2AgBYpR_Kr7OZQ8f2u-wan8OYExar9ix3Z5XGQ1GH&ekpbmtpfact=nVb-ZsG2AgCPKbEnLg9_ZgxWbro8_LHUJVGUxBuPfqMycXVf&enpp=nVb-Zse2AgBXqyBw65ckE5tCTvbgzbv4tJryCvCnoyeXL2VL&pmr_m=nVb-Zsy2AgCf-fgx9OouOTW7ahU7aeAGK9Qzky5TzEmlSca1&mdsp=nVb-ZtC2AgCZ6kwsjYnJzOyKzyCO_n1QmcUKKsav7ppXzMzC&pfi=1&domId=15792293558594008061&dc=NJE1&pubBuyId=14924&crID=715499939722&lpu=ama-assn.org&ucrid=3907340797347378858&wAdType=10&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=2&wDspId=80&wbId=2&wrId=0&wAdvID=15028&wDspCampId=167711760161&isRTB=1&rtbId=529581DC-A877-49C3-A21C-9CC72D15B33FB&ver=21&dateHr=2024100308&usrgen=0&usryob=0&layeringebl=1&usrip=162.245.206.248&gctry=us&uid=0&mid=0&vph=250&wccookied=0&qpsladszid=681&oid=F33F2A41-AA74-4C60-83B6-5297C38127C5&country=US&cntryId=232&domain=controlc.com&sec=1&pAuSt=3&wops=0&sURL=controlc.com&BrID=5&te=1
Frame ID: ED5B3979AF2A0F18F782E717B76972A1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkkmgIOXB0dMDsOIbaQKjcrxZIKwzMq_C-qArjT8uf6pdAVmgApWvP_UTs1eXVYns-eA78iPYqtHayCMCbOT1BjrYEktzaxQ_lpVgW8KaCQ94jMkqBbXNZTF0pUcUiunCVfufrKyvvQpcRP4wLcm3-wUQ7-6gUcF8tLVGrbHR41OPmopoJ7R7mBzyU8Yq0Miz0W0-XErJC9cVRv1uGKkFeFrTN9924vkJE9gZBtpedeU7UDvFDX9BfCLDVjDvgt0ScYkqpUk1Df_p4EiN_yuT2uE8oKnOXTKCqxLw0GpGb-d8HaNwnU097N2Iom4iOiCo6NC9y8FKajr7_NykNCTU97j4ANbcWzqFTzQmhwWhR7w0yQ7X_Jh5kl-ar_90zO9QTgOCx_uNLoFSdAuZGC6rbiTvn6jTsBcXP_IJLqYwvPYXZV8qLV1HPBCUMDe3uY9olLL8&sai=AMfl-YQvZmyRVmcvEbYQ-0QNoQi84zkQ8pSK4yE8IbELRVNukykhJyPtK73J2hVT1iSvsgi9edSvpJl9Mj9-Z21hdx3AolWUcSaiCWZ-YVshfjRvQIH26HK8u5QYRWPA&sig=Cg0ArKJSzB7IIdpvoeEhEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: CD3B847B7C8E7FB7910F383090BB7CB5
Requests: 9 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3323352&wsid=0&pdom=controlc.com&purl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&usprivacy=1---
Frame ID: F4A9B0D634973837FDE1327091E04D0C
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Frame ID: 215975B33EB732F8878F7B2A29CC9FE9
Requests: 1 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-4.0.html
Frame ID: D06A6065F47AAFD8BFF3A770D661B9E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARio-uKYAjAB&v=APEucNX6CGskChgtrUhRZ-ZSP1CjFHxw2NFOOrBAMG5lnEX4rZW68XCuyqUnGJligwskjPZAwftKbFA1ISc_xjnOB90jdqTflg
Frame ID: E7342AEDBED36FA7BEF7CC63793B6159
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DIUaUg3s2cCX7Dm_v2gILl4l32HoQTUsupCfGY-2WMi5tLlQhSAoItGycuykX2ZdOYv_qQ6n4ivW2_24AuLkQvkbPOIQV6-kpYQFicTecJ9GL9Ajw
Frame ID: 38C2BBFEDDDD3E4F7802E1C721542F2C
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3FBFE73AC5FECCC0E861365B3C4B1CB2
Requests: 1 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156872&siteId=284982&adId=1373833&imprId=4E416908-A79F-4DB8-A65C-B324EDA3D75B&cksum=8B26B10B3FE6B35E&adType=10&adServerId=243&kefact=0.442701&kaxefact=0.442701&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1727944351&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.478400&dcId=1&tldId=0&passback=0&svr=BIDSFO0047TB&adsver=_2186550348&adsabzcid=1&cls=BID&i0=0x2100000000000000&ekefact=n1b-ZnFdBACEKZCxeBLM108WFt-2dc-CIONc6NBwPFrv6QuU&ekaxefact=n1b-ZnldBABXfbONVu1dh3rXuoN4GS-aBw77s9r7TIZIN0s7&ekpbmtpfact=n1b-Zn9dBACxOK_UL9gTk55WgJqd0uY3iHKOnf2DhER7xeH5&enpp=n1b-ZoZdBADpG3SZq56OCOog8w0zr3NhiR_Nl7kGOiq19Ttl&pmr_m=n1b-ZoxdBAC8IZSkKF8H4l_Be3qZXvJ7zweNhZsRbWYTthba&mdsp=n1b-ZpJdBADTmICj1e69iPwzSeHBJfUhTtyCRkDOQEEoH08C&pfi=1&domId=15792293558594008061&dc=SFO&cpd=2&cpid=E0ED03CD-4A38-4ED3-A1D4-56486028D532&pubBuyId=22768&crID=588823848&lpu=fiverr.com&ucrid=15151433731262691792&wAdType=10&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=3236534&wDspId=80&wbId=1&wrId=0&wAdvID=15653&wDspCampId=19606222002&isRTB=1&rtbId=C0D25114-4F25-465E-8D1A-2B8EE2CFF93CB&ver=23&dateHr=2024100308&usrgen=0&usryob=0&layeringebl=1&usrip=162.245.206.248&gctry=us&uid=1&mid=0&wccookied=0&wcrnk=-1&qpsladszid=7&oid=4E416908-A79F-4DB8-A65C-B324EDA3D75B&cntryId=232&domain=controlc.com&sec=1&pAuSt=2&wops=0&sURL=controlc.com&BrID=5&oiabdvt=2&te=1
Frame ID: 822D6FFF0ADD240263AF80FAC435BD33
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: 816A3D0932662E3BBFEB0FF4FFCB7A70
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3E05ADC244F5EF6E22CB8227730F9131
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The easiest way to host your text

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

252
Requests

88 %
HTTPS

29 %
IPv6

61
Domains

106
Subdomains

83
IPs

5
Countries

2437 kB
Transfer

6378 kB
Size

269
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://controlc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Request Chain 32
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 36
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.83&coppa=0&us_privacy=1--- HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.83&coppa=0&us_privacy=1---&b=1&tp=DKTS0PWkY5%2BLWawhANNyhmP12viRW%2BRtR7j4zVW8YI0%3D
Request Chain 43
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.83&coppa=0&us_privacy=1--- HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.83&coppa=0&us_privacy=1---&b=1&tp=iUZflwkafaz1O64tBfAT1YUCikDnRPCL2ff3gUvzQLM%3D
Request Chain 94
  • https://rp.liadm.com/j?dtstmp=1727944348966&did=did-0047&se=e30&duid=f90009682691--01j98r4mqbwdpvg1wf9vbnmef8&tv=8.49.83&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&us_privacy=1---&wpn=prebid&cd=.controlc.com HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1727944348966&did=did-0047&se=e30&duid=f90009682691--01j98r4mqbwdpvg1wf9vbnmef8&tv=8.49.83&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&us_privacy=1---&wpn=prebid&cd=.controlc.com&i6=MmEwNDpjNjA0OjYxNToxOjo1
Request Chain 96
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3709459491829665000V10
Request Chain 101
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001727944349-1R9T7QAL-78ES%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&adnxs_id=3876195260578121680&gdpr=0
Request Chain 102
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001727944349-1R9T7QAL-78ES&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=6ce2d808-e2a0-4054-944c-bde259c45f88&id=AU1D-0100-001727944349-1R9T7QAL-78ES
Request Chain 103
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001727944349-1R9T7QAL-78ES HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001727944349-1R9T7QAL-78ES HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=BBAA8DF7-E390-467E-9A7F-C62D9055AC03&id=AU1D-0100-001727944349-1R9T7QAL-78ES
Request Chain 105
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001727944349-1R9T7QAL-78ES&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001727944349-1R9T7QAL-78ES%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001727944349-1R9T7QAL-78ES&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001727944349-1R9T7QAL-78ES%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=968b3549-a966-4dba-aeb4-32e5497c289f%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001727944349-1R9T7QAL-78ES%252526tapad_id%25253D968b3549-a966-4dba-aeb4-32e5497c289f%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6ce2d808-e2a0-4054-944c-bde259c45f88&ttd_puid=968b3549-a966-4dba-aeb4-32e5497c289f%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001727944349-1R9T7QAL-78ES%2526tapad_id%253D968b3549-a966-4dba-aeb4-32e5497c289f%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&tapad_id=968b3549-a966-4dba-aeb4-32e5497c289f
Request Chain 106
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001727944349-1R9T7QAL-78ES HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&google_error=15
Request Chain 107
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001727944349-1R9T7QAL-78ES HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyNzk0NDM0OS0xUjlUN1FBTC03OEVT
Request Chain 109
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001727944349-1R9T7QAL-78ES&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001727944349-1R9T7QAL-78ES HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001727944349-1R9T7QAL-78ES&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001727944349-1R9T7QAL-78ES HTTP 302
  • https://ids.ad.gt/api/v1/adb_match?adb=85833650942936553521639466197083373697&id=AU1D-0100-001727944349-1R9T7QAL-78ES
Request Chain 110
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001727944349-1R9T7QAL-78ES HTTP 302
  • https://ids.ad.gt/api/v1/amo_match?turn_id=3617358378010279803&id=AU1D-0100-001727944349-1R9T7QAL-78ES
Request Chain 146
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=WBPVVLQ6Fq2JTSROh7nt4ortBvM32I4yjl-jxR3VuUI&pi=gumgum&tc=1
Request Chain 147
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=8375283706388319130&gdpr=0&gdpr_consent=
Request Chain 151
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Zv5WnQAGlHfEAAA3
Request Chain 152
  • https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba HTTP 302
  • https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Request Chain 172
  • https://x.bidswitch.net/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=43d08211-94de-49f0-8ce8-5ac6875960ed&ssp=sortable&gdpr=&gdpr_consent= HTTP 302
  • https://global.ib-ibi.com/image.sbmx?go=298769&pid=541&xid=10611184411068807509&ssp=sortable&gdpr=&gdpr_consent=
Request Chain 201
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Request Chain 203
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=396059&iiqidtype=2&iiqpcid=3de9e5ee-883a-40d7-9178-c2f7386788f0&iiqpciddate=1727944350896&tsrnd=972_1727944350897&fbp=2734018296&jsver=5.36&abtp=100&abtg=A HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=396059&iiqidtype=2&iiqpcid=3de9e5ee-883a-40d7-9178-c2f7386788f0&iiqpciddate=1727944350896&tsrnd=972_1727944350897&fbp=2734018296&jsver=5.36&abtp=100&abtg=A&ckls=true&ci=p9gIGDfHNo&nc=false&trid=307892844
Request Chain 221
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://s2s.t13.io/setuid?bidder=smartadserver&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1681707399010623644
Request Chain 230
  • https://id5-sync.com/i/535/8.gif?id5id=ID5*3pexBcdx6PhIGGPRmnzPj_iyUmcZWGFp3MF-qdz0lWLK4GcYUg31dKYQB8Z5aGAR&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F108%2F7%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/535/108/7/2.gif?puid=968b3549-a966-4dba-aeb4-32e5497c289f&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-7fb6LoA7y6HpsOJzjRy8EUOBVPCpslo1MK2aNQVGUQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F535%2F124%2F6%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/535/124/6/3.gif?puid=40b9c788-552c-4d45-ab75-deb5d4c463b7&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
Request Chain 231
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Request Chain 236
  • https://bh.contextweb.com/bh/rtset?pid=563220&ev=1&us_privacy=1---&gpp=&gpp_sid=&rurl=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpulsepointfsx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://s2s.t13.io/setuid?bidder=pulsepointfsx&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=QbbapYOByUpq&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=563220
Request Chain 241
  • https://cms.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0&gdpr=&gdpr_consent=&us_privacy=1---&redir= HTTP 302
  • https://s2s.t13.io/setuid?bidder=quantcastfsx&us_privacy=1---&uid=7h6udO0e8XX1S_8nvhvlKexM-nL1EP8g6hlcbWoP

252 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request e4d11035%20benign.exe
controlc.com/e4d11035%20benign.exe%20https://controlc.com/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.38
Resource Hash
a770bf9b5b48da91710fac55755757ef910f55c12d39cde1e19acaade6440001

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
BYPASS
cf-ray
8ccb94df5c5e0921-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 03 Oct 2024 08:32:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=erTK6s5kUJcavAzaityJiyyT1ow7uqNg27oNgaCDwhkqKQiDmt%2FwBYMNYA0i5gJ2yFBcAO2Q4geTyRuNMJKyG82%2FGmePlHsC03vtcl3rcaoDlbbr0d8PkQO%2BtKQ3gRs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-powered-by
PHP/5.5.38
speculation
controlc.com/cdn-cgi/ 		128 B
534 B 		Other
General
Check archive.org
Download Go to
Full URL
https://controlc.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://controlc.com
Referer
https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FKzLCCyTQJcBuCOLqHuoAgDLjjpGTewwdJ%2F4VJOu%2BqOMXaNOzHWuL3cJhI8BQ6kfQnfs3rvuaZiLjGVYwNXaSf7cQVHWS4mu6fTNaAGfbTh8NbsjhYSDVi33B7jeScY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccb94e1fee40921-LAX
access-control-allow-origin
https://controlc.com
content-length
128
date
Thu, 03 Oct 2024 08:32:25 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
global.css
controlc.com/public/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controlc.com/public/css/global.css
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd4e7001db94b80bc6dab74d980a9c6c65933917e3af6de002442a6afe562f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"555139ee-3b05"
age
4619
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dR3YKp2gL7%2Bl4538kwPR6A8hnYt07vL7UbIb0CBtfuuv2jCaatGXJSzsGJMjvxu7GGaj4vmDsjhAnYCNakJoMwYl3%2FkIZYA%2FZHiQuwXDpFP5SoIQo2%2F4yM7xnxn1WcA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccb94e1fee70921-LAX
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 08:32:25 GMT
content-type
text/css
last-modified
Mon, 11 May 2015 23:23:26 GMT
vary
Accept-Encoding
server
cloudflare
bootstrap.css
controlc.com/public/css/ 		97 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controlc.com/public/css/bootstrap.css
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa2d5d522b04b79738c2c7497ca8286046fbb7712d49569b58c60c8535780755

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"555139ee-182dc"
age
3529
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G0z4Z1eAI%2FpfpxkRq0gF4dP7seWV%2Fw1wUVvwcx30kJrBStm7fDqrPthOWPRjEUs7E4W23qCwo5iWOgdbRKwcXvdtBwhFpAOsWRk6%2FJQmINN%2FKikHivfaNd5Oputt1LQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccb94e1fee90921-LAX
date
Thu, 03 Oct 2024 08:32:25 GMT
content-type
text/css
last-modified
Mon, 11 May 2015 23:23:26 GMT
vary
Accept-Encoding
server
cloudflare
bootstrap-responsive.css
controlc.com/public/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controlc.com/public/css/bootstrap-responsive.css
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e738183a60e8cf19e763729b96c19d0ccee30f225e75ad61b8648a3cc7bfa969

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"555139ee-37e4"
age
576
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0F7JXMQcStydBdNt6PuYWs%2BlzxzCOKF1LZh3dAm%2BL3murw3Etre5g1ssFga0L4PslMrUZn0kTXd5%2BVIA%2BkQTRcoDNtxoC4lMdYiCKZlFEyPkn5PLT0vQ9ZnMNlWgF30%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccb94e1feeb0921-LAX
date
Thu, 03 Oct 2024 08:32:25 GMT
content-type
text/css
last-modified
Mon, 11 May 2015 23:23:26 GMT
vary
Accept-Encoding
server
cloudflare
smallpage.css
controlc.com/public/css/ 		30 B
471 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://controlc.com/public/css/smallpage.css
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e62798140379008b3de9cf422020c1e5abd0bfc16440ebc66dcb8f5c80c8c663

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"555139ee-1e"
age
3084
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CcLUhqIPFaSmDTiXLbiJZG5CWRh9IZ9hqzale7NkkhN4LGjuZLvBHPSI5k6ijW%2Bsf0ylDo0jALs4tTJegU3DkbTf7Fe4qxRwFLU6h9t1Dd5yMmlFSAK9joy4Xg36Pe8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccb94e1feec0921-LAX
date
Thu, 03 Oct 2024 08:32:25 GMT
content-type
text/css
last-modified
Mon, 11 May 2015 23:23:26 GMT
vary
Accept-Encoding
server
cloudflare
jquery.js
controlc.com/public/js/ 		150 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controlc.com/public/js/jquery.js
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21f4265b3a5d2022b7b4da2cb5247039ef8eb6518b7ed2a8f7f0be0c87d421b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"555139ee-257be"
age
139
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xPVEDKhMn8QpPx5ndtpguy7QVB7KpBlgayP8B70Fn4i14lBvVsEd4nTnY0LqK91jhZLSVJ4TB6J%2Fl0FNZqptt%2FnPVv6YQn5zfJgdkuvH3YlmwnqNrLsfbfrXVZbErCA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccb94e1feed0921-LAX
date
Thu, 03 Oct 2024 08:32:25 GMT
content-type
application/javascript
last-modified
Mon, 11 May 2015 23:23:26 GMT
vary
Accept-Encoding
server
cloudflare
cls.css
a.pub.network/controlc-com/ 		485 B
765 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/controlc-com/cls.css
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0be5718f216fd2b289375e348e8115ed84df63f313ce02424f2f1483f259612
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=kuwBIw==, md5=sg9fsbTuTyAdHEgR3OYUqA==
cf-cache-status
REVALIDATED
etag
W/"b20f5fb1b4ee4f201d1c4811dce614a8"
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Thu, 03 Oct 2024 09:02:26 GMT
x-goog-stored-content-length
485
date
Thu, 03 Oct 2024 08:32:26 GMT
content-type
text/css
last-modified
Wed, 02 Oct 2024 20:59:29 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljvLMCmVRl3DuDRo2sBNxnD1gnFcWGkn2HbXovek3VJ-hx7aWsfUtkKVrTxM0M5D66fnsjn1ReDr_Q
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ccb94e26ab6100b-LAX
access-control-allow-origin
*
x-goog-generation
1721143095004603
server
cloudflare
pubfig.min.js
a.pub.network/controlc-com/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/controlc-com/pubfig.min.js
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c396e678cf2db4e0553c655ac2c42c0c48793872de82e5119d99e6d45c759642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=QSogMQ==, md5=tQmeoThV76NkcWG3MEK/Pw==
cf-cache-status
HIT
etag
W/"b5099ea13855efa3647161b73042bf3f"
age
41501
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Thu, 03 Oct 2024 09:02:26 GMT
x-goog-stored-content-length
43278
date
Thu, 03 Oct 2024 08:32:26 GMT
content-type
application/javascript
last-modified
Wed, 02 Oct 2024 20:59:30 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljtXiG68bAvQobTiGCpvvFMD2bfdSrsNmLoEXBRL1tn8GPUYa0gpu-9U5fWT9ygKCwgeDQ
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://d.pub.network/v2/sites/controlc-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ccb94e34baf100b-LAX
access-control-allow-origin
*
x-goog-generation
1727902769966123
server
cloudflare
getpaid.png
controlc.com/public/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controlc.com/public/images/getpaid.png
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj
h2pri,csam-hash
etag
"555139ee-196e"
age
5016
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNqXl%2BKL3UKA3FDx%2FeToXo%2B8KY%2FNGQGfx3bbnFHJPj%2FvAYaqNQaCkkhufPWdxgOvNcmmV1sA2lQdXaM8l2FEc9B%2FKEX5%2FWOb0Cy5KC09uXrpRfx3l47%2FmZgOR3XJ4iA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccb94e26f4a0921-LAX
accept-ranges
bytes
content-length
6510
date
Thu, 03 Oct 2024 08:32:25 GMT
content-type
image/png
last-modified
Mon, 11 May 2015 23:23:26 GMT
vary
Accept-Encoding
server
cloudflare
logo.png
controlc.com/public/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controlc.com/public/images/logo.png
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj
h2pri,csam-hash
etag
"5d838aad-2f2e"
age
2038
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VhQKU7LSBQkQUG6ndcMkQigjmepZTEQ%2BWN1%2BPS6Pd0ivjr2r17PYgvtoZCLxNvowXEaJJeJW9yzHinBKil%2BvegjIPYm0yBM9B%2BTNYcE7czW7BgTH4EFkm1zCSWnY8oo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccb94e2cfb50921-LAX
accept-ranges
bytes
content-length
12078
date
Thu, 03 Oct 2024 08:32:26 GMT
content-type
image/png
last-modified
Thu, 19 Sep 2019 14:03:25 GMT
vary
Accept-Encoding
server
cloudflare
muo.png
controlc.com/public/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controlc.com/public/images/muo.png
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ff9977af2b5f8bc4cb3ec6c0300c9a9029be11b7896a67d6af64706ab24ff69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj
h2pri,csam-hash
etag
"653549fe-6100"
age
1020
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vYAhuFk8nXg%2FsCxi4kHVu8iwslYDNYRR4q60pww6hqGJkHoaiqHwC9%2BGK%2FV2pMhbuAIZxyLobDzoSTfzCHI0tOOsb9Zn9L9plQHB125kMeDgOwUfi0K3LlfG4GroHeE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccb94e328010921-LAX
accept-ranges
bytes
content-length
24832
date
Thu, 03 Oct 2024 08:32:26 GMT
content-type
image/png
last-modified
Sun, 22 Oct 2023 16:12:46 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		264 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3KD3DPS4TE
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d88b55022f9d85f8102ad0c7cfddaf2beee5e6e8f73d05f7808013af1e6e5268
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 03 Oct 2024 08:32:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 08:32:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
94549
x-xss-protection
0
server
Google Tag Manager
bg.png
controlc.com/public/images/ 		987 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controlc.com/public/images/bg.png
Requested by
Host: controlc.com
URL: https://controlc.com/public/css/bootstrap.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/public/css/bootstrap.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj
h2pri,csam-hash
etag
"555139ee-3db"
age
5017
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d2YUG0ZGzO8HaFIZyE0u14eyRH5Pow2n3KLBTqTOVonXw5c2d4QC3z8nJEXYWStMT9tVYaqynORfA%2FD396Burl%2FCMKKkc8oZzad3KWjm9fUnAc0HBAmtCpEPpOXKC4M%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccb94e3683b0921-LAX
accept-ranges
bytes
content-length
987
date
Thu, 03 Oct 2024 08:32:26 GMT
content-type
image/png
last-modified
Mon, 11 May 2015 23:23:26 GMT
vary
Accept-Encoding
server
cloudflare
main.js
controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame E29D
Redirect Chain
  • https://controlc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://controlc.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abab6a4e17f9e089f4d8ea9df6831cc70f3ca4f59837c649e91524707fd68173
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OrEy84cRr3W5oQmZe5Uscxzv7cRp%2BeOFNxE0nKswk5wZ2yxrSqUQuWBSHcV5AbpwR6FfFbW9JfLyg8BLDeUfeVHgn%2B86oOg9pJBiFl5p%2FinjSrqDcdzf2AEUerL4hE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ccb94e3e8b50921-LAX
date
Thu, 03 Oct 2024 08:32:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5OE18Nv2%2FyLmYmNisx9IFqHONN0PpJUEKI3ucmme7IFVVgx35RyrXCfBzeH8IZYwb4dr6EDx1pycApx3KxW%2BH4op4I4%2FeEJ%2B87Ill318NvMzOsk8BrgC0oh5XclfXmw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccb94e388480921-LAX
access-control-allow-origin
*
content-length
0
date
Thu, 03 Oct 2024 08:32:26 GMT
vary
Accept-Encoding
server
cloudflare
configs
d.pub.network/v2/sites/controlc-com/ 		36 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/sites/controlc-com/configs?env=PROD
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
87fb370f04b1b338ebcf630ec698018f89a79420f351510405aca38cd66872a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://controlc.com
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 08:32:26 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
8ccb94df5c5e0921
controlc.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame E29D 		0
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://controlc.com/cdn-cgi/challenge-platform/h/g/jsd/r/8ccb94df5c5e0921
Requested by
Host: controlc.com
URL: https://controlc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUNZkvEP9nw71rA04b%2Btg6c59gGKXK8g39tQr5pb4sPhQEPsMvEQTnea6b1SdoTKMSEvrmP1uOuOi7RBRePJfkAd6txjKcNrxHFQBYvFWknrTSok6GwS2RIAQUl2%2FNg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccb94e4f9da0921-LAX
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 03 Oct 2024 08:32:26 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		104 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
4f26899b12dda4d140a1a0ea0358ae9aeaccb3ef48e5b1794cbad831cf544e64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
etag
886 / 19999 / m202409260101 / config-hash: 16390549666418878308
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 08:32:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 03 Oct 2024 08:32:26 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
32833
x-xss-protection
0
server
cafe
prebid-analytics-8.49.83.js
a.pub.network/core/ 		599 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-8.49.83.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21a0123c7d24c9800ebed7a00fffd3ec7cef85f822425e8d50562984a2b4669
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-goog-metageneration
3
access-control-expose-headers
*
x-goog-hash
crc32c=INHiOQ==, md5=2+vtU2KBem0oDoO71+u6nQ==
cf-cache-status
HIT
etag
W/"dbebed5362817a6d280e83bbd7ebba9d"
age
42156
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Thu, 02 Oct 2025 20:49:49 GMT
x-goog-stored-content-length
613609
date
Thu, 03 Oct 2024 08:32:26 GMT
content-type
text/html
last-modified
Tue, 24 Sep 2024 19:14:44 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljtKn9CtLlWLxqMdwrbbzpER2zH9GBjsp7oZq5ZZ1bY4q7cS-gi3OPl0o5TYQs2nYL5yJg
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31493843
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ccb94e56e57100b-LAX
access-control-allow-origin
*
x-goog-generation
1727205284649035
content-language
en
server
cloudflare
pubfig.engine.js
a.pub.network/controlc-com/ 		389 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/controlc-com/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aaace6236fdd87287b80219774b504cd41da9667ff077e9e3ec90a44e2448a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=saL8+w==, md5=a/id15lBB5INY6Y8fhnaWQ==
cf-cache-status
HIT
etag
W/"6bf89dd7994107920d63a63c7e19da59"
age
42154
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Thu, 03 Oct 2024 09:02:26 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
398457
date
Thu, 03 Oct 2024 08:32:26 GMT
content-type
application/javascript
last-modified
Wed, 02 Oct 2024 18:19:17 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljt0tthxcrKBb4Q3bbsaV-H2UdXhUIh4-5hEOQNAfmLvNVnsq-RQI9YvVdI02mN8GPaI533A6_WT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ccb94e56e5a100b-LAX
access-control-allow-origin
*
x-goog-generation
1727893157110417
server
cloudflare
choice.js
cmp.inmobi.com/choice/wZt3yQfgdwnz-/controlc.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/wZt3yQfgdwnz-/controlc.com/choice.js?tag_version=V2
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:6400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1d93ba67e8f6d78f4ebe80d436ec2d719706f8372444aa77fd09fd52ba0f1f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
cache-control
max-age=900
content-encoding
br
etag
W/"b9ddf03d2b0be2f9dda1a0eb30ca9412"
cross-origin-resource-policy
cross-origin
via
1.1 13d659985661cdf8f3c57901ab225276.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
zuXk-4kUrjVc5BbNU0LydETofE80m2Bk9D9Kz4YL1FDpg6gkhprJgQ==
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/javascript
last-modified
Tue, 25 Jun 2024 12:21:48 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
x-amz-server-side-encryption
AES256
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3KD3DPS4TE&gtm=45je4a10v9125033100za200&_p=1727944346098&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101529666~101671035~101747727&cid=366337405.1727944347&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1727944346&sct=1&seg=0&dl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%20benign.exe%20https%3A%2F%2Fcontrolc.com%2Fe4d11035%20benign.exe&dt=The%20easiest%20way%20to%20host%20your%20text&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1764
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KD3DPS4TE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://controlc.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 08:32:27 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
551 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3KD3DPS4TE&cid=366337405.1727944347&gtm=45je4a10v9125033100za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101529666~101671035~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KD3DPS4TE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://controlc.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 08:32:27 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 6726 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-3KD3DPS4TE&gacid=366337405.1727944347&gtm=45je4a10v9125033100za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529666~101671035~101747727&z=1095187767
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KD3DPS4TE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Oct 2024 08:32:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/ 		478 KB
478 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
9a373ae6214168509dc4fe047f320b9d27bd87ed907d66806ce9b865ca55042a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

etag
13004938057169377323
age
21222
x-content-type-options
nosniff
expires
Fri, 03 Oct 2025 02:38:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 03 Oct 2024 02:38:45 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
489262
x-xss-protection
0
server
cafe
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2c9eca453aa7ce7daf2d71dbb6a3d134154488825d9e213de5413050289508ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://controlc.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 03 Oct 2024 08:32:27 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://controlc.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 03 Oct 2024 08:32:27 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
cmp2.js
cmp.inmobi.com/tcfv2/53/ 		167 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=controlc.com
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/wZt3yQfgdwnz-/controlc.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:6400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dd1b4e7e2c6ebfd815d4cdf497a829b83e9d30089e9f2cc35830594b78ffd39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

access-control-max-age
86400
content-encoding
br
etag
W/"94ecd40669c01b7176fa0a4ffcf3fe8e"
age
147
access-control-allow-methods
GET
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Hit from cloudfront
x-amz-cf-id
gSbvZc-B3s_0kOJmL1j0aG5tzM6gdSM2D6s1YRqaZG_u-JZ0yGhEzA==
date
Thu, 03 Oct 2024 08:30:01 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 03 Jun 2024 09:45:41 GMT
cache-control
max-age=172800
via
1.1 13d659985661cdf8f3c57901ab225276.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
geoip
cmp.inmobi.com/ 		51 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=controlc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:6400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
385bd200f3facdd9f400d6bab45bb0f1d34ec4c2c00c77f11ebbf1e0e7278677

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://controlc.com/

Response headers

access-control-expose-headers
*
via
1.1 66ea06c52ae44609b3bf6f6054c081b6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
FunctionGeneratedResponse from cloudfront
content-length
51
x-amz-cf-id
c9Cef3j-6xluSK6_hVvepQga1p1N3Zr930U-neG3Zv0nUgtnyRWtkw==
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/json
x-amz-cf-pop
JFK52-P1
server
CloudFront
/
optimise.net/ 		671 B
695 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=controlc.com&t=desktop&c=US&r=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
6a0548d5077feeeb6e5d9eb0b997df12b2145b88d8ecd86aed4b73a07dd8a9f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://controlc.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
x-lm
0

Response headers

access-control-max-age
3600
access-control-expose-headers
fs-client-rtt,fs-country
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
expires
0
fs-client-rtt
59
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/json
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://controlc.com
fs-country
US
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=controlc.com&t=desktop&c=US&r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key,x-lm
Access-Control-Request-Method
GET
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://controlc.com
access-control-expose-headers
fs-client-rtt,fs-country
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 03 Oct 2024 08:32:28 GMT
expires
0
fs-client-rtt
58
fs-country
US
pragma
no-cache
strict-transport-security
max-age=31536000
via
1.1 google
favicon.ico
controlc.com/ 		663 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://controlc.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
782188de4d34d7278c4901be819c2f1c8115a48b5e36a61937b6f89596717a00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"5d82df5f-297"
age
6795
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yZsJmWAGkiDOk2Rn0cM4plwdY4tOJ1NFh047cIRCM5o55paBlLw4fh205pxqYDnpEMootO8wGGtePUq8F8Uro%2F7vVFJn%2FGA6yFy5u%2BGc3P0aW7XagzOE8fqiEfdcJyM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccb94eefc6b0921-LAX
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
image/x-icon
last-modified
Thu, 19 Sep 2019 01:52:31 GMT
vary
Accept-Encoding
server
cloudflare
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		102 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d5bf46c39d89b356938b844221412c85f6d5f18a9c4ccd929ef11862b860db1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"d69fa3f8c4db94e69f33769b6711b36d"
age
751
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
text/javascript
last-modified
Thu, 03 Oct 2024 08:10:58 GMT
vary
Accept-Encoding
x-amz-id-2
hjx6s6VTt3rq3ee7ecLlhS0yH7Zu9YCvQYFxZdPZx7BqXg7dWbAHQzCc+pqkBnej5hw8PzuL+lM=
cache-control
public, max-age=900, stale-while-revalidate=3600
x-amz-request-id
EJCZV6F8SRKQBTVC
cf-ray
8ccb94f238b20fd4-LAX
accept-ranges
bytes
content-length
22062
server
cloudflare
x-amz-server-side-encryption
AES256
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Protocol
H2
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd92fb102c992c7155ac1ede876793d44e1ad29a151eeaa3615915ed3b7c17a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"e54213ea013ee70ba6504df3580131b5"
age
462
via
1.1 google
cf-ray
8ccb94f3798778e4-LAX
accept-ranges
bytes
content-length
19416
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/javascript
last-modified
Thu, 03 Oct 2024 08:24:11 GMT
vary
Origin, Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=3600
location
https://btloader.com/tag?h=freestar-io&upapi=true
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PpXMvCoWncj173TJCGAdTkLgqwl%2Bx4ucebGncT6nucuDLmGa%2FNGVIjDMoZL0Rnp65IHzHnvMFhQwb%2Fhu3IPAn8Gm3%2FNbVcpZm%2Bn1%2BRj0BBzNUzI%2FnTG0PwwVxqHytWzifO3vP%2BBxT1j5L9yl89Hd1zcw9fy6f0o35Fb4YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ccb94f23947cba4-LAX
expires
Thu, 03 Oct 2024 09:32:28 GMT
content-length
167
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
hadron.js
cdn.hadronid.net/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
max-age=432000
content-encoding
br
cf-bgj
minify
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
age
4249
cf-cache-status
HIT
x-amz-request-id
4GNMNHQXA94JVW78
cf-ray
8ccb94f2cc787ed7-LAX
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/javascript
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
4d97a662ad
pb-rtd.ccgateway.net/v1.0/realtime/ 		398 B
732 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-rtd.ccgateway.net/v1.0/realtime/4d97a662ad?profile_id=ef3cfd39-7ebf-402d-847c-23a489c8ff78&url=https%253A%252F%252Fcontrolc.com%252Fe4d11035%252520benign.exe%252520https%253A%252F%252Fcontrolc.com%252Fe4d11035%252520benign.exe&context=true&audience=true&deal_ids=true&custom_taxonomy=true
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.221.217.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-221-217-118.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
48f11ad04221f75f7524c836d81a34e5d8af839c4496c214001be00a04c3ac7c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
max-age=3600
etag
"398-b48d083b"
access-control-allow-credentials
true
access-control-allow-origin
https://controlc.com
content-length
398
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/json; charset=utf-8
vary
Origin
edgekit.min.js
cdn.edkt.io/PV483g/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/PV483g/edgekit.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
47fe320192a454338f720922b358b42cea853f201605296fe1dc2f6c7887e6dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=DvkLsw==, md5=rrXqgGRK3LU3OW2Hht+TkQ==
etag
"aeb5ea80644adcb537396d8786df9391"
age
28721
x-goog-stored-content-encoding
gzip
expires
Fri, 04 Oct 2024 00:33:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6718
date
Thu, 03 Oct 2024 00:33:47 GMT
last-modified
Tue, 01 Oct 2024 15:11:30 GMT
content-type
text/javascript
x-guploader-uploadid
AD-8ljse9gSKFvsjJXb3hBQpPy1Nxflj3tB5A2DzlUZj8mEsvL6DuNd2q1soYTsBAMLAJNtdvfxiJ_D4MA
cache-control
public, max-age=86400,no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727795490154723
content-length
6718
server
UploadServer
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.83&coppa=0&us_privacy=1---
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.83&coppa=0&us_privacy=1---&b=1&tp=DKTS0PWkY5%2BLWawhANNyhmP12viRW%2BRtR7j4zVW8YI0%3D
42 B
138 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.83&coppa=0&us_privacy=1---&b=1&tp=DKTS0PWkY5%2BLWawhANNyhmP12viRW%2BRtR7j4zVW8YI0%3D
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Thu, 03 Oct 2024 08:32:27 GMT
content-type
application/json
vary
origin

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.83&coppa=0&us_privacy=1---&b=1&tp=DKTS0PWkY5%2BLWawhANNyhmP12viRW%2BRtR7j4zVW8YI0%3D
access-control-allow-credentials
true
referrer-policy
unsafe-url
via
1.1 google
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 03 Oct 2024 08:32:28 GMT
vary
origin
fed
ups.analytics.yahoo.com/ups/58657/ 		391 B
758 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58657/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=1---&url=https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe&pixelId=58657
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.137 /
Resource Hash
6323e644fa3d524f95c8e11e845bd3ff2eabb808a27bd7ce2c1c4a43c5150b26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000
age
0
access-control-allow-credentials
true
access-control-allow-origin
https://controlc.com
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/json
vary
Origin
server
ATS/9.1.10.137
f
fid.agkn.com/ 		151 B
684 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fid.agkn.com/f?apiKey=2111098132&r=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.126.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-126-40.compute-1.amazonaws.com
Software
AAWebServer /
Resource Hash
63f865e695f26856e6384e6c4acdf855c9a5d2561c5c822d7bdc3d86f2d1bd09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
expires
0
access-control-allow-origin
https://controlc.com
content-length
151
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/javascript;charset=iso-8859-1
vary
Origin
server
AAWebServer
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
329 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=controlc.com&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ad4c63e69c70fb1903ebff7b49b78ecee259f680d5625c9304ad3cf70a7a80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

content-encoding
br
allow
POST, OPTIONS, GET
cf-ray
8ccb94f2df5fd7af-LAX
access-control-allow-origin
*
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
envelope
api.rlcdn.com/api/identity/ 		0
0
any
idx.liadm.com/idex/did-0047/ 		378 B
791 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0047/any?duid=f90009682691--01j98r4mqbwdpvg1wf9vbnmef8&us_privacy=1---&did=did-0047&cd=.controlc.com&pu=https%3A%2F%2Fcontrolc.com&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=thetradedesk&resolve=medianet
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.142.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-142-207.compute-1.amazonaws.com
Software
/
Resource Hash
39285d3828cf2f4ac7ce28f19fea967a91ba152377039c52e645a745cb19df35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=86399, private
trace-id
7eb10d97746cb248
request-time
4
access-control-allow-credentials
true
expires
Fri, 04 Oct 2024 08:32:28 GMT
access-control-allow-origin
https://controlc.com
content-length
378
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
text/plain; charset=UTF-8
vary
Origin
rid
match.adsrvr.org/track/ 		109 B
562 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e52c3c88b94eb01147119d9708ae7c15a3a9f2876129c5b34aa7125842778d03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Sat, 02 Nov 2024 08:32:28 GMT
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.83&coppa=0&us_privacy=1---
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.83&coppa=0&us_privacy=1---&b=1&tp=iUZflwkafaz1O64tBfAT1YUCikDnRPCL2ff3gUvzQLM%3D
42 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.83&coppa=0&us_privacy=1---&b=1&tp=iUZflwkafaz1O64tBfAT1YUCikDnRPCL2ff3gUvzQLM%3D
Protocol
H3
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/json
vary
origin

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.83&coppa=0&us_privacy=1---&b=1&tp=iUZflwkafaz1O64tBfAT1YUCikDnRPCL2ff3gUvzQLM%3D
access-control-allow-credentials
true
referrer-policy
unsafe-url
via
1.1 google
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 03 Oct 2024 08:32:28 GMT
vary
origin
fed
ups.analytics.yahoo.com/ups/58657/ 		391 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58657/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=1---&url=https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe&pixelId=58657
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.137 /
Resource Hash
7b8444a91947796fedf2b5e080d5a5e484493db385443ddad5cc0a153b3e8eb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000
age
0
access-control-allow-credentials
true
access-control-allow-origin
https://controlc.com
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/json
vary
Origin
server
ATS/9.1.10.137
f
fid.agkn.com/ 		151 B
681 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fid.agkn.com/f?apiKey=2111098132&r=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.126.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-126-40.compute-1.amazonaws.com
Software
AAWebServer /
Resource Hash
1c93c1979b0cc25970a10afb9de41f2ff109083a11d3fd9ed0746772ff5ad7d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
expires
0
access-control-allow-origin
https://controlc.com
content-length
151
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/javascript;charset=iso-8859-1
vary
Origin
server
AAWebServer
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
178 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=controlc.com&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ad4c63e69c70fb1903ebff7b49b78ecee259f680d5625c9304ad3cf70a7a80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

content-encoding
br
allow
POST, OPTIONS, GET
cf-ray
8ccb94f35875d7af-LAX
access-control-allow-origin
*
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
any
idx.liadm.com/idex/did-0047/ 		378 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0047/any?duid=f90009682691--01j98r4mqbwdpvg1wf9vbnmef8&us_privacy=1---&did=did-0047&cd=.controlc.com&pu=https%3A%2F%2Fcontrolc.com&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=thetradedesk&resolve=medianet
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.142.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-142-207.compute-1.amazonaws.com
Software
/
Resource Hash
39285d3828cf2f4ac7ce28f19fea967a91ba152377039c52e645a745cb19df35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
max-age=86399, private
trace-id
7eb10d97746cb248
request-time
4
access-control-allow-credentials
true
expires
Fri, 04 Oct 2024 08:32:28 GMT
access-control-allow-origin
https://controlc.com
content-length
378
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
text/plain; charset=UTF-8
vary
Origin
rid
match.adsrvr.org/track/ 		109 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e52c3c88b94eb01147119d9708ae7c15a3a9f2876129c5b34aa7125842778d03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Sat, 02 Nov 2024 08:32:28 GMT
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
page_load
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/page_load
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.236.67.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-236-67-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://controlc.com
access-control-max-age
86400
date
Thu, 03 Oct 2024 08:32:28 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
quant.js
secure.quantserve.com/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
private, max-age=604800
content-encoding
gzip
etag
"HP/dXILNCv8vRT01LqWQOg=="
expires
Thu, 10 Oct 2024 08:32:28 GMT
accept-ranges
bytes
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/javascript
vary
Accept-Encoding
freestar_close_button.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/freestar_close_button.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=xUDeFg==, md5=1OG2/3P8Bvg2SBLmidtA+g==
cf-cache-status
HIT
etag
W/"d4e1b6ff73fc06f8364812e689db40fa"
age
2549
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Thu, 03 Oct 2024 09:32:28 GMT
x-goog-stored-content-length
1211
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
image/svg+xml
last-modified
Wed, 04 Sep 2024 08:16:13 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljs6nPjyfOMGLe4s5YjL3RRiCiS2Ap109qdTQAdOnQY8s1bgdV24MKpuvMT6lsI9e4usHg
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ccb94f23d02100b-LAX
access-control-allow-origin
*
x-goog-generation
1725437773526766
server
cloudflare
page_load
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ 		60 B
364 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/page_load
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.221.217.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-221-217-118.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
662a11022bd585bc2ea6bf2e1dc35c33b8e68b1c27c5aea83da55ba8e48f7499

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://controlc.com/

Response headers

access-control-allow-origin
https://controlc.com
content-length
60
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/json; charset=utf-8
vary
Origin
access-control-allow-credentials
true
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
cf-cache-status
HIT
etag
W/"326d6cbd977657e1205bd616d1f2faca"
age
2549
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Thu, 03 Oct 2024 09:32:28 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1193
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljs3ZeDVwWIuwOFfnxbaRieIGKsRGtDDL0OkM7t0OFGu_-KPwwgathOqcwiXEVwB7L1XyHU
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ccb94f25d14100b-LAX
access-control-allow-origin
*
x-goog-generation
1599584677716817
server
cloudflare
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame D4F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1830
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29417
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Oct 2024 08:01:58 GMT
expires
Thu, 03 Oct 2024 08:51:58 GMT
last-modified
Mon, 30 Sep 2024 19:42:40 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202409260101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
bf48621b8007e02bc674735cd562b54bd9a0d917db1abc2adc5f111754bd0865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12735
date
Thu, 03 Oct 2024 08:32:28 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
740 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2867010303201669&correlator=4026386907192659&eid=31086810&output=ldjh&gdfp_req=1&vrg=202409260101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=15184186%3A23008567153%2Ccontrolc_google_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=4061838640&sfv=1-0-40&ists=1&fas=8&fsapi=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1727944348527&lmt=1727944348&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&td=1&egid=43074&tan=61cb2158-e7e4-4228-b950-e7ef4143484c&tdf=2&topics=9&tps=9&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJDY5NDBlODViLWQ0NjYtNDBlNy1hZWIzLWU0YTdmMjE2YTA5MlgB&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1727944345879&idt=1635&prev_scp=fs_ad_product%3DgoogleInterstitial&cust_params=fsitf%3DN-YYN-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26fs_session_id%3D48fd1c69-ad80-4913-8884-226ddb56c97c%26fs_pageview_id%3D75256b26d98f349b84adf03118a927ee%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D59%26fs_testgroup%3Dexperiment&adks=943798360&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
7ffddeea0560cc868d6f000aa6c817fa15f35a50739b7b3784b62f528884e9af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
google-lineitem-id
-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://controlc.com
content-length
708
x-xss-protection
0
server
cafe
container.html
d0867346db9452d1fff2d62a7f27f941.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8B34 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d0867346db9452d1fff2d62a7f27f941.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Oct 2024 08:32:28 GMT
expires
Thu, 03 Oct 2024 08:32:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
e67c2983ce9f0d72efa2023c2d0e5c15de736310798d5f57cd4414edfbcc5e27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
etag
15111768174442336325
age
70443
x-content-type-options
nosniff
expires
Thu, 02 Oct 2025 12:58:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 02 Oct 2024 12:58:25 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
15642
x-xss-protection
0
server
cafe
hadronid
id.hadron.ad.gt/api/v1/ 		54 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf5435c55a81e3f050dc22ed008eb354bcecd1c042316e81a95a488a6c0ae43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cf-cache-status
DYNAMIC
debug
NON-OPTIONS
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials
true
cf-ray
8ccb94f3be167bc5-LAX
access-control-allow-origin
*
content-length
55794
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
Content-Type; text/javascript; charset=UTF-8
server
cloudflare
access-control-allow-headers
authorization,content-type
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202407090940/ 		284 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"76074361c87e7c8d3af88302818b71f9"
age
580047
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 09 Jul 2024 14:20:21 GMT
vary
Accept-Encoding
x-amz-id-2
wBYbNSfNTdtfYm2wB3Xmu3b1+7k4hRh7vF8TSbThyfQAcgNbFQfx7qbfCWf3aMrn0p9JPyEqvAI=
cache-control
public, max-age=31536000
x-amz-request-id
583F211KS2PHKV8B
cf-ray
8ccb94f309e60fd4-LAX
accept-ranges
bytes
content-length
103346
server
cloudflare
x-amz-server-side-encryption
AES256
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 6A88 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=63053
content-encoding
gzip
content-length
859
content-type
text/html
date
Thu, 03 Oct 2024 08:32:28 GMT
expires
Fri, 04 Oct 2024 02:03:21 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
topics_frame.html
pa.openx.net/ Frame D1C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
952
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
1036
content-type
text/html; charset=utf-8
date
Thu, 03 Oct 2024 08:16:36 GMT
etag
"c5379e35e267deacc52e06ed0f5fa81f"
last-modified
Mon, 22 Jan 2024 14:38:43 GMT
server
UploadServer
supports-loading-mode
fenced-frame
vary
Origin
x-allow-fledge
true
x-goog-generation
1705934323795552
x-goog-hash
crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1036
x-guploader-uploadid
AD-8lju2XSvEPR13ozi09IbxG-_vre35huFwJ08U6Rzpp0x8b9ecSbeLUdrwXG0uuvM405X6fH8
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.176.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-176-122.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://controlc.com
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Thu, 03 Oct 2024 08:32:29 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.176.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-176-122.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://controlc.com
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Thu, 03 Oct 2024 08:32:29 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.176.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-176-122.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://controlc.com
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Thu, 03 Oct 2024 08:32:29 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.176.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-176-122.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://controlc.com
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Thu, 03 Oct 2024 08:32:29 GMT
cookie_sync
s2s.t13.io/ 		3 KB
906 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
78c668d13e43b8030ac7995ee755adfe9c2df87ce0d74b52f2f124c7b2eac90a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
expires
0
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
674
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/json
vary
origin
auction
s2s.t13.io/openrtb2/ 		896 B
472 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
0907959b11d1b4773eedf78b7b3e49db56eac004f06c3015d8a79c8f09dbf70d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
0
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
371
date
Thu, 03 Oct 2024 08:32:28 GMT
x-prebid
pbs-java/3.8.0
content-type
application/json
vary
origin
imp
g2.gumgum.com/hbid/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.83&lt=1727944348666&to=600&aun=controlc_billboard_atf&pubcid=6940e85b-d466-40e7-aeb3-e4a7f216a092&gpid=%2F15184186%2Fcontrolc_billboard_atf%2Fcontrolc_billboard_atf&maxw=970&maxh=250&si=14285&pi=3&bf=970x250%2C970x90%2C728x90%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1715%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.83%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.48.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-48-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ca07fdf0b0b924123007e4f38f7b8a3576afc6e4d068c1c439997190e26bae20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.83&lt=1727944348667&to=600&aun=controlc_billboard_atf&pubcid=6940e85b-d466-40e7-aeb3-e4a7f216a092&gpid=%2F15184186%2Fcontrolc_billboard_atf%2Fcontrolc_billboard_atf&maxw=970&maxh=250&si=14287&pi=3&bf=970x250%2C970x90%2C728x90%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1715%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.83%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.48.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-48-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6270b0ca90833978572e7972591fe5f6c15fef5a0bd6104bc14d0957ae7a5e90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.83&lt=1727944348667&to=600&aun=controlc_billboard_atf&pubcid=6940e85b-d466-40e7-aeb3-e4a7f216a092&gpid=%2F15184186%2Fcontrolc_billboard_atf%2Fcontrolc_billboard_atf&maxw=970&maxh=250&si=14288&pi=3&bf=970x250%2C970x90%2C728x90%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1715%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.83%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.48.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-48-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fe17ce2104d0118f874f5ec8ac87768914005c62daad7ac09648ae0d904f02b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json;charset=UTF-8
server
nginx
prebid
ib.adnxs.com/ut/v3/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
cdb
bidder.criteo.com/ 		0
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.49.83&cb=3626475189&lsavail=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:28 GMT
vary
Origin
server
Kestrel
translator
hbopenbid.pubmatic.com/ 		18 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e345e11707cdde24bc4e889617bb6701e86e86df8ffe67cabb18a5360b7dd0af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
hbjson
grid.bidswitch.net/ 		24 B
261 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
23359dfbe55a61f8508c6b608a5213dc3c0fc7bb31c356c65a406ad9d884f09d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://controlc.com
content-length
49
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json
server
nginx
prebidjs
rtb.openx.net/openrtbb/ 		0
0
prebid
ads.yieldmo.com/exchange/ 		0
0
auction
tlx.3lift.com/header/ 		13 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.83&referrer=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&tmax=589&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.208.175.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-175-5.compute-1.amazonaws.com
Software
/
Resource Hash
4bbc50e8d3c5ae89a578d9069290f9de8d12caa81c38980ae952af049c3db2a2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
zstd
pragma
no-cache
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://controlc.com
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
5792
x-xss-protection
0
content-type
application/json; charset=utf-8
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=controlc.com&url=https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
8ccb94f3992dd7af-LAX
content-length
0
content-type
application/json
date
Thu, 03 Oct 2024 08:32:28 GMT
debug
OPTIONS block
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		122 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=controlc.com&url=https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a86aaf9d38b306a6e0babf4ed504e5e6461cbd3386780a58d243fa9edc678e55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://controlc.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
debug
NON-OPTIONS
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials
true
cf-ray
8ccb94f41a2dd7af-LAX
access-control-allow-origin
*
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
authorization,content-type
index.html
cdn.edkt.io/check/ Frame DAAC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/check/index.html
Requested by
Host: cdn.edkt.io
URL: https://cdn.edkt.io/PV483g/edgekit.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
31471
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-length
163
content-type
text/html
date
Wed, 02 Oct 2024 23:47:57 GMT
etag
"47b2c3a6d225cdc377a1def2926ff28f"
expires
Thu, 03 Oct 2024 23:47:57 GMT
last-modified
Tue, 01 Oct 2024 15:12:34 GMT
server
UploadServer
x-goog-generation
1727795554120274
x-goog-hash
crc32c=WnJJJw== md5=R7LDptIlzcN3od7ykm/yjw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
163
x-guploader-uploadid
AD-8ljvieRFsQ5nI5V6dQXIAR-KohJBwZp64RECA0GeYcgrthpzDKsocrJ_1QSx1nAQy2rfpaqKB2tt3wA
websiteconfig
btloader.com/ 		875 B
715 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896&w=controlc.com
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e88bdd593ff03eb5690c3cdfbd55742dc6e5e18e6c92a82faf6f7f4ec31a3b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"7cf60e5b41355e0a979d182ba949f8a4"
age
344
via
1.1 google
cf-ray
8ccb94f4bc161502-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
432
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
application/json
last-modified
Thu, 03 Oct 2024 08:25:29 GMT
vary
Origin, Accept-Encoding
server
cloudflare
px.gif
ad-delivery.net/ 		43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1189967
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Q9VGHn261k%2FdX%2BiqA6BKxiaUsw0FjmySBf3l5PBxG1gpp2VIIHfLRVGSrWlycLsNuGrBcUh2VX47geNeMaR9GSSAo0robUwLSVgex7922bsowUsy7LzrpoCKe9iXsDI6yzVLzY881s1lsk6Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 19 Sep 2024 14:33:40 GMT
x-goog-stored-content-length
43
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
ABPtcPra9d8_1cAUA1puYgPaDlSF3jxVddoyAk-EtkXyHJkJZG-bxPqX7Ma8N1zwawfflvspzxc
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ccb94f4ce6b5269-LAX
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
gzip
age
9772
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Fri, 04 Oct 2024 05:49:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 05:49:36 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.039530039856919386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1189967
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VVvMSBIP6I9CbZM6Wquu5rfvkpy%2BUpa%2BzXdv3SlXVccg5kGcoAhoq%2FiIaVORBdOjQr4YJkIIkdGyn%2FeHmeeADpFiL09MGaV4yRj2ZjhcLK6Ep6dRTzHFnSDVjMMQXqHVBXajbivZiJOsBZX1mw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 19 Sep 2024 14:33:40 GMT
x-goog-stored-content-length
43
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
ABPtcPra9d8_1cAUA1puYgPaDlSF3jxVddoyAk-EtkXyHJkJZG-bxPqX7Ma8N1zwawfflvspzxc
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ccb94f4ce6a5269-LAX
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2c9eca453aa7ce7daf2d71dbb6a3d134154488825d9e213de5413050289508ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://controlc.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
474
a.ad.gt/api/v1/u/matches/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/474?_it=prebid
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15f8c8ed7381d3d14f06154b3bdc7d65ba5b8cfbd596f6ac99002fd58f65f45c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
age
261
cross-origin-resource-policy
cross-origin
cf-ray
8ccb94f5698e78de-LAX
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/javascript
last-modified
Thu, 03 Oct 2024 08:25:32 GMT
vary
Accept-Encoding
server
cloudflare
sodar2.js
tpc.googlesyndication.com/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 08:32:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1727944348966&did=did-0047&se=e30&duid=f90009682691--01j98r4mqbwdpvg1wf9vbnmef8&tv=8.49.83&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fco...
  • https://rp4.liadm.com/j?dtstmp=1727944348966&did=did-0047&se=e30&duid=f90009682691--01j98r4mqbwdpvg1wf9vbnmef8&tv=8.49.83&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fc...
13 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1727944348966&did=did-0047&se=e30&duid=f90009682691--01j98r4mqbwdpvg1wf9vbnmef8&tv=8.49.83&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&us_privacy=1---&wpn=prebid&cd=.controlc.com&i6=MmEwNDpjNjA0OjYxNToxOjo1
Protocol
H2
Server
3.211.226.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-226-62.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-pixel-event-id
f7827673-b3ab-420a-b24f-9a74e472792e
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
null
content-length
13
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json

Redirect headers

access-control-allow-origin
https://controlc.com
location
https://rp4.liadm.com/j?dtstmp=1727944348966&did=did-0047&se=e30&duid=f90009682691--01j98r4mqbwdpvg1wf9vbnmef8&tv=8.49.83&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&us_privacy=1---&wpn=prebid&cd=.controlc.com&i6=MmEwNDpjNjA0OjYxNToxOjo1
content-length
0
access-control-expose-headers
*
date
Thu, 03 Oct 2024 08:32:29 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:8400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
gzip
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
age
3578
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
zzOXtXBkPey4xQUjo8SlEuxXa4qmZrd2o_a-_iX-1z4AVi1zfSK4Mw==
date
Thu, 03 Oct 2024 07:32:52 GMT
content-type
application/javascript
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
vary
Accept-Encoding
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
via
1.1 98ff52bb9a3187350f3ea674f4110afa.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-C2
server
AmazonS3
setuid
s2s.t13.io/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%2...
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3709459491829665000V10
86 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3709459491829665000V10
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
image/png

Redirect headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
cache-control
max-age=0, no-cache, no-store
location
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3709459491829665000V10
pragma
no-cache
expires
Thu, 03 Oct 2024 08:32:29 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
content-length
154
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
text/html
server
Apache
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.edkt.io
URL: https://cdn.edkt.io/PV483g/edgekit.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
etag
4226025326363945074
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 08:32:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52407
x-xss-protection
0
server
cafe
474
p.ad.gt/api/v1/p/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/474
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/474?_it=prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
374c185af0bd0f7f525a2b15ed1ebc31410fa20b69cb425a315584970b67b368

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
age
37
cf-ray
8ccb94f6ccb12ebd-LAX
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/javascript
last-modified
Thu, 03 Oct 2024 08:27:17 GMT
vary
Accept-Encoding
server
cloudflare
halo_match
ids.ad.gt/api/v1/ 		43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&halo_id=060ixe7ju6a65hicigj8bhbjf8jdl7a9lieuom2wi0e0ysuiuqw4gsgwo4wk02e60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.227.183.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-183-117.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache
content-length
43
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
image/gif
server
nginx/1.27.1
ip_match
ids.ad.gt/api/v1/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001727944349-1R9T7QAL-78ES
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.227.183.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-183-117.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-length
0
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
text/html; charset=utf-8
server
nginx/1.27.1
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001727944349-1R9T7QAL-78ES%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&adnxs_id=3876195260578121680&gdpr=0
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&adnxs_id=3876195260578121680&gdpr=0
Protocol
H2
Server
44.227.183.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-183-117.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache
content-length
43
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

cache-control
no-store, no-cache, private
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&adnxs_id=3876195260578121680&gdpr=0
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
162.245.206.248; 162.245.206.248; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
4f54d364-8807-417c-9292-163e4060bb3c
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 03 Oct 2024 08:32:29 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001727944349-1R9T7QAL-78ES&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=6ce2d808-e2a0-4054-944c-bde259c45f88&id=AU1D-0100-001727944349-1R9T7QAL-78ES
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=6ce2d808-e2a0-4054-944c-bde259c45f88&id=AU1D-0100-001727944349-1R9T7QAL-78ES
Protocol
H2
Server
44.227.183.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-183-117.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache
content-length
43
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=6ce2d808-e2a0-4054-944c-bde259c45f88&id=AU1D-0100-001727944349-1R9T7QAL-78ES
content-length
259
date
Thu, 03 Oct 2024 08:32:29 GMT
server
Kestrel
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001727944349-1R9T7QAL-78ES
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001727944349-1R9T7QAL-78ES
  • https://ids.ad.gt/api/v1/pbm_match?pbm=BBAA8DF7-E390-467E-9A7F-C62D9055AC03&id=AU1D-0100-001727944349-1R9T7QAL-78ES
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=BBAA8DF7-E390-467E-9A7F-C62D9055AC03&id=AU1D-0100-001727944349-1R9T7QAL-78ES
Protocol
H2
Server
44.227.183.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-183-117.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache
content-length
43
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

cache-control
no-store, no-cache, private
location
https://ids.ad.gt/api/v1/pbm_match?pbm=BBAA8DF7-E390-467E-9A7F-C62D9055AC03&id=AU1D-0100-001727944349-1R9T7QAL-78ES
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 03 Oct 2024 08:32:29 GMT
server
nginx
token
token.rubiconproject.com/ 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001727944349-1R9T7QAL-78ES&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Pragma
no-cache
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001727944349-1R9T7QAL-78ES&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001727944349...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001727944349-1R9T7QAL-78ES&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001727...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=968b3549-a966-4dba-aeb4-32e5497c289f%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6ce2d808-e2a0-4054-944c-bde259c45f88&ttd_puid=968b3549-a966-4dba-aeb4-32e5497c289f%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&tapad_id=968b3549-a966-4dba-aeb4-32e5497c289f
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&tapad_id=968b3549-a966-4dba-aeb4-32e5497c289f
Protocol
H2
Server
44.227.183.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-183-117.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache
content-length
43
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

strict-transport-security
max-age=31536000
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&tapad_id=968b3549-a966-4dba-aeb4-32e5497c289f
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
date
Thu, 03 Oct 2024 08:32:29 GMT
server
Jetty(11.0.13)
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001727944349-1R9T7QAL-78ES
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&google_error=15
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&google_error=15
Protocol
H2
Server
44.227.183.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-183-117.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache
content-length
43
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001727944349-1R9T7QAL-78ES&google_error=15
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
date
Thu, 03 Oct 2024 08:32:29 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001727944349-1R9T7QAL-78ES
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyNzk0NDM0OS0xUjlUN1FBTC03OEVT
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyNzk0NDM0OS0xUjlUN1FBTC03OEVT
Protocol
H2
Server
142.251.174.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Thu, 03 Oct 2024 08:32:29 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyNzk0NDM0OS0xUjlUN1FBTC03OEVT
content-length
453
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
text/html; charset=utf-8
server
nginx/1.27.1
0
sync.1rx.io/usersync/audigent/ 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001727944349-1R9T7QAL-78ES%26unruly_id%3D%5BRX_UUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

expires
0
cache-control
no-store, no-cache, must-revalidate
date
Thu, 03 Oct 2024 08:32:26 GMT
pragma
no-cache
adb_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001727944349-1R9T7QAL-78ES&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001727944349-1R9T7Q...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001727944349-1R9T7QAL-78ES&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-01...
  • https://ids.ad.gt/api/v1/adb_match?adb=85833650942936553521639466197083373697&id=AU1D-0100-001727944349-1R9T7QAL-78ES
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/adb_match?adb=85833650942936553521639466197083373697&id=AU1D-0100-001727944349-1R9T7QAL-78ES
Protocol
H2
Server
44.227.183.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-183-117.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache
content-length
43
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location
https://ids.ad.gt/api/v1/adb_match?adb=85833650942936553521639466197083373697&id=AU1D-0100-001727944349-1R9T7QAL-78ES
dcs
dcs-prod-va6-1-v064-0d1620f24.edge-va6.demdex.com 2 ms
pragma
no-cache
x-tid
FnS5J9iMShk=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 03 Oct 2024 08:32:29 GMT
amo_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001727944349-1R9T7QAL-78ES
  • https://ids.ad.gt/api/v1/amo_match?turn_id=3617358378010279803&id=AU1D-0100-001727944349-1R9T7QAL-78ES
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/amo_match?turn_id=3617358378010279803&id=AU1D-0100-001727944349-1R9T7QAL-78ES
Protocol
H2
Server
44.227.183.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-183-117.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache
content-length
43
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
location
https://ids.ad.gt/api/v1/amo_match?turn_id=3617358378010279803&id=AU1D-0100-001727944349-1R9T7QAL-78ES
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length
0
pragma
no-cache
date
Thu, 03 Oct 2024 08:32:29 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		413 B
173 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2867010303201669&correlator=283921593863981&eid=31086810&output=ldjh&gdfp_req=1&vrg=202409260101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=15184186%3A23008567153%2Ccontrolc_billboard_atf&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C300x250%7C728x250%7C970x250&ifi=2&didk=3841140156&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dffd1d5e0db02c25d%3AT%3D1727944348%3ART%3D1727944348%3AS%3DALNI_MYEllLGvLMnD5cLE5b-wIdNcCQMug&gpic=UID%3D00000f22db792d86%3AT%3D1727944348%3ART%3D1727944348%3AS%3DALNI_MaTPThIOCCG5hBjcUlsDcwj-KJ__A&abxe=1&dt=1727944349095&lmt=1727944349&adxs=436&adys=272&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&vis=1&psz=950x326&msz=950x272&fws=0&ohw=0&psts=AOrYGsmaf74tNOZsszcmXENprhIDNju-s2lPWvsWRVc9RUKc&td=1&egid=43074&tan=61cb2158-e7e4-4228-b950-e7ef4143484d&tdf=2&topics=9&tps=9&htps=10&a3p=Ej4KHGxpdmVpbnRlbnQuaW5kZXhleGNoYW5nZS5jb20SHFgzOXViTkhNNkdrQUFIQ3NneElBQUFBUyYxNThYARIzCglvcGVueC5uZXQSJDNiMzA5MWJkLWE3ZWYtNDAyZi1iZjc2LWU0NTU2Mzc3Y2VhZVgBEjQKCnB1YmNpZC5vcmcSJDY5NDBlODViLWQ0NjYtNDBlNy1hZWIzLWU0YTdmMjE2YTA5MlgBEoYBCg5saXZlaW50ZW50LmNvbRJyNy1lUURZV1NoQlhuT1RrQ1VNNWY0SEhvUEo0RGtlUUVXa0RLYTdjWHR5eTFycW1RdXJ6VWlRQWUwVmIrYmNic1FSeXY2RWhwemI1eTFUb1p5VWYxRDl0STZlS3YvT3ZvaGhQZGtRQUttS3k2VkJNUT09WAESZQoJeWFob28uY29tElY3akZBWDVBbUFqUWlYMWhfQXdBbW9lVER6cDc0cU1WeDY1SGViWlFGb2ZXYVlXbFNGd21pSDZpQWoySHcwMkhRa3gtWGRrbWkwMUFTcFpCVjZ5TGlEUVgBEigKEnJ1Ymljb25wcm9qZWN0LmNvbRIQSk8zSk9PRE4tMU0tSk9RU1gBEjcKDWJpZHN3aXRjaC5uZXQSJDA0Yzg2NmQ5LWU2ODEtNGI2ZS1iOTcxLTFmZTdhNzUxYzFlYVgBEjYKDHB1Ym1hdGljLmNvbRIkRTQ0MUU2NTUtQjJDRS00N0NCLUI4RTItOTA4OUFCQTg2Q0NEWAESRgoMYXVkaWdlbnQuY29tEjQwMDAxeXVtMGVhYmtiYTk4YmNpYWU2Z2liZGRqOTZsZGNsZjc4NmtoZGFhYmFja2tjMmpsWAE.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1727944345879&idt=1635&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D471324b3-e6fc-4b0d-af00-bc5f7877a477%26floors_id%3D151f17%26floors_hour%3D8%26fs_placementName%3Dcontrolc_billboard_atf%26fs_ad_product%3Dbanner%26fs-auuid%3D3ccae253-dbb0-4245-91a4-3003af5d8082%26fsbid%3Dtimeout&cust_params=fsitf%3DN-YYN-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26fs_session_id%3D48fd1c69-ad80-4913-8884-226ddb56c97c%26fs_pageview_id%3D75256b26d98f349b84adf03118a927ee%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D59%26fs_testgroup%3Dexperiment&adks=2225142635&frm=20&eo_id_str=ID%3D31355065bd5fd9f8%3AT%3D1727944348%3ART%3D1727944348%3AS%3DAA-AfjYXKc0pXLz0O9uvF78FldmB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
0f5842ea7eb05626c815cc831ef3c8626910ab49b45660fa94ca207abb88603e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
google-lineitem-id
-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://controlc.com
content-length
143
x-xss-protection
0
server
cafe
/
optimise.net/ 		672 B
696 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=1&d=controlc.com&t=desktop&c=US&r=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
9b0f98cacb28b6e5e9b5b4e688b97b7e9216e869af4888dc6c8eff929c28216e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://controlc.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
x-lm
0

Response headers

access-control-max-age
3600
access-control-expose-headers
fs-client-rtt,fs-country
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
expires
0
fs-client-rtt
62
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://controlc.com
fs-country
US
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=1&d=controlc.com&t=desktop&c=US&r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key,x-lm
Access-Control-Request-Method
GET
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://controlc.com
access-control-expose-headers
fs-client-rtt,fs-country
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 03 Oct 2024 08:32:29 GMT
expires
0
fs-client-rtt
59
fs-country
US
pragma
no-cache
strict-transport-security
max-age=31536000
via
1.1 google
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Fri, 04 Oct 2024 08:32:29 GMT
access-control-allow-origin
*
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
auction
s2s.t13.io/openrtb2/ 		24 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
f1e032375812c262236c158867ab8b9b3916e1bf6665fa999b0186c594ab7b14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
0
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11550
date
Thu, 03 Oct 2024 08:32:29 GMT
x-prebid
pbs-java/3.8.0
content-type
application/json
vary
origin
hbjson
grid.bidswitch.net/ 		24 B
260 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
fa9f02bdf13fb2e73589a274dc8aab402c9ec4f90f7e5449b6f18324edf28011
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://controlc.com
content-length
49
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json
server
nginx
prebidjs
rtb.openx.net/openrtbb/ 		53 B
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
cbd59b119ffc511f695d98732dace1e51f31874cad85bea1124b1697509a038a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

content-encoding
gzip
x-forwarded-for
162.245.206.248
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
text/plain
vary
Origin
cdb
bidder.criteo.com/ 		0
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.49.83&cb=97433166353&lsavail=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:28 GMT
vary
Origin
server
Kestrel
imp
g2.gumgum.com/hbid/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.83&lt=1727944349277&to=600&aun=controlc_sticky_footer&pubcid=6940e85b-d466-40e7-aeb3-e4a7f216a092&gpid=%2F15184186%2Fcontrolc_sticky_footer%2Fcontrolc_sticky_footer&pv=a63eaf61-4348-4236-ac5e-750eced22edf&maxw=970&maxh=90&si=14289&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1715%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.83%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.48.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-48-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f66ae1b24b3bfd9d8c322e131c7e18991613cce376b9f89f22e1cbee38fb03ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.83&lt=1727944349277&to=600&aun=controlc_sticky_footer&pubcid=6940e85b-d466-40e7-aeb3-e4a7f216a092&gpid=%2F15184186%2Fcontrolc_sticky_footer%2Fcontrolc_sticky_footer&pv=a63eaf61-4348-4236-ac5e-750eced22edf&maxw=970&maxh=90&si=14287&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1715%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.83%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.48.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-48-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a7cf1bcd874d4a78388eb5103f715ffd9dd3178be184e81efa4e62a2ca64d763

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.83&lt=1727944349277&to=600&aun=controlc_sticky_footer&pubcid=6940e85b-d466-40e7-aeb3-e4a7f216a092&gpid=%2F15184186%2Fcontrolc_sticky_footer%2Fcontrolc_sticky_footer&pv=a63eaf61-4348-4236-ac5e-750eced22edf&maxw=970&maxh=90&si=14288&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1715%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.83%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.48.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-48-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
daf4aeb19979d50923fb13f87101323a7a9cd3116f68fc79ec069ca974bde8df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.83&lt=1727944349277&to=600&aun=controlc_sticky_footer&pubcid=6940e85b-d466-40e7-aeb3-e4a7f216a092&gpid=%2F15184186%2Fcontrolc_sticky_footer%2Fcontrolc_sticky_footer&pv=a63eaf61-4348-4236-ac5e-750eced22edf&maxw=970&maxh=90&si=313827&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1715%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.83%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.48.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-48-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
09852816009dd6a43f8701bc4dcdd022fa7386625f70b93bcc690b4e76a0bf64

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.83&lt=1727944349277&to=600&aun=controlc_sticky_footer&pubcid=6940e85b-d466-40e7-aeb3-e4a7f216a092&gpid=%2F15184186%2Fcontrolc_sticky_footer%2Fcontrolc_sticky_footer&pv=a63eaf61-4348-4236-ac5e-750eced22edf&maxw=970&maxh=90&si=313828&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1715%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.83%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.48.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-48-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1f1f68585f3a316013c0b304f8053b54ec01cbfd17564ca551960a289eb4f8d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.83&lt=1727944349278&to=600&aun=controlc_sticky_footer&pubcid=6940e85b-d466-40e7-aeb3-e4a7f216a092&gpid=%2F15184186%2Fcontrolc_sticky_footer%2Fcontrolc_sticky_footer&pv=a63eaf61-4348-4236-ac5e-750eced22edf&maxw=970&maxh=90&si=313829&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1715%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.83%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.48.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-48-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e92bc4757cac451a3670b497c1006d709cf39b83aa47bc8f01c41070c2a5049e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.83&lt=1727944349278&to=600&aun=controlc_sticky_footer&pubcid=6940e85b-d466-40e7-aeb3-e4a7f216a092&gpid=%2F15184186%2Fcontrolc_sticky_footer%2Fcontrolc_sticky_footer&pv=a63eaf61-4348-4236-ac5e-750eced22edf&t=ikg7mqd8&pi=2&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1715%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.83%22%7D&ogu=null&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.48.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-48-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
19f66a747e37c4f60229edfb077bd68a12582f0de40e450ecefc7350bdabb0bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json;charset=UTF-8
server
nginx
prebid
ads.yieldmo.com/exchange/ 		0
365 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.49.83&p=%5B%7B%22placement_id%22%3A%22controlc_sticky_footer%22%2C%22callback_id%22%3A%22527b64a07a801fa%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B468%2C60%5D%2C%5B320%2C100%5D%2C%5B300%2C100%5D%2C%5B320%2C50%5D%2C%5B300%2C50%5D%2C%5B1%2C1%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Fcontrolc_sticky_footer%2Fcontrolc_sticky_footer%22%2C%22tid%22%3A%22673c1a33-2c33-4967-aaff-05611508e607%22%2C%22auctionId%22%3A%2246cff7a0-0c00-4d16-8260-a7476c585d04%22%7D%5D&page_url=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&bust=1727944349280&dnt=false&description=The%20ControlC%20%20pastebin%20is%20the%20original%20next%20generation%20tool%20for%20sharing%20text.%20We%20offer%20a%20full%20suite%20of%20tools%20and%20a%20affiliate%20program%20for%20users%20to%20make%20money.%20Formerly%20known%20as%20Pasted%20and%20Tinypaste&tmax=589&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=The%20easiest%20way%20to%20host%20your%20text&w=1600&h=1200&pubcid=6940e85b-d466-40e7-aeb3-e4a7f216a092&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221715%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%226940e85b-d466-40e7-aeb3-e4a7f216a092%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.63.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-63-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:29 GMT
access-control-request-headers
Cache-Control, Pragma
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=2&alt_size_ids=1%2C19%2C43%2C44%2C55%2C117%2C221&us_privacy=1---&rp_schain=1.0,1!freestar.com,1715,1,,,&eid_pubcid.org=6940e85b-d466-40e7-aeb3-e4a7f216a092%5E1&rf=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&tg_v.id=bba76477-a6c7-471e-a8d5-96af1b596dc6&tg_i.domain=controlc.com&tg_i.page=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&tg_i.name=controlc-com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=6234&tg_i.fs_ad_product=stickyFooterVideo&tg_i.pbadslot=%2F15184186%2Fcontrolc_sticky_footer%2Fcontrolc_sticky_footer&tk_flint=pbjs_lite_v8.49.83&x_source.tid=46cff7a0-0c00-4d16-8260-a7476c585d04&l_pb_bid_id=54fc97ecbb672be&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=673c1a33-2c33-4967-aaff-05611508e607&rp_maxbids=1&p_gpid=%2F15184186%2Fcontrolc_sticky_footer%2Fcontrolc_sticky_footer&m_ch_mobile=%3F0&slots=1&rand=0.9270504488375817
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6c3065ea722dd8df15cb72820274aa0a75b53d97631ce10c6352cc5cac6f4946

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.176.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-176-122.compute-1.amazonaws.com
Software
/
Resource Hash
74bb59a6cc43a0b8d78be9e9f31c9ef4c62d32afbbcc72486ab9e2a89348c907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
https://controlc.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://controlc.com
content-length
66
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.176.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-176-122.compute-1.amazonaws.com
Software
/
Resource Hash
7504a0559e4a774e4aa680f0b14bba83b8f702952fe83f61493dc3d2bdeb3f14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
https://controlc.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://controlc.com
content-length
66
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
397 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.176.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-176-122.compute-1.amazonaws.com
Software
/
Resource Hash
3c2d81c2b78ab201707cd6eb215fbe9277947c70684a3bb812f47a90901e0ef7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
https://controlc.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://controlc.com
content-length
66
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.176.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-176-122.compute-1.amazonaws.com
Software
/
Resource Hash
3c33fc0ff1eae6ad1e0d70b226b3bdbdede2558c115a941ba70c8d24f38192e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
https://controlc.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://controlc.com
content-length
66
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
prebid
ib.adnxs.com/ut/v3/ 		23 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
c2d9d0a69ef56a50ced6f3de634730c76fafecf0697e41e5f7373c0b28d5dca1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
162.245.206.248; 162.245.206.248; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://controlc.com
an-x-request-uuid
d3d8176a-5a70-4b3c-aa49-3dbe8617d3d2
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 03 Oct 2024 08:32:29 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.23.4
auction
tlx.3lift.com/header/ 		13 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.83&referrer=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&tmax=589&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.208.175.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-175-5.compute-1.amazonaws.com
Software
/
Resource Hash
aaf5f21b6aa1f318e7d141b4e71314964d5b806c2672b28f4227773a5d1d38d4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
zstd
pragma
no-cache
accept-ch
sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://controlc.com
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
5816
x-xss-protection
0
content-type
application/json; charset=utf-8
translator
hbopenbid.pubmatic.com/ 		23 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c3ec7a34fd384ac5180d01c4533c982dae64ed101e6d4c6c60c7d7d4d41f8db2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json
country
api.btloader.com/ 		37 B
215 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=5714937848528896
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json
vary
Origin
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=mPkuv2zdZ&w=6208846342651904&o=5714937848528896&cv=2.1.58-1-g1e5f999&widget=false&checksum=27aa061f&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&sid=PJ6zafqx&pm=false&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

via
1.1 google
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 08:32:29 GMT
vary
Origin
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
gzip
age
4332
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 09:20:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 07:20:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js
www.googletagmanager.com/gtag/ 		260 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffb035bbb0247ca4432e521af4574c76dd07c3ae13853936ae16df84c341bcf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 03 Oct 2024 08:32:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
93459
x-xss-protection
0
server
Google Tag Manager
match
seg.ad.gt/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://seg.ad.gt/api/v2/match
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
allow
POST
cf-cache-status
DYNAMIC
cf-ray
8ccb94f82d282efd-LAX
date
Thu, 03 Oct 2024 08:32:29 GMT
server
cloudflare
vary
origin, access-control-request-method, access-control-request-headers
collect
a.ad.gt/api/v1/ 		0
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://controlc.com/

Response headers

cf-ray
8ccb94f75b3078de-LAX
access-control-allow-origin
https://controlc.com
cf-cache-status
DYNAMIC
date
Thu, 03 Oct 2024 08:32:29 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
getpixels
pixels.ad.gt/api/v1/ 		0
88 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=db545febd067f431820c78a8b4635718&url=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cf-ray
8ccb94fa0a6a2b6c-LAX
cf-cache-status
DYNAMIC
date
Thu, 03 Oct 2024 08:32:29 GMT
server
cloudflare
match
seg.ad.gt/api/v2/ 		4 KB
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seg.ad.gt/api/v2/match
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3ae296f92790801c06671107b0ff276eb63d81e3d5fc4d6dbb7d5a796521aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://controlc.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
8ccb94f8cda82efd-LAX
access-control-allow-origin
*
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers, accept-encoding
server
cloudflare
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2c9eca453aa7ce7daf2d71dbb6a3d134154488825d9e213de5413050289508ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://controlc.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame FB14 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
585850
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Sep 2024 13:48:19 GMT
expires
Fri, 26 Sep 2025 13:48:19 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C7C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.103 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f103.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IKgO5lFc8yvPjURTvF3rtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IKgO5lFc8yvPjURTvF3rtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 03 Oct 2024 08:32:29 GMT
expires
Thu, 03 Oct 2024 08:32:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame A710
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=WBPVVLQ6Fq2JTSROh7nt4ortBvM32I4yjl-jxR3VuUI&pi=gumgum&tc=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=WBPVVLQ6Fq2JTSROh7nt4ortBvM32I4yjl-jxR3VuUI&pi=gumgum&tc=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 03 Oct 2024 08:32:30 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 03 Oct 2024 08:32:30 GMT Thu, 03 Oct 2024 08:32:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=WBPVVLQ6Fq2JTSROh7nt4ortBvM32I4yjl-jxR3VuUI&pi=gumgum&tc=1
pragma
no-cache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame ADF4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=8375283706388319130&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=8375283706388319130&gdpr=0&gdpr_consent=
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 03 Oct 2024 08:32:30 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 03 Oct 2024 08:32:29 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=8375283706388319130&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
sync
eb2.3lift.com/ Frame 6E73 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1069
content-type
text/html; charset=utf-8
date
Thu, 03 Oct 2024 08:32:29 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame D243 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
77060
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 03 Oct 2024 08:32:29 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 17 May 2024 08:31:56 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
699367, 95548
X-Served-By
cache-lga21993-LGA, cache-bur-kbur8200043-BUR
X-Timer
S1727944350.548950,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 419C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=86304
content-encoding
gzip
content-length
5633
content-type
text/html
date
Thu, 03 Oct 2024 08:32:29 GMT
expires
Fri, 04 Oct 2024 08:30:53 GMT
last-modified
Mon, 26 Aug 2024 15:25:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame DBAE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Zv5WnQAGlHfEAAA3
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Zv5WnQAGlHfEAAA3
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1265
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 03 Oct 2024 08:32:29 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
1074
x-robots-tag
noindex
x-served-by
cache-bur-kbur8200101-BUR
x-timer
S1727944350.735411,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 03 Oct 2024 08:32:29 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Zv5WnQAGlHfEAAA3
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-robots-tag
noindex
x-served-by
cache-bur-kbur8200101-BUR
x-timer
S1727944350.610755,VS0,VE64
pd
u.openx.net/w/1.0/ Frame 16A2
Redirect Chain
  • https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
  • https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
549
content-type
text/html
date
Thu, 03 Oct 2024 08:32:29 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 03 Oct 2024 08:32:28 GMT
location
https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
pbcas
ads.yieldmo.com/ Frame 5185 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.158.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-158-95.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 03 Oct 2024 08:32:29 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame C504 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Thu, 03 Oct 2024 08:32:29 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync
x.bidswitch.net/ 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.202.130 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
130.202.211.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 03 Oct 2024 08:32:30 GMT
content-type
image/gif
auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.236.67.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-236-67-200.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://controlc.com
access-control-max-age
86400
date
Thu, 03 Oct 2024 08:32:29 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ 		59 B
215 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.221.217.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-221-217-118.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ab2438e15c02ce7ed04062be3f3ae1e59a9470a22f66eac4e82d735c530e1eee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://controlc.com/

Response headers

access-control-allow-origin
https://controlc.com
content-length
59
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
application/json; charset=utf-8
vary
Origin
access-control-allow-credentials
true
pixel;r=906141574;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642...
pixel.quantserve.com/ 		35 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=906141574;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=controlc.com;dst=0;et=1727944349432;tzo=600;ogl=type.website%2Cimage.https%3A%2F%2Fcontrolc%252Ecom%2Fopengraph%252Epng;ses=9e0c1cfb-c921-4853-9b8a-38ed86e4de63;uht=2;fpan=1;fpa=P0-1034626856-1727944348971;pbc=;cm=undefined;gdpr=0;us_privacy=1---;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
35
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date
Thu, 03 Oct 2024 08:32:29 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
content-type
image/gif
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2c9eca453aa7ce7daf2d71dbb6a3d134154488825d9e213de5413050289508ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://controlc.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
adfetch
googleads.g.doubleclick.net/pagead/ Frame 8E67 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch?adk=2536424872&adsafe=medium&client=ca-pub-6362111942204036&format=970x250_as&ip=162.245.206.248&odt=2&output=html&psd=W10%3D&unviewed_position_start=1&url=https://controlc.com/e4d11035+benign.exe+https://controlc.com/e4d11035+benign.exe&sub_client=bidder-269885&hl=en&u_h=1200&u_w=1600&aceid=MOQVtAD6WDQBRls0AdKQNAErozQBHKY0AVumNAG9pjQBv6Y0AcqmNAHUpjQBaac0Aa2nNAGwpzQBxac0Ac6nNAHTpzQB4Kc0AeGnNAHupzQB86c0AfynNAEAqDQBAag0AQmoNAEKqDQBDKg0ARCoNAEkqDQBS3NBAVNzQQFYc0EBmR1cAvUhXAICIlwC1_aIAgz_iALAAIkCAAGJAicBiQIwAYkCJ0KqAihCqgKKb6oCgJuqAoGbqgKCm6oCTNWqAkf4qgIl-6oCQvuqAk8LqwJaIasChCerAlQoqwL7K6sC1DarAiU6qwIoOqsCLTqrAj5BqwI0SKsCbEqrAt1PqwKuWasCxXSrAsaXqwKImasCT6GrAhmkqwJPpqsC26urAhWuqwJCrqsCO6-rAmOyqwIWtKsCGrSrAiG0qwIltKsCKbSrArtBEQPBbCQEMl73BPdf9wRIYPcETGD3BGCE9wTkhPcEHH2uBUB-rgXGiK4FbI2uBVeWrgUumK4FNZiuBT2YrgVUmK4FfJquBZqcrgXfnK4Fs5-uBSyirgWvo64FuaOuBRCnrgXjq64FnqyuBamsrgUMra4F5rCuBQGxrgVnsa4FZrKuBeayrgUWtK4FGriuBe-4rgWQuq4Fo7uuBWS8rgUvva4FzL2uBYW-rgXAvq4Ftb-uBTbCrgWhwq4FY8OuBfDDrgUrxa4FkcauBdHGrgUmyK4FTsiuBfLJrgUEyq4FdMquBeHKrgUCy64FncuuBZ_LrgUczK4FCc2uBVvNrgXcza4FEs6uBarOrgX6zq4FIM-uBUPPrgVUz64Fmc-uBdPQrgUq0a4F2tGuBf3RrgVG0q4FpNKuBbPSrgXW0q4F2NKuBfrTrgWg1K4F_NSuBS_VrgWqNaAMrc5lDs7R-xLW4fsSi_X7Ep4L_BK7JfwSACb8EgEm_BKqK_wShSz8EvAu_BIxL_wSeC_8EsEv_BJgMPwSaKLqFPdWaxo&awbid_c=AKAmf-B-Jb9Xxhbr6B5Z6GDDOy8300dmg1Ioa0CGTkJuZEKIJirADk6BUOPhP_5hsU4xBdctj52sNKQItM88qJVBKeimnZ72VyiwLbBHdIyIzSVoHYZ4ecYOiVTQigKNiGsFkajkNhVxyKoFxtBKBd1R2HbYyAc4BIKYK-UCS_MZ2OuT-aXK7RbNYD3rYfJPy34z821XaV-arLfygWKV6FeVEun4ZoOBBbXePa01eCvwRP_ZxQwKPEt6IRfYaN92M7rlsJ_ZUzjX&awbid_d=AKAmf-DjKGSi5KL6-Sfesg7GweWof63jecBBb6bTqxy7KJhs_vyh_YnGFF9zacXLmSFS_0RR5GrOkrY8GK1CBOAavI7dqkR9TmqxigH-kMJ_p1grpGwDcKJnGAvsYUBaa6_UeKoGnAtVXsh5COtELL0QgwskC9DkYg5vEpCs7VlABGykRzvr24KXsPVrquv-laARDklDQr3MURYKbsI6b4IZCDSg0VKeS3r5GIRGHaIObbTLwxB2PrWDD78YujvBgthPxKgU8hPvSVOZ0Psjq24bZ4bmKSzg6xQznOW5nJQqyRL0WvXq-Dhy266Y3hEE-WF4eCAPUvFZM7FDjpvngQmSdjRUkttsldGlJiGX-9uX9PCa_rRkv3UEKP4S9PKbmQnuvhTnokB364FyCl-M6P9XRyWARztX3gWX8kHkhTVjKTiFkcQrbl6x8B6J30L4a62FCv4AXBDsbZolr4UGba3cUQDqWeSBvUaZDvEw3zkpbhilfYZG8jjFOLYt7euzaY_S17_RBAabw0bxWJ-UhB8TgD8Y2VFZl0PPhaj8Xo8_Z5i63aTjc_LyGqrkIA_YDt2lzTlX_ZrCgRhmuld-rCCFJtVuunXhsknchg5ZbaEo-PayVLIIRy_ySBVGyZr5xIbAL4wsAjjviwCdNLQxS3rNOoblzgyHzT-2cYUCp3GOUlqvVbnnXAakC5NrscZhqLGFWoHCN6m9V0lhp12lUDWj9ZpmMpbEHct2RRb8GA36W4PkkQ_ET_vHmr6jozcFhUZk7WUa3yfAck2sRXc-XrcZLjfga7e9skWNvyBo11rPJqdQlzhyhAWTKBw2RcUH-3H5Ehu5V4ufB_IROVaAAnOeDyn6d8qsn5AYfzj96sRz8RYX-phPLZLoeMiOP18wD5IYIviNpJ69&cid=CAQSMgDpaXnfvi3OYVkcGA0XA0Ksl8nQ1U-Kn_LH16fRM9rUL2Wfm7qBtfs716p-HojHOfvJGAE&exk=900208128&rfl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&a_pr=6:0.144841
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
42135
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Oct 2024 08:32:29 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame E232 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f155.1e100.net
Software
cafe /
Resource Hash
6df3af046b6b96ee735a8bac1ebd1214ffad19c702d6dd39a64b31b6c77b4b6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
etag
10656163328767074380
age
2832
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 08:45:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 03 Oct 2024 07:45:17 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
3332
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame E232 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-DV0Yz19s-0gC-uIWSp_JfKtIc_j3RhK0PbSR2TG8_Unf4eBDcajroVm9Wm8kVRbbv8yNBU-hVa6nC5hZI5f5viZFWqOQ&pr=6:0.144841
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 03 Oct 2024 08:32:29 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
pixel
protected-by.clarium.io/ Frame E232 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cWFLdHh1TDFLUl8yVGZtejBObVBhQXVkc0JjL3B1Ym1hdGljOjk3MHgyNTA=&v=5&s=v31i98o4ltd&id=eyJwcmViaWQiOnsiYWRJZCI6IjczNDFkZjgzNzlhY2E1YiIsImNwbSI6MC4xMiwicyI6ImNvbnRyb2xjX2JpbGxib2FyZF9hdGYiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOnB1Ym1hdGljOzcxNTQ5OTkzOTcyMiIsImFkb21haW4iOiJhbWEtYXNzbi5vcmcifQ%3D%3D&cb=1351993&h=controlc.com&d=eyJ3aCI6ImNXRkxkSGgxVERGTFVsOHlWR1p0ZWpCT2JWQmhRWFZrYzBKakwzQjFZbTFoZEdsak9qazNNSGd5TlRBPSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbInB1Ym1hdGljIl0sImhiX3NpemUiOlsiOTcweDI1MCJdfX0sIndyIjowfQ==
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.166.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-166-142.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Thu, 03 Oct 2024 08:32:30 GMT
pragma
no-cache
content-type
image/png
server
nginx/1.18.0 (Ubuntu)
join-ad-interest-groups.html
proton.ad.gt/ Frame 6444 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://proton.ad.gt/join-ad-interest-groups.html
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
ad-auction-allowed
true
age
1249
apigw-requestid
fDtlsgKnvHcEJ2A=
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8ccb94fa4cc308ee-LAX
content-encoding
br
content-type
text/html
date
Thu, 03 Oct 2024 08:32:29 GMT
last-modified
Thu, 03 Oct 2024 05:19:19 GMT
server
cloudflare
supports-loading-mode
fenced-frame
vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2867010303201669&correlator=283921593863981&eid=31086810&output=ldjh&gdfp_req=1&vrg=202409260101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=15184186%3A23008567153%2Ccontrolc_sticky_footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=3&didk=1024367576&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dffd1d5e0db02c25d%3AT%3D1727944348%3ART%3D1727944348%3AS%3DALNI_MYEllLGvLMnD5cLE5b-wIdNcCQMug&gpic=UID%3D00000f22db792d86%3AT%3D1727944348%3ART%3D1727944348%3AS%3DALNI_MaTPThIOCCG5hBjcUlsDcwj-KJ__A&abxe=1&dt=1727944349671&lmt=1727944349&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&vis=1&psz=338x-1&msz=300x-1&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsmaf74tNOZsszcmXENprhIDNju-s2lPWvsWRVc9RUKc&td=1&egid=43074&tan=61cb2158-e7e4-4228-b950-e7ef4143484e&tdf=2&topics=3&tps=3&htps=10&a3p=Ej4KHGxpdmVpbnRlbnQuaW5kZXhleGNoYW5nZS5jb20SHFgzOXViTkhNNkdrQUFIQ3NneElBQUFBUyYxNThYARIzCglvcGVueC5uZXQSJDNiMzA5MWJkLWE3ZWYtNDAyZi1iZjc2LWU0NTU2Mzc3Y2VhZVgBEjQKCnB1YmNpZC5vcmcSJDY5NDBlODViLWQ0NjYtNDBlNy1hZWIzLWU0YTdmMjE2YTA5MlgBEoYBCg5saXZlaW50ZW50LmNvbRJyNy1lUURZV1NoQlhuT1RrQ1VNNWY0SEhvUEo0RGtlUUVXa0RLYTdjWHR5eTFycW1RdXJ6VWlRQWUwVmIrYmNic1FSeXY2RWhwemI1eTFUb1p5VWYxRDl0STZlS3YvT3ZvaGhQZGtRQUttS3k2VkJNUT09WAESZQoJeWFob28uY29tElY3akZBWDVBbUFqUWlYMWhfQXdBbW9lVER6cDc0cU1WeDY1SGViWlFGb2ZXYVlXbFNGd21pSDZpQWoySHcwMkhRa3gtWGRrbWkwMUFTcFpCVjZ5TGlEUVgBEigKEnJ1Ymljb25wcm9qZWN0LmNvbRIQSk8zSk9PRE4tMU0tSk9RU1gBEjcKDWJpZHN3aXRjaC5uZXQSJDA0Yzg2NmQ5LWU2ODEtNGI2ZS1iOTcxLTFmZTdhNzUxYzFlYVgBEjYKDHB1Ym1hdGljLmNvbRIkRTQ0MUU2NTUtQjJDRS00N0NCLUI4RTItOTA4OUFCQTg2Q0NEWAESRgoMYXVkaWdlbnQuY29tEjQwMDAxeXVtMGVhYmtiYTk4YmNpYWU2Z2liZGRqOTZsZGNsZjc4NmtoZGFhYmFja2tjMmpsWAE.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1727944345879&idt=1635&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Dc2a24807-c17c-4320-9eb7-29f94cb21881%26floors_id%3D497e30%26floors_hour%3D8%26fs_placementName%3Dcontrolc_sticky_footer%26fs_ad_product%3DstickyFooterVideo%26fs_clientservermask%3D00020000000000000000102%26fsbid%3D0%26fs-auuid%3D4bb3d602-2234-4e90-adfb-0bba0748b16f%26fspbg%3Dfs_universal%26fs_source%3Dclient%26fs_auction_id%3D46cff7a0-0c00-4d16-8260-a7476c585d04%26freestar_path%3D%252Fe4d11035%252520benign.exe%252520https%253A%252F%252Fcontrolc.com%252Fe4d11035%252520benign.exe%26freestar_domain%3Dcontrolc.com%26custom_bidder_size%3Dappnexus_970x90%26fs_format%3Dbanner%26fs_size%3D970x90%26fs_pb%3D0.06%26fs_adid%3D88a47a49f3a4cd8%26fs_bidder%3Dappnexus&cust_params=fsitf%3DN-YYN-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26fs_session_id%3D48fd1c69-ad80-4913-8884-226ddb56c97c%26fs_pageview_id%3D75256b26d98f349b84adf03118a927ee%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D59%26fs_testgroup%3Dexperiment&adks=78061733&frm=20&eo_id_str=ID%3D31355065bd5fd9f8%3AT%3D1727944348%3ART%3D1727944348%3AS%3DAA-AfjYXKc0pXLz0O9uvF78FldmB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
6d6d6db82b72de0cabadc4c1c80723186f0c6009b78201fee9b582455ebb9c89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
google-lineitem-id
6076347488
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 03 Oct 2024 08:32:30 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138399373379
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://controlc.com
content-length
13042
x-xss-protection
0
server
cafe
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C0AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=86304
content-encoding
gzip
content-length
5633
content-type
text/html
date
Thu, 03 Oct 2024 08:32:29 GMT
expires
Fri, 04 Oct 2024 08:30:53 GMT
last-modified
Mon, 26 Aug 2024 15:25:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2c9eca453aa7ce7daf2d71dbb6a3d134154488825d9e213de5413050289508ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://controlc.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
p.ad.gt/api/v1/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/event
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://controlc.com/

Response headers

cf-ray
8ccb94fc4a280cab-LAX
access-control-allow-origin
https://controlc.com
cf-cache-status
DYNAMIC
date
Thu, 03 Oct 2024 08:32:30 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
event
p.ad.gt/api/v1/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/event
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://controlc.com/

Response headers

cf-ray
8ccb94fc4a270cab-LAX
access-control-allow-origin
https://controlc.com
cf-cache-status
DYNAMIC
date
Thu, 03 Oct 2024 08:32:30 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
event
p.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://controlc.com
allow
OPTIONS, POST
cf-cache-status
DYNAMIC
cf-ray
8ccb94fb99cc0cab-LAX
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 03 Oct 2024 08:32:30 GMT
server
cloudflare
vary
Origin
event
p.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://controlc.com
allow
POST, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8ccb94fb99cd0cab-LAX
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 03 Oct 2024 08:32:30 GMT
server
cloudflare
vary
Origin
image.sbmx
global.ib-ibi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sortable&gdpr=&gdpr_consent=&us_privacy=1---&redir=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=43d08211-94de-49f0-8ce8-5ac6875960ed&ssp=sortable&gdpr=&gdpr_consent=
  • https://global.ib-ibi.com/image.sbmx?go=298769&pid=541&xid=10611184411068807509&ssp=sortable&gdpr=&gdpr_consent=
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbmx?go=298769&pid=541&xid=10611184411068807509&ssp=sortable&gdpr=&gdpr_consent=
Protocol
HTTP/1.0
Server
69.169.85.6 Warwick, United States, ASN29838 (AMC, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

Server
BigIP
Connection
close
Content-Length
0

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://global.ib-ibi.com/image.sbmx?go=298769&pid=541&xid=10611184411068807509&ssp=sortable&gdpr=&gdpr_consent=
pragma
no-cache
via
1.1 google
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-application-context
application
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
date
Thu, 03 Oct 2024 08:32:30 GMT
content-length
0
server
Apache
syncframe
gum.criteo.com/ Frame 479B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=controlc.com&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 03 Oct 2024 08:32:29 GMT
server
Kestrel
server-processing-duration-in-ticks
435266
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Fri, 04 Oct 2024 08:32:29 GMT
access-control-allow-origin
*
date
Thu, 03 Oct 2024 08:32:29 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8819 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=90654
content-encoding
gzip
content-length
14331
content-type
text/html
date
Thu, 03 Oct 2024 08:32:30 GMT
expires
Fri, 04 Oct 2024 09:43:24 GMT
last-modified
Wed, 05 Jun 2024 06:37:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame ED5B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=4682884&imprId=F33F2A41-AA74-4C60-83B6-5297C38127C5&cksum=EAF8CE3FC84F0720&adType=35&adServerId=243&kefact=0.141529&kaxefact=0.141529&kadNetFrequecy=0&kadwidth=970&kadheight=250&kadsizeid=32&kltstamp=1727944349&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.144841&dcId=2&tldId=0&passback=0&svr=BIDNJE10669&adsver=_156897652&adsabzcid=0&cls=BID&i0=0x3100000000000000&i1=0x41112100&ekefact=nVb-Zra2AgAp-5v49G9-4xR26Q25LAymoHGyAR61Te23qOK5&ekaxefact=nVb-Zry2AgBYpR_Kr7OZQ8f2u-wan8OYExar9ix3Z5XGQ1GH&ekpbmtpfact=nVb-ZsG2AgCPKbEnLg9_ZgxWbro8_LHUJVGUxBuPfqMycXVf&enpp=nVb-Zse2AgBXqyBw65ckE5tCTvbgzbv4tJryCvCnoyeXL2VL&pmr_m=nVb-Zsy2AgCf-fgx9OouOTW7ahU7aeAGK9Qzky5TzEmlSca1&mdsp=nVb-ZtC2AgCZ6kwsjYnJzOyKzyCO_n1QmcUKKsav7ppXzMzC&pfi=1&domId=15792293558594008061&dc=NJE1&pubBuyId=14924&crID=715499939722&lpu=ama-assn.org&ucrid=3907340797347378858&wAdType=10&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=2&wDspId=80&wbId=2&wrId=0&wAdvID=15028&wDspCampId=167711760161&isRTB=1&rtbId=529581DC-A877-49C3-A21C-9CC72D15B33FB&ver=21&dateHr=2024100308&usrgen=0&usryob=0&layeringebl=1&usrip=162.245.206.248&gctry=us&uid=0&mid=0&vph=250&wccookied=0&qpsladszid=681&oid=F33F2A41-AA74-4C60-83B6-5297C38127C5&country=US&cntryId=232&domain=controlc.com&sec=1&pAuSt=3&wops=0&sURL=controlc.com&BrID=5&te=1
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.95 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 03 Oct 2024 08:32:30 GMT
expires
0
pragma
no-cache
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
age
3413
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 08:35:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 07:35:37 GMT
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
630
x-xss-protection
0
server
sffe
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
age
2535
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 08:50:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 07:50:15 GMT
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1129
x-xss-protection
0
server
sffe
view
securepubads.g.doubleclick.net/pcs/ Frame CD3B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkkmgIOXB0dMDsOIbaQKjcrxZIKwzMq_C-qArjT8uf6pdAVmgApWvP_UTs1eXVYns-eA78iPYqtHayCMCbOT1BjrYEktzaxQ_lpVgW8KaCQ94jMkqBbXNZTF0pUcUiunCVfufrKyvvQpcRP4wLcm3-wUQ7-6gUcF8tLVGrbHR41OPmopoJ7R7mBzyU8Yq0Miz0W0-XErJC9cVRv1uGKkFeFrTN9924vkJE9gZBtpedeU7UDvFDX9BfCLDVjDvgt0ScYkqpUk1Df_p4EiN_yuT2uE8oKnOXTKCqxLw0GpGb-d8HaNwnU097N2Iom4iOiCo6NC9y8FKajr7_NykNCTU97j4ANbcWzqFTzQmhwWhR7w0yQ7X_Jh5kl-ar_90zO9QTgOCx_uNLoFSdAuZGC6rbiTvn6jTsBcXP_IJLqYwvPYXZV8qLV1HPBCUMDe3uY9olLL8&sai=AMfl-YQvZmyRVmcvEbYQ-0QNoQi84zkQ8pSK4yE8IbELRVNukykhJyPtK73J2hVT1iSvsgi9edSvpJl9Mj9-Z21hdx3AolWUcSaiCWZ-YVshfjRvQIH26HK8u5QYRWPA&sig=Cg0ArKJSzB7IIdpvoeEhEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 03 Oct 2024 08:32:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
infolinks_main.js
resources.infolinks.com/js/ Frame CD3B 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfaa838d915186f23c3ec5a536d2ec63f71d14653e791c7d7cdf6437c8f55807

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"1140-6238d529cc210"
age
4606
via
1.1 google
cf-ray
8ccb94fd79280ffb-LAX
expires
Thu, 03 Oct 2024 08:15:44 GMT
date
Thu, 03 Oct 2024 08:32:30 GMT
content-type
application/javascript
last-modified
Thu, 03 Oct 2024 07:15:43 GMT
vary
Accept-Encoding
server
cloudflare
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CD3B 		206 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

content-encoding
br
etag
7550679465687725357
age
1495
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 09:07:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 03 Oct 2024 08:07:35 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
65390
x-xss-protection
0
server
cafe
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2c9eca453aa7ce7daf2d71dbb6a3d134154488825d9e213de5413050289508ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://controlc.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 03 Oct 2024 08:32:30 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
frame_content.js
resources.infolinks.com/js/1959.008-4.010/ Frame CD3B 		2 KB
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1959.008-4.010/frame_content.js
Requested by
Host: controlc.com
URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b1a8fdbe6cb3b769f692a437da370b9941e8c72d54fb39e5e9b3eacccdf0111

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
max-age=2592000
content-encoding
br
cf-cache-status
HIT
etag
W/"95d-622c9b1df2905"
age
9242
via
1.1 google
cf-ray
8ccb94fdf9bb0ffb-LAX
expires
Sat, 02 Nov 2024 05:58:28 GMT
date
Thu, 03 Oct 2024 08:32:30 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 13:52:08 GMT
vary
Accept-Encoding
server
cloudflare
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD3B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 03 Oct 2024 08:32:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame CD3B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f3bc57a2717917947cad2ec0b4b07040e997776ee1059865f4f8494d3c2ff96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
ice.js
resources.infolinks.com/js/1959.008-4.010/ 		193 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1959.008-4.010/ice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/frame_content.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df9f9b78f713dce0353fa00d2f7758ce8afd5d2e62364fe2fb1d1a1cc6f7d10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
max-age=2592000
content-encoding
br
cf-cache-status
HIT
etag
W/"302da-622c9b1df157d"
age
9234
via
1.1 google
cf-ray
8ccb94fe8a5e0ffb-LAX
expires
Sat, 02 Nov 2024 05:58:36 GMT
date
Thu, 03 Oct 2024 08:32:30 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 13:52:08 GMT
vary
Accept-Encoding
server
cloudflare
frame_inplace.js
resources.infolinks.com/js/1959.008-4.010/ Frame CD3B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1959.008-4.010/frame_inplace.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/frame_content.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6a1eb5dce682f859d4bad99986e39efce56caf8be392017c391b4eca0fd36e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
max-age=2592000
content-encoding
br
cf-cache-status
HIT
etag
W/"be9-622c9b1df2905"
age
9242
via
1.1 google
cf-ray
8ccb94fe8a5f0ffb-LAX
expires
Sat, 02 Nov 2024 05:58:28 GMT
date
Thu, 03 Oct 2024 08:32:30 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 13:52:08 GMT
vary
Accept-Encoding
server
cloudflare
view
securepubads.g.doubleclick.net/pcs/ Frame CD3B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0O8uCqeC1cdaP0EYA4O4nf6bVVuNBUoaYrCfOvx9osVl3Kh791cnh7HJImVMl279v-tVy2PE_WWXr7HDE-RNmSltzxhP5qKBUNERWFUnJ2BB7v3d2X5cU5xywmSyHjaQR4fB-PWmRRecr5Zhe03rDuqNadVvXUOFOVhDFm4JEfIY-bdoIoZNEvGfFoPTfW4DeO83vorKtULAX-kjF65K9_xfByqJj1ySL2AC8RQG3ANjQkDqh00TNOLYl2NCGQygrWeRFf_1M3k3rY_U0BsZ_ZQpo5iiMrCBlhUt9kKX_ocBWCarCsU2ovaMw6-T7OxABCJj_lSGQYGQLd5OOTRlgPm1L2ydv_-vaAzZlxglWN8-2QxV-42nWc9OCY-q0XP_vXZGhPGfxOhXOwevUMoapkImvPqjMV2OqChw7MQf8D5Bm1cENMFM&sai=AMfl-YRHV8yGtX_RDdLvRcoZSlZyspt6sr5XdVH5WPHqXV0mfsv0g4-1CEMRtyJzlFN2lq2fZQ5xy-l-Jr3tZoknmpIsx0QqyWz2NTZgm6uB-Tv0uA-Vc-s_9f_v4-zm&sig=Cg0ArKJSzFDnU4-Wn2n3EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 08:32:30 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 03 Oct 2024 08:32:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
manage
router.infolinks.com/usync/ Frame F4A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3323352&wsid=0&pdom=controlc.com&purl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&usprivacy=1---
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
8ccb9500697b1000-LAX
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 03 Oct 2024 08:32:30 GMT
p3p
CP="NON DSP NID OUR COR"
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		283 B
295 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3323352&wsid=0&pdom=controlc.com&purl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&usprivacy=1---
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3eff6c5c11ba97dc172800d6bcd9dff907d0ed2a78cc978cdf75866b621aaeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-store
content-encoding
br
cf-cache-status
DYNAMIC
via
1.1 google
cf-ray
8ccb94ff9bad0ffb-LAX
p3p
CP="NON DSP NID OUR COR"
date
Thu, 03 Oct 2024 08:32:30 GMT
content-type
application/javascript;charset=ISO-8859-1
server
cloudflare
gsd
router.infolinks.com/ 		330 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3323352&pdom=controlc.com&purl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&jsv=1959.008-4.010&_cb=17279443505870
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7031d160601f0d765c12d44c9773caafb7dc03236c9196636bc4255174ebf501

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
max-age=0
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
via
1.1 google
cf-ray
8ccb94ff9bab0ffb-LAX
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP NID OUR COR"
date
Thu, 03 Oct 2024 08:32:30 GMT
content-type
text/javascript;charset=UTF-8
server
cloudflare
iqusync-1.32.min.js
resources.infolinks.com/static/usync/ 		2 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/usync/iqusync-1.32.min.js
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/lcmanage?pid=3323352&wsid=0&pdom=controlc.com&purl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&usprivacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ddba0922a45957701891711e9f25d998cb23fc853271bba573dc0bc96dc64fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
max-age=2592000
content-encoding
br
cf-cache-status
HIT
etag
W/"906-61fa30c166f78"
age
3124
via
1.1 google
cf-ray
8ccb95004c4a0ffb-LAX
expires
Sat, 02 Nov 2024 07:40:26 GMT
date
Thu, 03 Oct 2024 08:32:30 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 11:30:03 GMT
vary
Accept-Encoding
server
cloudflare
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
doq.htm
rt3044.infolinks.com/action/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3044.infolinks.com/action/doq.htm?pcode=utf-8&r=17279443507731
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d30a8fb7e80b506821fab9036063345f6e79410c8ab8f396c6975047a4f6f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://controlc.com/

Response headers

cache-control
no-cache,no-store
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8ccb950199ea7bb9-LAX
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://controlc.com
x-application-context
application:prod
p3p
CP="NON DSP NID OUR COR"
date
Thu, 03 Oct 2024 08:32:31 GMT
content-type
text/html;charset=UTF-8
vary
Origin
server
cloudflare
content-language
en-US
iquid-01.js
resources.infolinks.com/static/ 		68 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/iquid-01.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.32.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f60c8e46ff2161132091c8bdaf0628c161918a67a1d65854c21bc6bdff7eb91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
max-age=2592000
content-encoding
br
cf-cache-status
HIT
etag
W/"11007-613231dc726f9"
age
13561
via
1.1 google
cf-ray
8ccb9500bcd90ffb-LAX
expires
Sat, 02 Nov 2024 04:46:29 GMT
date
Thu, 03 Oct 2024 08:32:30 GMT
content-type
application/javascript
last-modified
Fri, 08 Mar 2024 09:50:04 GMT
vary
Accept-Encoding
server
cloudflare
ima.js
cdn-ima.33across.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.32.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
712369aef7db8ee613780ed94892762890345add2113c7749b2f03b819c0a4fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66ce363e-403e"
age
128951
cf-ray
8ccb9501becd311c-LAX
expires
Sun, 06 Oct 2024 08:32:31 GMT
date
Thu, 03 Oct 2024 08:32:31 GMT
content-type
application/javascript
last-modified
Tue, 27 Aug 2024 20:25:34 GMT
vary
Accept-Encoding
server
cloudflare
id5.js
resources.infolinks.com/static/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/id5.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.32.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
max-age=2592000
content-encoding
br
cf-cache-status
HIT
etag
W/"e65f-5f7cf3af5cbe1"
age
3553
via
1.1 google
cf-ray
8ccb9500bcdc0ffb-LAX
expires
Sat, 02 Nov 2024 07:33:17 GMT
date
Thu, 03 Oct 2024 08:32:30 GMT
content-type
application/javascript
last-modified
Sun, 26 Mar 2023 15:25:03 GMT
vary
Accept-Encoding
server
cloudflare
did-004d.min.js
d-code.liadm.com/ 		130 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d-code.liadm.com/did-004d.min.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.32.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:7e00:1c:2afd:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4c0118be63e8834d146eb74d5ba15532cc3a2e960327feb951b6139f80bd127c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
public,max-age=86400
content-encoding
gzip
age
55983
via
1.1 7bd20765fb335de036eff4682be365d4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
g2SBR7ybWerLjj54uOBlHVVqU11HBx3NU2TsD6BKUTrDTLhoXiu2Mw==
date
Wed, 02 Oct 2024 16:59:28 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-cf-pop
JFK52-P1
analytics
api.edkt.io/ 		0
149 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.edkt.io/analytics
Requested by
Host: cdn.edkt.io
URL: https://cdn.edkt.io/PV483g/edgekit.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Edkt-Load-Id
695244b3-6bfa-4e04-8e8b-397be70732fa
Referer
https://controlc.com/
X-Edkt-Api-Key
cdeffa51-8532-473f-8ba0-200d751fd73e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-max-age
86400
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
cache-id
LAX
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 03 Oct 2024 08:32:31 GMT
cache-status
uncacheable
x-cloud-trace-context
d38391a65813c932316010c1366e1cd3
vary
Origin
server
Google Frontend
content-type
text/html
analytics
api.edkt.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.edkt.io/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-edkt-api-key,x-edkt-load-id
Access-Control-Request-Method
POST
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-edkt-api-key,x-edkt-load-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-id
LAX
cache-status
uncacheable
content-length
0
content-type
text/html
date
Thu, 03 Oct 2024 08:32:31 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
84eebe2e89857842af15357d98b07b9c
/
hde.tynt.com/deb/ Frame 2159
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_pr...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1813
content-type
text/html
date
Thu, 03 Oct 2024 08:32:31 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Thu, 03 Oct 2024 08:32:30 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		111 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=328512134&pt=17&dpn=1&jsver=5.36&iiqidtype=2&iiqpcid=3de9e5ee-883a-40d7-9178-c2f7386788f0&iiqpciddate=1727944350896&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=626_1727944350896&fbp=2734018296&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/iquid-01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-127.jfk50.r.cloudfront.net
Software
/
Resource Hash
a68b5555f2e4db3454bca121bb60d255ff942e57985f3a7b1dfc1f9489dab1bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
x-amz-cf-id
ZlMMKG4nP8ecr6wy_WrGBH_4V6Pz7YelL_7_ab5S-_JD3qLkenFgRw==
date
Thu, 03 Oct 2024 08:32:31 GMT
content-type
text/html
vary
Origin
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me, DNT,X-CustomHeader,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control
patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 fdc88b576635a6d1858343ad162c44fc.cloudfront.net (CloudFront)
access-control-allow-origin
https://controlc.com
x-amz-cf-pop
JFK50-P2
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=396059&iiqidtype=2&iiqpcid=3de9e5ee-883a-40d7-9178-c2f7386788f0&iiqpciddate=1727944350896&tsrn...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=396059&iiqidtype=2&iiqpcid=3de9e5ee-883a-40d7-9178-c2f7386788f0&iiqpciddate=1727944350896&tsrn...
43 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=396059&iiqidtype=2&iiqpcid=3de9e5ee-883a-40d7-9178-c2f7386788f0&iiqpciddate=1727944350896&tsrnd=972_1727944350897&fbp=2734018296&jsver=5.36&abtp=100&abtg=A&ckls=true&ci=p9gIGDfHNo&nc=false&trid=307892844
Protocol
H2
Server
2600:9000:26fa:dc00:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 686217785c5aa257660a5a0c173f7be8.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 03 Oct 2024 08:32:31 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P1
x-amz-cf-id
Be5A4qPB6Fv-RrlM-ec199R7GMKCWzdSAf1JUzDlh5KIvMfYTRGWNQ==

Redirect headers

patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=396059&iiqidtype=2&iiqpcid=3de9e5ee-883a-40d7-9178-c2f7386788f0&iiqpciddate=1727944350896&tsrnd=972_1727944350897&fbp=2734018296&jsver=5.36&abtp=100&abtg=A&ckls=true&ci=p9gIGDfHNo&nc=false&trid=307892844
pragma
no-cache
via
1.1 686217785c5aa257660a5a0c173f7be8.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 03 Oct 2024 08:32:31 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P1
x-amz-cf-id
_EEVjG_aGGiy5eODKhwcnLIVEcUwfNVYwfdYM4rBPmLcS3lbwIqXMQ==
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/id5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
f9644de09906ff7b61ff5216efd323a7f59c4a43554522fb3ad5149b483fb7f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://controlc.com
date
Thu, 03 Oct 2024 08:32:31 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
cf-cache-status
HIT
etag
W/"326d6cbd977657e1205bd616d1f2faca"
age
2549
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Thu, 03 Oct 2024 09:32:28 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1193
date
Thu, 03 Oct 2024 08:32:28 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljs3ZeDVwWIuwOFfnxbaRieIGKsRGtDDL0OkM7t0OFGu_-KPwwgathOqcwiXEVwB7L1XyHU
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8ccb94f25d14100b-LAX
access-control-allow-origin
*
x-goog-generation
1599584677716817
server
cloudflare
envelope
lexicon.33across.com/v1/ 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.13.1&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://controlc.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Thu, 03 Oct 2024 08:32:31 GMT
content-type
application/json
vary
origin
container-4.0.html
resources.infolinks.com/static/ Frame D06A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/container-4.0.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
14127
cache-control
max-age=2592000
cf-cache-status
HIT
cf-ray
8ccb95026bd21000-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 03 Oct 2024 08:32:31 GMT
expires
Sat, 02 Nov 2024 04:37:04 GMT
last-modified
Mon, 18 Dec 2023 15:25:03 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 google
in_place.js
resources.infolinks.com/js/1959.008-4.010/ 		41 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1959.008-4.010/in_place.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a997a0e2ef776d90fd122ff35b872b388a17c3d086d125a7517f4256f9e7c2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
max-age=2592000
content-encoding
br
cf-cache-status
HIT
etag
W/"a46e-622c9b1df1d4d"
age
9240
via
1.1 google
cf-ray
8ccb95026e910ffb-LAX
expires
Sat, 02 Nov 2024 05:58:31 GMT
date
Thu, 03 Oct 2024 08:32:31 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 13:52:08 GMT
vary
Accept-Encoding
server
cloudflare
getads.htm
rt3044.infolinks.com/action/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3044.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22u_IL_INPLACE_controlc_sticky_footer_728x90%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22u%22%2C%22garc%22%3A0%2C%22as%22%3A%22728*90%22%2C%22sdata%22%3A%22privacy%20policy%22%2C%22scs%22%3A%22dVrWlkpzxy%22%7D%5D&rid=0ab65d14-8f67-45a1-bc03-fef8286cd28c&jsv=1959.008-4.010&sr=1600X1200&rts=1727944351155&cfv=-1&cb=getAdsResponse&os=Linux&ov=x86_64&br=Chrome&bv=129.0.0.0&dv=p&ce=t&purl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&tzo=-1000&c=c&strg=true&pitc=51~e0FyXj4mNOa-fk2rdYK_AblcZn8jfEO7&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=xpTm3Tk3yVM8d2sAHr3NO2uG0DeALf1Si7PLFETnrk-zXV6c-oiNz223Y_T_3aRWgp3z2QF2moF9PbfPMQsfB7Hd4C0mCnzEcwzBuApbuEXz3ezHqEnKDKUPqxwgdmN-SsyajI5IWy1MxiRKEAAXd3JWBElmXR6jQ2406aO_kXk&rsk=60&rcs=3pUC3pm2JrKEG6GOMDXWRg&cuid=890d8d6e-c8b8-4ae3-b871-95d8b7353801&usprivacy=1---&auhdrid=060ixe7ju6a65hicigj8bhbjf8jdl7a9lieuom2wi0e0ysuiuqw4gsgwo4wk02e60&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34ca6e141af02ad5870ffe703525e06e82573fefa255353c40124c3df5243b4c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache,no-store
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
cf-ray
8ccb9502ef100ffb-LAX
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-application-context
application:prod
p3p
CP="NON DSP NID OUR COR"
date
Thu, 03 Oct 2024 08:32:31 GMT
content-type
text/html;charset=UTF-8
content-language
en-US
server
cloudflare
any
idx.liadm.com/idex/did-004d/ 		459 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-004d/any?duid=f90009682691--01j98r4mqbwdpvg1wf9vbnmef8&did=did-004d&cd=.controlc.com&pu=https%3A%2F%2Fcontrolc.com%2F&gdpr=0&us_privacy=1---&resolve=nonId&resolve=uid2&resolve=index&resolve=openx&resolve=pubmatic&resolve=magnite&resolve=bidswitch&resolve=medianet&resolve=sovrn&resolve=connatix&resolve=thetradedesk
Requested by
Host: d-code.liadm.com
URL: https://d-code.liadm.com/did-004d.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.142.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-142-207.compute-1.amazonaws.com
Software
/
Resource Hash
33a7b22c5a697d510b9763824fc4357af4c10064fee8cea5f91a17bd0ced6d79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=86399, private
trace-id
97dee462039070f8
request-time
4
access-control-allow-credentials
true
expires
Fri, 04 Oct 2024 08:32:31 GMT
access-control-allow-origin
https://controlc.com
content-length
459
date
Thu, 03 Oct 2024 08:32:31 GMT
content-type
text/plain; charset=UTF-8
vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame CD3B 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzQOcRkI5WfErOjNG-lEPbKT5j0mujMFkAe86XeLqE5m4ITCvMWT3XGX5G9HdA9yWwhFswZH3zQLiNw0G8LJ5ZK8Pm8BVDLP6UdibZDedn3ca2vhl0UNSSrWW6zI1xSU7enL8lXwXopVLiabNAQOqqiXkJ6JDTCcB31mA_qL_QfN3vQGqQw6-GLqk_uVQHwYF6Ow&sig=Cg0ArKJSzDDDM7wHj78WEAE&id=lidar2&mcvt=1000&p=1110,417,1200,1145&tm=1100.2999992370605&tu=100&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240930&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=78061733&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2387715000&rst=1727944350105&rpt=425&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 03 Oct 2024 08:32:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
535.json
id5-sync.com/g/v2/ 		638 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/535.json
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/id5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
92e0169558da5873e19b4dd4503c83cf6edf71b6ffc435d04e3938a2e5dcfee9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://controlc.com
p3p
CP="CAO PSA OUR"
date
Thu, 03 Oct 2024 08:32:32 GMT
content-type
application/json
vary
Origin
dcl.htm
rt3044.infolinks.com/action/ 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3044.infolinks.com/action/dcl.htm?rid=0ab65d14-8f67-45a1-bc03-fef8286cd28c&jsv=1959.008-4.010&capara=%7B%22error%22%3A%22ICE_HB%20was%20not%20found%20on%20window%20-%20init%20not%20fired.%22%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache,no-store
cf-cache-status
DYNAMIC
pragma
no-cache
cf-ray
8ccb9505da4a0ffb-LAX
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-application-context
application:prod
content-length
0
date
Thu, 03 Oct 2024 08:32:31 GMT
content-type
text/html;charset=UTF-8
server
cloudflare
pixel
googleads.g.doubleclick.net/xbbe/ Frame E734 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARio-uKYAjAB&v=APEucNX6CGskChgtrUhRZ-ZSP1CjFHxw2NFOOrBAMG5lnEX4rZW68XCuyqUnGJligwskjPZAwftKbFA1ISc_xjnOB90jdqTflg
Requested by
Host: blank
URL: about:blank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 03 Oct 2024 08:32:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38C2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DIUaUg3s2cCX7Dm_v2gILl4l32HoQTUsupCfGY-2WMi5tLlQhSAoItGycuykX2ZdOYv_qQ6n4ivW2_24AuLkQvkbPOIQV6-kpYQFicTecJ9GL9Ajw
Requested by
Host: blank
URL: about:blank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 03 Oct 2024 08:32:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 38C2 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: blank
URL: about:blank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
40b3b4542e4d05f6bbd68e7eba6d424abffd64fb9cc3ba8c8c9c932f088c787a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
7604220631266208939
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 08:32:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 03 Oct 2024 08:32:31 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
39061
x-xss-protection
0
server
cafe
adview.htm
rt3044.infolinks.com/action/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3044.infolinks.com/action/adview.htm?rid=0ab65d14-8f67-45a1-bc03-fef8286cd28c&bdc=1&midx=0&emd=NzEzfjIyOTg3X251bGx-NTg4ODIzODQ4&rts=1727944351637&prod_t=u&jsv=1959.008-4.010&sdata=privacy%20policy&scs=dVrWlkpzxy&rsd=xpTm3Tk3yVM8d2sAHr3NO2uG0DeALf1Si7PLFETnrk-zXV6c-oiNz223Y_T_3aRWgp3z2QF2moF9PbfPMQsfB7Hd4C0mCnzEcwzBuApbuEXz3ezHqEnKDKUPqxwgdmN-SsyajI5IWy1MxiRKEAAXd3JWBElmXR6jQ2406aO_kXk&rsk=60&rcs=3pUC3pm2JrKEG6GOMDXWRg
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache,no-store
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8ccb9505ed867bb9-LAX
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://controlc.com
x-application-context
application:prod
content-length
0
date
Thu, 03 Oct 2024 08:32:31 GMT
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
vary
Origin
server
cloudflare
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38C2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4819974153497&version=m202408260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 03 Oct 2024 08:32:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38C2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4819974153497&version=m202408260101&ct=76&x=6&cor=8028163047495298000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 03 Oct 2024 08:32:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ad
googleads.g.doubleclick.net/dbm/ Frame 38C2 		88 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ce3lhisEzrL4mc_ce-gQ3JNKMkKkoeNZweglRes8aXN4hLaCB_c68szwZ7flZU2pttmjEU61wglTTv-XVHim8Z6uARy4kbu0Me64YwJaHNUhKGpjvMAJiGQBQa7ls0v6FdIMG-D9hJ3ZZ9vpPKN2N5Y8VgHhFhscKGYWZbmLuk3Lv5pNFxH33lSzJzQEdPKaYfA4Rmh1MseaShbFCzR93syBn-K1D7uSMiV0i5hvVGs63i81g&dbm_d=AKAmf-Cezm_1T0_gCtzWUGwfyUzLGk9R4xgoE5jlIZhP_wFius-CIjrfSWCo87MWR6B6MUV6xuX3HIw0IULwwl0tcpAl2poCuv1O0jAEy54SU60UM1iIY7iOpbodQmSQNZA8dHIA7Em8aKoJJixj3vtJ4CgaJV_hQzAr4p7rxCCUvNyEoIKaLFruh11VRJdBhBGswHqfyZpxPX4UNyIdg5lgnwM6_7L1tIfscP_mTZs7RuYZt5UJb9X8-ReXtpihiWLXqL_eIVTlRoPFGynlDV7htHwFfMM8ILPSd_if0vVmNVfr2iXSKNxwIJ9ew-KSBSyxEVIOMNtVwvCzdlPoOMmWjXDp2SjMVdKDvFcu3XRrbofnfzspIIZye2Yc5qXthyDyeNntgW5QjWtVrGcYj3H3yCrD6TAaWVx63l1VP5CP2x7hCVYRG7aMPvLKBI5rK__gRgapNW8KCgs4DZHYBFD9xwXvzp3edSBF0odS3CiasCbspvpKJb7SqsLpIB22DE6DKJGl_1qzb_UoL2ckM6graO5YePb0XDFgVQZKdaK_HeNbgW84xVVdxs6RtEv5KSZwi0p6t5ou3EXML90jT1UT2MIHteL3P3b_y8Wh-Nxdxx-BczneDWSFMammDC3K9kRK5yVBJDWAcYwJGThf1CYYH3Zpje3cC-yMrY4kefLhv1-jaCP8HTynCGgbYMusVpQ6fcccj9sfy6zf6sXrTodkOkiHSvHZJY7p3JozVxij6fAarM0BjNJNUUtZ4Ynw6hHACVn1wP4nfk_9xICBfEIoFTzwRCvlr4_BtJEOAIHOpmtgnByywi9e1KFT9hXuxGy4b-o01YxUHfWrwE_K4AlQN_Mn1gGBzzZEaINLN8wKC1zlaIm65Kf38VWfywBePAO444FrfkzQ85hrjkDdooHDEmJk9CwDKVWU2VC-mY1Bn3LiSHLwBGwUxA_mxiY6e9EYbbTDUNgIesxfIg22LK4tsYYH9nKMLju7by-A1cFy1zW2bggfw_BmgNV8omNh17Fw0Jtb5MQhsHczlGwvZ7X4losWjAJEuW8joLKx6VNKyioVNul4G4CpO-LXhYRDqaS3ZwDBrZT6LLTLIVDlld-HCfKJdHi_HNepBNat7qZDCtl4LBWi4vKqTg3Y_6-Phh4Aq99YccLbY4DNWPJnH9uYJQAIpIn__K4Xtprdccz6ZC7vOwkbZcWFPpkDsIJd_s8fD3t88-UVN3ZlIjgdnqAL9ePLTCZLNsqhyc9YpaQmFaC3UzdHHu5b9D3JVhyG2sJ3xI34zW9mUnSn1NPcXCoj1qNVRNWxb7_zA388Hj-6pMBp40QBD3A7F0g110t5ebpB0cI2DkVQuxj4woLwiL_HZqn4hSWBmGvcjkLbbnUVzP-sfGFuE-qQYdKhWwZDaKgBA7jgUSrwryWN3gjw-C-RjwyAw0zWA7Xh9PPWZy_3SSxK68bQxNojxQ1T2zvpE-XsuKD2vGREisvExCiZcW7wiqQ-uXtpILZgl3RCwK2S-UsGqX55XtcUDDL_C8kfNN2HW42IN7EyOt_I0PCB-4btPskCQbFGaTaHzcT0VrRfnZ3rZoeLqYwo_XLjt-oJgPaO8pSkKQQwRB3-5d5SGQxjelESfhtof-zB3IfEyfCa8DJkaLv4meQwSEXVna66hMDco9F3Es6eYyijWYPA-xjg8zBIx5VM_eFl2YKczIf0BGNk9b0vzAHOHiujQ99GLaU-jlEqSrCHfQs8E7eQJx9agXR_Zvrhq6a4ntGjlGp55Yf0XnwqiKEuecsaQ1PjzJXB4eHXNeTlSy-2UB_uj-gS91ThDr4iJpFqhthGPkfSjM-YtWrJtmDgSX0wPlqR9R7Oxowfa6Q4mB17EPq4VW0J0Pa4zDfcycFz4OeyrSYUHiu40MdUbv1a_A5F5Cy9LFAMwbF06s95SitcEZvKzkEUP-w1ew2uZs6DXPP28uwZUS5Dxi-XftvFMFs8ZWrGa7F1btySK8NDv0ZrzxCmMfUEOlkB1V_ctz4YCVim6WPRZoCcFZbvSCMH2YBSGTcsVeQwkbu-dIzIiwVyexat7ApyD-hyk6mP9AwHJ7seU2ufH-92ckZ9DhNqpVoJg-Lbsc1k0L9ZvWegHIpobNlmPepFb-68igbXYwbNogmy6v_uF6YKR7y-kWVIeVD1OOGK5tFAMnhcDyAgFBKkC20_zquOP3VBLgHPmkOQZUN-ebQSKzqGDhur3SOR6Nfkp_FbhPNUF-A3CbvY2LEHx5XB0hhr0NZerCVP8pKadHSxdRzhCVTp4RD_nNYEdSwvvrQLT8lIB_Y7CuixUDBLOP1zCjyiUDKWN8bxW-wYKmn327TT1Xrqbbkn-shy6OZjSG0s1lBqnyWUCl9MmY4jIIPvrXKk9J2xAwytOqTLCrieRGKRa6N3D-ICKqCimxnWVOEEjIM_jD8F-YPVXTmBxopjYUPCUgzWjL1sV0Bp9Q3rlD2Q5housAzmM83Ju7dabnd0b0Sg0u91H2BZ7lTITdmtIaCBTiKk7E5l-HHxwcQNsUUkMOTcFQkXsGWi4LFqt4jIF--EELYgH5BbqOiB7aQ-ffUSBOYBsFi7A8FIF2jKjp6A2tkQ_LQCiZNiQE9BbVUSa6kfVA97KEFv1CS9XZ4hLJP7bmffoAL3e1VPs26UCEdeJLiL1H2_5Zf5dXcybNfuwIN7dMsNqvCJyAeyg2p_p1Qxc2V_eop6JbrDI07jZiHKZhwCdqJUewSDZhxFmhus05mH_7dhrqjBhq1coKdPslzc2QMO4MxOUjd6VQd8ii5snTjatAX7qVy4EGrpPmV1hrYCM_D_X5bGNBvMzpAPxtVckwfCSLD-7z_EEA2dD2q0XxGbNA-XiY1e5UVyIp9qtex0rnH87rOnE40QBsFjsYqQ36kHs9uIZtfBwYoDiSccMNfsoMZxwraNGyaz6zK9IXFc79K0Kzx8pJu3-0LkvVcey4chAoLL95ZWtjRABRpJoF9PVWqzZE8zrHk3_I0iCGCAx6HMdbijigVNxO4uFRAuVre82PnzYmIH0IlE6pyFjZvTDP1imP_4uaug-z7YGnNS1MponCornJlw_94rPpJS0qq73Rxl0mg8XSkaJfBC39XD4cYWt2kn8wKAEZ15cankOIrSz5qeXPlekkuC9XK7nPZP9b9twzqL1i6sVHWU67hN_qGb-MTC-nwvZUHYdG3W5JyhX9xww6w1AVAJs4dB2S0AjvT0n8WGbx6Pj1yNa0TDdnmcnMNPxSUOOfpwUGG7mG3EAzUxXezcKTQ2cY9ZBNH06AH-vyv6l7KCUAyyGTr9KvW6RZLdZ9a3cnLjpEWZQMnPxediumKR6LukbRI6p4JDu83q00vS1_XW05oE6Yr2npDgNQ2HNuBS6OLaI1GVyBJZmFl5TE579wzVwk229yly-ejAWVK6jNaRKtc3nFJCrGANxOVdw5iYLAOe317-gl7XZN9S7BKmnibWabUQBrvbaV1m5u5d9PtXP6nIt6ZsdkjnwzLoQa8Lagm_AgxhEBeD5qL5zRbtmej2aQ-Yos8G4Vya7yo5qLclIO_dyui5bTele2cuyPJ6JbgpTKkwGe-YuokS&pr=6%3A0.478400&cid=CAQSQADpaXnfuoCJmTf4saHGzxoCT_s_Hbdtz849_faMOTgBFjQzrAWXWoQiUYeX6oYbCVFW1YIhbT-sE4B4TLXswLYYAQ&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1Njg3MiZzaXRlSWQ9Mjg0OTgyJmFkSWQ9MTM3MzgzMyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE1MTUxNDMzNzMxMjYyNjkxNzkyJmFkU2VydmVySWQ9MjQzJmltcGlkPTRFNDE2OTA4LUE3OUYtNERCOC1BNjVDLUIzMjRFREEzRDc1QiZwYXNzYmFjaz0w_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202408260101&nel=1&rfl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ds=l&xdt=0&iif=1&cor=8028163047495298000&adk=789851058&idt=165&cac=0&dtd=34
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f155.1e100.net
Software
cafe /
Resource Hash
6e7a09dc648c125ad958d1465bcab558ee19b62b1ad3dd7d7b3fc9af795c7ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
41369
date
Thu, 03 Oct 2024 08:32:31 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
setuid
s2s.t13.io/
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%2...
  • https://s2s.t13.io/setuid?bidder=smartadserver&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1681707399010623644
86 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=smartadserver&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1681707399010623644
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 08:32:32 GMT
content-type
image/png

Redirect headers

date
Thu, 03 Oct 2024 08:32:31 GMT
location
https://s2s.t13.io/setuid?bidder=smartadserver&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=1681707399010623644
content-length
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20241001/r20110914/ Frame 38C2 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241001/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ce3lhisEzrL4mc_ce-gQ3JNKMkKkoeNZweglRes8aXN4hLaCB_c68szwZ7flZU2pttmjEU61wglTTv-XVHim8Z6uARy4kbu0Me64YwJaHNUhKGpjvMAJiGQBQa7ls0v6FdIMG-D9hJ3ZZ9vpPKN2N5Y8VgHhFhscKGYWZbmLuk3Lv5pNFxH33lSzJzQEdPKaYfA4Rmh1MseaShbFCzR93syBn-K1D7uSMiV0i5hvVGs63i81g&dbm_d=AKAmf-Cezm_1T0_gCtzWUGwfyUzLGk9R4xgoE5jlIZhP_wFius-CIjrfSWCo87MWR6B6MUV6xuX3HIw0IULwwl0tcpAl2poCuv1O0jAEy54SU60UM1iIY7iOpbodQmSQNZA8dHIA7Em8aKoJJixj3vtJ4CgaJV_hQzAr4p7rxCCUvNyEoIKaLFruh11VRJdBhBGswHqfyZpxPX4UNyIdg5lgnwM6_7L1tIfscP_mTZs7RuYZt5UJb9X8-ReXtpihiWLXqL_eIVTlRoPFGynlDV7htHwFfMM8ILPSd_if0vVmNVfr2iXSKNxwIJ9ew-KSBSyxEVIOMNtVwvCzdlPoOMmWjXDp2SjMVdKDvFcu3XRrbofnfzspIIZye2Yc5qXthyDyeNntgW5QjWtVrGcYj3H3yCrD6TAaWVx63l1VP5CP2x7hCVYRG7aMPvLKBI5rK__gRgapNW8KCgs4DZHYBFD9xwXvzp3edSBF0odS3CiasCbspvpKJb7SqsLpIB22DE6DKJGl_1qzb_UoL2ckM6graO5YePb0XDFgVQZKdaK_HeNbgW84xVVdxs6RtEv5KSZwi0p6t5ou3EXML90jT1UT2MIHteL3P3b_y8Wh-Nxdxx-BczneDWSFMammDC3K9kRK5yVBJDWAcYwJGThf1CYYH3Zpje3cC-yMrY4kefLhv1-jaCP8HTynCGgbYMusVpQ6fcccj9sfy6zf6sXrTodkOkiHSvHZJY7p3JozVxij6fAarM0BjNJNUUtZ4Ynw6hHACVn1wP4nfk_9xICBfEIoFTzwRCvlr4_BtJEOAIHOpmtgnByywi9e1KFT9hXuxGy4b-o01YxUHfWrwE_K4AlQN_Mn1gGBzzZEaINLN8wKC1zlaIm65Kf38VWfywBePAO444FrfkzQ85hrjkDdooHDEmJk9CwDKVWU2VC-mY1Bn3LiSHLwBGwUxA_mxiY6e9EYbbTDUNgIesxfIg22LK4tsYYH9nKMLju7by-A1cFy1zW2bggfw_BmgNV8omNh17Fw0Jtb5MQhsHczlGwvZ7X4losWjAJEuW8joLKx6VNKyioVNul4G4CpO-LXhYRDqaS3ZwDBrZT6LLTLIVDlld-HCfKJdHi_HNepBNat7qZDCtl4LBWi4vKqTg3Y_6-Phh4Aq99YccLbY4DNWPJnH9uYJQAIpIn__K4Xtprdccz6ZC7vOwkbZcWFPpkDsIJd_s8fD3t88-UVN3ZlIjgdnqAL9ePLTCZLNsqhyc9YpaQmFaC3UzdHHu5b9D3JVhyG2sJ3xI34zW9mUnSn1NPcXCoj1qNVRNWxb7_zA388Hj-6pMBp40QBD3A7F0g110t5ebpB0cI2DkVQuxj4woLwiL_HZqn4hSWBmGvcjkLbbnUVzP-sfGFuE-qQYdKhWwZDaKgBA7jgUSrwryWN3gjw-C-RjwyAw0zWA7Xh9PPWZy_3SSxK68bQxNojxQ1T2zvpE-XsuKD2vGREisvExCiZcW7wiqQ-uXtpILZgl3RCwK2S-UsGqX55XtcUDDL_C8kfNN2HW42IN7EyOt_I0PCB-4btPskCQbFGaTaHzcT0VrRfnZ3rZoeLqYwo_XLjt-oJgPaO8pSkKQQwRB3-5d5SGQxjelESfhtof-zB3IfEyfCa8DJkaLv4meQwSEXVna66hMDco9F3Es6eYyijWYPA-xjg8zBIx5VM_eFl2YKczIf0BGNk9b0vzAHOHiujQ99GLaU-jlEqSrCHfQs8E7eQJx9agXR_Zvrhq6a4ntGjlGp55Yf0XnwqiKEuecsaQ1PjzJXB4eHXNeTlSy-2UB_uj-gS91ThDr4iJpFqhthGPkfSjM-YtWrJtmDgSX0wPlqR9R7Oxowfa6Q4mB17EPq4VW0J0Pa4zDfcycFz4OeyrSYUHiu40MdUbv1a_A5F5Cy9LFAMwbF06s95SitcEZvKzkEUP-w1ew2uZs6DXPP28uwZUS5Dxi-XftvFMFs8ZWrGa7F1btySK8NDv0ZrzxCmMfUEOlkB1V_ctz4YCVim6WPRZoCcFZbvSCMH2YBSGTcsVeQwkbu-dIzIiwVyexat7ApyD-hyk6mP9AwHJ7seU2ufH-92ckZ9DhNqpVoJg-Lbsc1k0L9ZvWegHIpobNlmPepFb-68igbXYwbNogmy6v_uF6YKR7y-kWVIeVD1OOGK5tFAMnhcDyAgFBKkC20_zquOP3VBLgHPmkOQZUN-ebQSKzqGDhur3SOR6Nfkp_FbhPNUF-A3CbvY2LEHx5XB0hhr0NZerCVP8pKadHSxdRzhCVTp4RD_nNYEdSwvvrQLT8lIB_Y7CuixUDBLOP1zCjyiUDKWN8bxW-wYKmn327TT1Xrqbbkn-shy6OZjSG0s1lBqnyWUCl9MmY4jIIPvrXKk9J2xAwytOqTLCrieRGKRa6N3D-ICKqCimxnWVOEEjIM_jD8F-YPVXTmBxopjYUPCUgzWjL1sV0Bp9Q3rlD2Q5housAzmM83Ju7dabnd0b0Sg0u91H2BZ7lTITdmtIaCBTiKk7E5l-HHxwcQNsUUkMOTcFQkXsGWi4LFqt4jIF--EELYgH5BbqOiB7aQ-ffUSBOYBsFi7A8FIF2jKjp6A2tkQ_LQCiZNiQE9BbVUSa6kfVA97KEFv1CS9XZ4hLJP7bmffoAL3e1VPs26UCEdeJLiL1H2_5Zf5dXcybNfuwIN7dMsNqvCJyAeyg2p_p1Qxc2V_eop6JbrDI07jZiHKZhwCdqJUewSDZhxFmhus05mH_7dhrqjBhq1coKdPslzc2QMO4MxOUjd6VQd8ii5snTjatAX7qVy4EGrpPmV1hrYCM_D_X5bGNBvMzpAPxtVckwfCSLD-7z_EEA2dD2q0XxGbNA-XiY1e5UVyIp9qtex0rnH87rOnE40QBsFjsYqQ36kHs9uIZtfBwYoDiSccMNfsoMZxwraNGyaz6zK9IXFc79K0Kzx8pJu3-0LkvVcey4chAoLL95ZWtjRABRpJoF9PVWqzZE8zrHk3_I0iCGCAx6HMdbijigVNxO4uFRAuVre82PnzYmIH0IlE6pyFjZvTDP1imP_4uaug-z7YGnNS1MponCornJlw_94rPpJS0qq73Rxl0mg8XSkaJfBC39XD4cYWt2kn8wKAEZ15cankOIrSz5qeXPlekkuC9XK7nPZP9b9twzqL1i6sVHWU67hN_qGb-MTC-nwvZUHYdG3W5JyhX9xww6w1AVAJs4dB2S0AjvT0n8WGbx6Pj1yNa0TDdnmcnMNPxSUOOfpwUGG7mG3EAzUxXezcKTQ2cY9ZBNH06AH-vyv6l7KCUAyyGTr9KvW6RZLdZ9a3cnLjpEWZQMnPxediumKR6LukbRI6p4JDu83q00vS1_XW05oE6Yr2npDgNQ2HNuBS6OLaI1GVyBJZmFl5TE579wzVwk229yly-ejAWVK6jNaRKtc3nFJCrGANxOVdw5iYLAOe317-gl7XZN9S7BKmnibWabUQBrvbaV1m5u5d9PtXP6nIt6ZsdkjnwzLoQa8Lagm_AgxhEBeD5qL5zRbtmej2aQ-Yos8G4Vya7yo5qLclIO_dyui5bTele2cuyPJ6JbgpTKkwGe-YuokS&pr=6%3A0.478400&cid=CAQSQADpaXnfuoCJmTf4saHGzxoCT_s_Hbdtz849_faMOTgBFjQzrAWXWoQiUYeX6oYbCVFW1YIhbT-sE4B4TLXswLYYAQ&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1Njg3MiZzaXRlSWQ9Mjg0OTgyJmFkSWQ9MTM3MzgzMyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE1MTUxNDMzNzMxMjYyNjkxNzkyJmFkU2VydmVySWQ9MjQzJmltcGlkPTRFNDE2OTA4LUE3OUYtNERCOC1BNjVDLUIzMjRFREEzRDc1QiZwYXNzYmFjaz0w_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202408260101&nel=1&rfl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ds=l&xdt=0&iif=1&cor=8028163047495298000&adk=789851058&idt=165&cac=0&dtd=34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
51d7ab26f75ddc39c88182b6ed612ff26a9088ad35b7409ee4f582df4d9fcff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
12148185721316583427
age
64615
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 14:35:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 02 Oct 2024 14:35:37 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
11908
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 38C2 		206 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ce3lhisEzrL4mc_ce-gQ3JNKMkKkoeNZweglRes8aXN4hLaCB_c68szwZ7flZU2pttmjEU61wglTTv-XVHim8Z6uARy4kbu0Me64YwJaHNUhKGpjvMAJiGQBQa7ls0v6FdIMG-D9hJ3ZZ9vpPKN2N5Y8VgHhFhscKGYWZbmLuk3Lv5pNFxH33lSzJzQEdPKaYfA4Rmh1MseaShbFCzR93syBn-K1D7uSMiV0i5hvVGs63i81g&dbm_d=AKAmf-Cezm_1T0_gCtzWUGwfyUzLGk9R4xgoE5jlIZhP_wFius-CIjrfSWCo87MWR6B6MUV6xuX3HIw0IULwwl0tcpAl2poCuv1O0jAEy54SU60UM1iIY7iOpbodQmSQNZA8dHIA7Em8aKoJJixj3vtJ4CgaJV_hQzAr4p7rxCCUvNyEoIKaLFruh11VRJdBhBGswHqfyZpxPX4UNyIdg5lgnwM6_7L1tIfscP_mTZs7RuYZt5UJb9X8-ReXtpihiWLXqL_eIVTlRoPFGynlDV7htHwFfMM8ILPSd_if0vVmNVfr2iXSKNxwIJ9ew-KSBSyxEVIOMNtVwvCzdlPoOMmWjXDp2SjMVdKDvFcu3XRrbofnfzspIIZye2Yc5qXthyDyeNntgW5QjWtVrGcYj3H3yCrD6TAaWVx63l1VP5CP2x7hCVYRG7aMPvLKBI5rK__gRgapNW8KCgs4DZHYBFD9xwXvzp3edSBF0odS3CiasCbspvpKJb7SqsLpIB22DE6DKJGl_1qzb_UoL2ckM6graO5YePb0XDFgVQZKdaK_HeNbgW84xVVdxs6RtEv5KSZwi0p6t5ou3EXML90jT1UT2MIHteL3P3b_y8Wh-Nxdxx-BczneDWSFMammDC3K9kRK5yVBJDWAcYwJGThf1CYYH3Zpje3cC-yMrY4kefLhv1-jaCP8HTynCGgbYMusVpQ6fcccj9sfy6zf6sXrTodkOkiHSvHZJY7p3JozVxij6fAarM0BjNJNUUtZ4Ynw6hHACVn1wP4nfk_9xICBfEIoFTzwRCvlr4_BtJEOAIHOpmtgnByywi9e1KFT9hXuxGy4b-o01YxUHfWrwE_K4AlQN_Mn1gGBzzZEaINLN8wKC1zlaIm65Kf38VWfywBePAO444FrfkzQ85hrjkDdooHDEmJk9CwDKVWU2VC-mY1Bn3LiSHLwBGwUxA_mxiY6e9EYbbTDUNgIesxfIg22LK4tsYYH9nKMLju7by-A1cFy1zW2bggfw_BmgNV8omNh17Fw0Jtb5MQhsHczlGwvZ7X4losWjAJEuW8joLKx6VNKyioVNul4G4CpO-LXhYRDqaS3ZwDBrZT6LLTLIVDlld-HCfKJdHi_HNepBNat7qZDCtl4LBWi4vKqTg3Y_6-Phh4Aq99YccLbY4DNWPJnH9uYJQAIpIn__K4Xtprdccz6ZC7vOwkbZcWFPpkDsIJd_s8fD3t88-UVN3ZlIjgdnqAL9ePLTCZLNsqhyc9YpaQmFaC3UzdHHu5b9D3JVhyG2sJ3xI34zW9mUnSn1NPcXCoj1qNVRNWxb7_zA388Hj-6pMBp40QBD3A7F0g110t5ebpB0cI2DkVQuxj4woLwiL_HZqn4hSWBmGvcjkLbbnUVzP-sfGFuE-qQYdKhWwZDaKgBA7jgUSrwryWN3gjw-C-RjwyAw0zWA7Xh9PPWZy_3SSxK68bQxNojxQ1T2zvpE-XsuKD2vGREisvExCiZcW7wiqQ-uXtpILZgl3RCwK2S-UsGqX55XtcUDDL_C8kfNN2HW42IN7EyOt_I0PCB-4btPskCQbFGaTaHzcT0VrRfnZ3rZoeLqYwo_XLjt-oJgPaO8pSkKQQwRB3-5d5SGQxjelESfhtof-zB3IfEyfCa8DJkaLv4meQwSEXVna66hMDco9F3Es6eYyijWYPA-xjg8zBIx5VM_eFl2YKczIf0BGNk9b0vzAHOHiujQ99GLaU-jlEqSrCHfQs8E7eQJx9agXR_Zvrhq6a4ntGjlGp55Yf0XnwqiKEuecsaQ1PjzJXB4eHXNeTlSy-2UB_uj-gS91ThDr4iJpFqhthGPkfSjM-YtWrJtmDgSX0wPlqR9R7Oxowfa6Q4mB17EPq4VW0J0Pa4zDfcycFz4OeyrSYUHiu40MdUbv1a_A5F5Cy9LFAMwbF06s95SitcEZvKzkEUP-w1ew2uZs6DXPP28uwZUS5Dxi-XftvFMFs8ZWrGa7F1btySK8NDv0ZrzxCmMfUEOlkB1V_ctz4YCVim6WPRZoCcFZbvSCMH2YBSGTcsVeQwkbu-dIzIiwVyexat7ApyD-hyk6mP9AwHJ7seU2ufH-92ckZ9DhNqpVoJg-Lbsc1k0L9ZvWegHIpobNlmPepFb-68igbXYwbNogmy6v_uF6YKR7y-kWVIeVD1OOGK5tFAMnhcDyAgFBKkC20_zquOP3VBLgHPmkOQZUN-ebQSKzqGDhur3SOR6Nfkp_FbhPNUF-A3CbvY2LEHx5XB0hhr0NZerCVP8pKadHSxdRzhCVTp4RD_nNYEdSwvvrQLT8lIB_Y7CuixUDBLOP1zCjyiUDKWN8bxW-wYKmn327TT1Xrqbbkn-shy6OZjSG0s1lBqnyWUCl9MmY4jIIPvrXKk9J2xAwytOqTLCrieRGKRa6N3D-ICKqCimxnWVOEEjIM_jD8F-YPVXTmBxopjYUPCUgzWjL1sV0Bp9Q3rlD2Q5housAzmM83Ju7dabnd0b0Sg0u91H2BZ7lTITdmtIaCBTiKk7E5l-HHxwcQNsUUkMOTcFQkXsGWi4LFqt4jIF--EELYgH5BbqOiB7aQ-ffUSBOYBsFi7A8FIF2jKjp6A2tkQ_LQCiZNiQE9BbVUSa6kfVA97KEFv1CS9XZ4hLJP7bmffoAL3e1VPs26UCEdeJLiL1H2_5Zf5dXcybNfuwIN7dMsNqvCJyAeyg2p_p1Qxc2V_eop6JbrDI07jZiHKZhwCdqJUewSDZhxFmhus05mH_7dhrqjBhq1coKdPslzc2QMO4MxOUjd6VQd8ii5snTjatAX7qVy4EGrpPmV1hrYCM_D_X5bGNBvMzpAPxtVckwfCSLD-7z_EEA2dD2q0XxGbNA-XiY1e5UVyIp9qtex0rnH87rOnE40QBsFjsYqQ36kHs9uIZtfBwYoDiSccMNfsoMZxwraNGyaz6zK9IXFc79K0Kzx8pJu3-0LkvVcey4chAoLL95ZWtjRABRpJoF9PVWqzZE8zrHk3_I0iCGCAx6HMdbijigVNxO4uFRAuVre82PnzYmIH0IlE6pyFjZvTDP1imP_4uaug-z7YGnNS1MponCornJlw_94rPpJS0qq73Rxl0mg8XSkaJfBC39XD4cYWt2kn8wKAEZ15cankOIrSz5qeXPlekkuC9XK7nPZP9b9twzqL1i6sVHWU67hN_qGb-MTC-nwvZUHYdG3W5JyhX9xww6w1AVAJs4dB2S0AjvT0n8WGbx6Pj1yNa0TDdnmcnMNPxSUOOfpwUGG7mG3EAzUxXezcKTQ2cY9ZBNH06AH-vyv6l7KCUAyyGTr9KvW6RZLdZ9a3cnLjpEWZQMnPxediumKR6LukbRI6p4JDu83q00vS1_XW05oE6Yr2npDgNQ2HNuBS6OLaI1GVyBJZmFl5TE579wzVwk229yly-ejAWVK6jNaRKtc3nFJCrGANxOVdw5iYLAOe317-gl7XZN9S7BKmnibWabUQBrvbaV1m5u5d9PtXP6nIt6ZsdkjnwzLoQa8Lagm_AgxhEBeD5qL5zRbtmej2aQ-Yos8G4Vya7yo5qLclIO_dyui5bTele2cuyPJ6JbgpTKkwGe-YuokS&pr=6%3A0.478400&cid=CAQSQADpaXnfuoCJmTf4saHGzxoCT_s_Hbdtz849_faMOTgBFjQzrAWXWoQiUYeX6oYbCVFW1YIhbT-sE4B4TLXswLYYAQ&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1Njg3MiZzaXRlSWQ9Mjg0OTgyJmFkSWQ9MTM3MzgzMyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE1MTUxNDMzNzMxMjYyNjkxNzkyJmFkU2VydmVySWQ9MjQzJmltcGlkPTRFNDE2OTA4LUE3OUYtNERCOC1BNjVDLUIzMjRFREEzRDc1QiZwYXNzYmFjaz0w_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202408260101&nel=1&rfl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ds=l&xdt=0&iif=1&cor=8028163047495298000&adk=789851058&idt=165&cac=0&dtd=34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
7550679465687725357
age
3407
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 08:35:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 03 Oct 2024 07:35:45 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
65390
x-xss-protection
0
server
cafe
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20241001/r20110914/elements/html/ Frame 38C2 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241001/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ce3lhisEzrL4mc_ce-gQ3JNKMkKkoeNZweglRes8aXN4hLaCB_c68szwZ7flZU2pttmjEU61wglTTv-XVHim8Z6uARy4kbu0Me64YwJaHNUhKGpjvMAJiGQBQa7ls0v6FdIMG-D9hJ3ZZ9vpPKN2N5Y8VgHhFhscKGYWZbmLuk3Lv5pNFxH33lSzJzQEdPKaYfA4Rmh1MseaShbFCzR93syBn-K1D7uSMiV0i5hvVGs63i81g&dbm_d=AKAmf-Cezm_1T0_gCtzWUGwfyUzLGk9R4xgoE5jlIZhP_wFius-CIjrfSWCo87MWR6B6MUV6xuX3HIw0IULwwl0tcpAl2poCuv1O0jAEy54SU60UM1iIY7iOpbodQmSQNZA8dHIA7Em8aKoJJixj3vtJ4CgaJV_hQzAr4p7rxCCUvNyEoIKaLFruh11VRJdBhBGswHqfyZpxPX4UNyIdg5lgnwM6_7L1tIfscP_mTZs7RuYZt5UJb9X8-ReXtpihiWLXqL_eIVTlRoPFGynlDV7htHwFfMM8ILPSd_if0vVmNVfr2iXSKNxwIJ9ew-KSBSyxEVIOMNtVwvCzdlPoOMmWjXDp2SjMVdKDvFcu3XRrbofnfzspIIZye2Yc5qXthyDyeNntgW5QjWtVrGcYj3H3yCrD6TAaWVx63l1VP5CP2x7hCVYRG7aMPvLKBI5rK__gRgapNW8KCgs4DZHYBFD9xwXvzp3edSBF0odS3CiasCbspvpKJb7SqsLpIB22DE6DKJGl_1qzb_UoL2ckM6graO5YePb0XDFgVQZKdaK_HeNbgW84xVVdxs6RtEv5KSZwi0p6t5ou3EXML90jT1UT2MIHteL3P3b_y8Wh-Nxdxx-BczneDWSFMammDC3K9kRK5yVBJDWAcYwJGThf1CYYH3Zpje3cC-yMrY4kefLhv1-jaCP8HTynCGgbYMusVpQ6fcccj9sfy6zf6sXrTodkOkiHSvHZJY7p3JozVxij6fAarM0BjNJNUUtZ4Ynw6hHACVn1wP4nfk_9xICBfEIoFTzwRCvlr4_BtJEOAIHOpmtgnByywi9e1KFT9hXuxGy4b-o01YxUHfWrwE_K4AlQN_Mn1gGBzzZEaINLN8wKC1zlaIm65Kf38VWfywBePAO444FrfkzQ85hrjkDdooHDEmJk9CwDKVWU2VC-mY1Bn3LiSHLwBGwUxA_mxiY6e9EYbbTDUNgIesxfIg22LK4tsYYH9nKMLju7by-A1cFy1zW2bggfw_BmgNV8omNh17Fw0Jtb5MQhsHczlGwvZ7X4losWjAJEuW8joLKx6VNKyioVNul4G4CpO-LXhYRDqaS3ZwDBrZT6LLTLIVDlld-HCfKJdHi_HNepBNat7qZDCtl4LBWi4vKqTg3Y_6-Phh4Aq99YccLbY4DNWPJnH9uYJQAIpIn__K4Xtprdccz6ZC7vOwkbZcWFPpkDsIJd_s8fD3t88-UVN3ZlIjgdnqAL9ePLTCZLNsqhyc9YpaQmFaC3UzdHHu5b9D3JVhyG2sJ3xI34zW9mUnSn1NPcXCoj1qNVRNWxb7_zA388Hj-6pMBp40QBD3A7F0g110t5ebpB0cI2DkVQuxj4woLwiL_HZqn4hSWBmGvcjkLbbnUVzP-sfGFuE-qQYdKhWwZDaKgBA7jgUSrwryWN3gjw-C-RjwyAw0zWA7Xh9PPWZy_3SSxK68bQxNojxQ1T2zvpE-XsuKD2vGREisvExCiZcW7wiqQ-uXtpILZgl3RCwK2S-UsGqX55XtcUDDL_C8kfNN2HW42IN7EyOt_I0PCB-4btPskCQbFGaTaHzcT0VrRfnZ3rZoeLqYwo_XLjt-oJgPaO8pSkKQQwRB3-5d5SGQxjelESfhtof-zB3IfEyfCa8DJkaLv4meQwSEXVna66hMDco9F3Es6eYyijWYPA-xjg8zBIx5VM_eFl2YKczIf0BGNk9b0vzAHOHiujQ99GLaU-jlEqSrCHfQs8E7eQJx9agXR_Zvrhq6a4ntGjlGp55Yf0XnwqiKEuecsaQ1PjzJXB4eHXNeTlSy-2UB_uj-gS91ThDr4iJpFqhthGPkfSjM-YtWrJtmDgSX0wPlqR9R7Oxowfa6Q4mB17EPq4VW0J0Pa4zDfcycFz4OeyrSYUHiu40MdUbv1a_A5F5Cy9LFAMwbF06s95SitcEZvKzkEUP-w1ew2uZs6DXPP28uwZUS5Dxi-XftvFMFs8ZWrGa7F1btySK8NDv0ZrzxCmMfUEOlkB1V_ctz4YCVim6WPRZoCcFZbvSCMH2YBSGTcsVeQwkbu-dIzIiwVyexat7ApyD-hyk6mP9AwHJ7seU2ufH-92ckZ9DhNqpVoJg-Lbsc1k0L9ZvWegHIpobNlmPepFb-68igbXYwbNogmy6v_uF6YKR7y-kWVIeVD1OOGK5tFAMnhcDyAgFBKkC20_zquOP3VBLgHPmkOQZUN-ebQSKzqGDhur3SOR6Nfkp_FbhPNUF-A3CbvY2LEHx5XB0hhr0NZerCVP8pKadHSxdRzhCVTp4RD_nNYEdSwvvrQLT8lIB_Y7CuixUDBLOP1zCjyiUDKWN8bxW-wYKmn327TT1Xrqbbkn-shy6OZjSG0s1lBqnyWUCl9MmY4jIIPvrXKk9J2xAwytOqTLCrieRGKRa6N3D-ICKqCimxnWVOEEjIM_jD8F-YPVXTmBxopjYUPCUgzWjL1sV0Bp9Q3rlD2Q5housAzmM83Ju7dabnd0b0Sg0u91H2BZ7lTITdmtIaCBTiKk7E5l-HHxwcQNsUUkMOTcFQkXsGWi4LFqt4jIF--EELYgH5BbqOiB7aQ-ffUSBOYBsFi7A8FIF2jKjp6A2tkQ_LQCiZNiQE9BbVUSa6kfVA97KEFv1CS9XZ4hLJP7bmffoAL3e1VPs26UCEdeJLiL1H2_5Zf5dXcybNfuwIN7dMsNqvCJyAeyg2p_p1Qxc2V_eop6JbrDI07jZiHKZhwCdqJUewSDZhxFmhus05mH_7dhrqjBhq1coKdPslzc2QMO4MxOUjd6VQd8ii5snTjatAX7qVy4EGrpPmV1hrYCM_D_X5bGNBvMzpAPxtVckwfCSLD-7z_EEA2dD2q0XxGbNA-XiY1e5UVyIp9qtex0rnH87rOnE40QBsFjsYqQ36kHs9uIZtfBwYoDiSccMNfsoMZxwraNGyaz6zK9IXFc79K0Kzx8pJu3-0LkvVcey4chAoLL95ZWtjRABRpJoF9PVWqzZE8zrHk3_I0iCGCAx6HMdbijigVNxO4uFRAuVre82PnzYmIH0IlE6pyFjZvTDP1imP_4uaug-z7YGnNS1MponCornJlw_94rPpJS0qq73Rxl0mg8XSkaJfBC39XD4cYWt2kn8wKAEZ15cankOIrSz5qeXPlekkuC9XK7nPZP9b9twzqL1i6sVHWU67hN_qGb-MTC-nwvZUHYdG3W5JyhX9xww6w1AVAJs4dB2S0AjvT0n8WGbx6Pj1yNa0TDdnmcnMNPxSUOOfpwUGG7mG3EAzUxXezcKTQ2cY9ZBNH06AH-vyv6l7KCUAyyGTr9KvW6RZLdZ9a3cnLjpEWZQMnPxediumKR6LukbRI6p4JDu83q00vS1_XW05oE6Yr2npDgNQ2HNuBS6OLaI1GVyBJZmFl5TE579wzVwk229yly-ejAWVK6jNaRKtc3nFJCrGANxOVdw5iYLAOe317-gl7XZN9S7BKmnibWabUQBrvbaV1m5u5d9PtXP6nIt6ZsdkjnwzLoQa8Lagm_AgxhEBeD5qL5zRbtmej2aQ-Yos8G4Vya7yo5qLclIO_dyui5bTele2cuyPJ6JbgpTKkwGe-YuokS&pr=6%3A0.478400&cid=CAQSQADpaXnfuoCJmTf4saHGzxoCT_s_Hbdtz849_faMOTgBFjQzrAWXWoQiUYeX6oYbCVFW1YIhbT-sE4B4TLXswLYYAQ&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1Njg3MiZzaXRlSWQ9Mjg0OTgyJmFkSWQ9MTM3MzgzMyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE1MTUxNDMzNzMxMjYyNjkxNzkyJmFkU2VydmVySWQ9MjQzJmltcGlkPTRFNDE2OTA4LUE3OUYtNERCOC1BNjVDLUIzMjRFREEzRDc1QiZwYXNzYmFjaz0w_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202408260101&nel=1&rfl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ds=l&xdt=0&iif=1&cor=8028163047495298000&adk=789851058&idt=165&cac=0&dtd=34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4271344721252203484
age
64615
x-content-type-options
nosniff
expires
Wed, 16 Oct 2024 14:35:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 02 Oct 2024 14:35:37 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
4395
x-xss-protection
0
server
cafe
view
ad.doubleclick.net/pcs/ Frame 38C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstsZmtWr7JGLbgB-kR0A2AuXJAV4kjAzd5T9N3Yy92sWaC6U3rakLDeruVkisJNNwvpIa4h_t4EOVnIAa_etefmZGZ4oGhU1CfamzjNdr2e_z6KG6Pinv7IWqf5vsEAvq3Lu-XvurdGx38G695uxi4L4hogPQuXATLFEMdCsDjM720Poyx3pVr_h3-zaHsC5im-BodUcWYjCaFSsCNYLYjyp1edmOX1N-DEwnOHqtPGUSw_fsR6CXC6cydaRtDFjuITuZvyVfR2MxsD_bKo6vov6GrEYZhRraPXJPZvBPMKLVw5-p3DnN1Fts9fCrvJNjidVfehhkWLTWFh4ok42b28_8nmvHbxgQpwj5lHGG17AW9A_RKxULdc9u5WF6iBCJ5Objc1EFOGOYvMsDiEzJ2jWvqKIgZJ7_CfDINXEAph0Fqfb-pMg8Q-VpmGpeum3whqq84x3V4Ht-SX0MrLWISeHe6KKFV0JUbSmuMrGJqw2a2aURx8RYMrs88htWCeBM37mGwgk627DslgsnTbbFBCRg09NNHWUyhaf_CfBKGTbkjC3qv4w4BEoFlifCK66tQVVoItyn8mofyaM13gAD9CnQ6-sf_xlb1Pm4ekEfEHWBlZxIOqmhFG4TF2ElpHsSTL-EwRxKZOXqoCkgL7Rd0KTx3-4L5IP31TusaDm_W-GuGMdDxdZ16VdXSAc5SKuX9O1j6hA3L6JmUtmCcFbbRfZtFd8rZrxPhiJKFLRZ9F0klkX22v5uHJVH7ZQRQt-GfB2czuheSXToRi1lUxxdZztN3XsAXqvXmWeoopXVfhtfm9fpYOSvb_XFLTCArWDqKO8tIvpL211aMeO8ypW8EVU9qf3slbZh6Byqt5mWRixK1t-KhITe4CvOW-oyAOF0kITAWRiwhpwENoz9B274oQXc0zl5MqzmDf5LHCXVt-vUpojcNDQwRQZ1ylKslfUCO8nsHGoqnryWJ5T4P4_5LcY-GAYzjWuM-XANOaet-E1cJZLBkoe9_8GOu6imRbsHFNLFIW7f_eZEA-1wvsxO70AXOM-Ca_OHC_oBLYg9crsMIQEUH5BnSr_TMwzoyEcHCGZ14oWMQ0UFY5dGr1zK3yB-vS7JwDaq6zyYmrl-40HsuLQ05sINgb_J8tjI-B_8LMxfSEXykg7VzA020U8V2MObl2gqVq56TbO-MFv8as78SxSHlCeWgOso0A-fFkIZYyeXwHGWYpfQcaNJCdTk60y0PR206cWVhFtQE7yo7LxFBS2GOOb_RIbKj1dui-tJr3Qbg1qhdntsoplSszAzEZ0bn3BgKncmldMnct5tbVmSgH6kijGVCGTeZMxtzcqA-JygfjHn0j1-tVzbfHWQGnlMsiCCyGFIt_cx6KMyNf4S1LmL5M-6cNBL5d&sai=AMfl-YQhW2D7Kvo3D3C91xySwHsfyoQZzpbyV6qvkXdGMUmHPGqdC6ppNfBsOD7N4BEIW9Rglz6k0R9JmjahiS6WR-0z27kCNalOcCZMetcAWgqjflOzQ4SBJLsfgAs_sn2YxEJtr_jkZGAH8RNpuEs10xj5CoIoCvoIZBhCQfcTQ9h2EnoE9nbeRK5VN9vbGN2_3b6mwlYyuW8VRKgHC-ErYKAwFtifl5Wbd37HCtdbcyiO7eN6eYxV-IO_LzC7RVtxJGvXrGpkqMfwrtyyLJB7CIbqJ4zZRD0x&sig=Cg0ArKJSzM3P1urrVYFOEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9maXZlcnIuY29t&pr=6:0.478400&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20241001.42712&arae=1&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ce3lhisEzrL4mc_ce-gQ3JNKMkKkoeNZweglRes8aXN4hLaCB_c68szwZ7flZU2pttmjEU61wglTTv-XVHim8Z6uARy4kbu0Me64YwJaHNUhKGpjvMAJiGQBQa7ls0v6FdIMG-D9hJ3ZZ9vpPKN2N5Y8VgHhFhscKGYWZbmLuk3Lv5pNFxH33lSzJzQEdPKaYfA4Rmh1MseaShbFCzR93syBn-K1D7uSMiV0i5hvVGs63i81g&dbm_d=AKAmf-Cezm_1T0_gCtzWUGwfyUzLGk9R4xgoE5jlIZhP_wFius-CIjrfSWCo87MWR6B6MUV6xuX3HIw0IULwwl0tcpAl2poCuv1O0jAEy54SU60UM1iIY7iOpbodQmSQNZA8dHIA7Em8aKoJJixj3vtJ4CgaJV_hQzAr4p7rxCCUvNyEoIKaLFruh11VRJdBhBGswHqfyZpxPX4UNyIdg5lgnwM6_7L1tIfscP_mTZs7RuYZt5UJb9X8-ReXtpihiWLXqL_eIVTlRoPFGynlDV7htHwFfMM8ILPSd_if0vVmNVfr2iXSKNxwIJ9ew-KSBSyxEVIOMNtVwvCzdlPoOMmWjXDp2SjMVdKDvFcu3XRrbofnfzspIIZye2Yc5qXthyDyeNntgW5QjWtVrGcYj3H3yCrD6TAaWVx63l1VP5CP2x7hCVYRG7aMPvLKBI5rK__gRgapNW8KCgs4DZHYBFD9xwXvzp3edSBF0odS3CiasCbspvpKJb7SqsLpIB22DE6DKJGl_1qzb_UoL2ckM6graO5YePb0XDFgVQZKdaK_HeNbgW84xVVdxs6RtEv5KSZwi0p6t5ou3EXML90jT1UT2MIHteL3P3b_y8Wh-Nxdxx-BczneDWSFMammDC3K9kRK5yVBJDWAcYwJGThf1CYYH3Zpje3cC-yMrY4kefLhv1-jaCP8HTynCGgbYMusVpQ6fcccj9sfy6zf6sXrTodkOkiHSvHZJY7p3JozVxij6fAarM0BjNJNUUtZ4Ynw6hHACVn1wP4nfk_9xICBfEIoFTzwRCvlr4_BtJEOAIHOpmtgnByywi9e1KFT9hXuxGy4b-o01YxUHfWrwE_K4AlQN_Mn1gGBzzZEaINLN8wKC1zlaIm65Kf38VWfywBePAO444FrfkzQ85hrjkDdooHDEmJk9CwDKVWU2VC-mY1Bn3LiSHLwBGwUxA_mxiY6e9EYbbTDUNgIesxfIg22LK4tsYYH9nKMLju7by-A1cFy1zW2bggfw_BmgNV8omNh17Fw0Jtb5MQhsHczlGwvZ7X4losWjAJEuW8joLKx6VNKyioVNul4G4CpO-LXhYRDqaS3ZwDBrZT6LLTLIVDlld-HCfKJdHi_HNepBNat7qZDCtl4LBWi4vKqTg3Y_6-Phh4Aq99YccLbY4DNWPJnH9uYJQAIpIn__K4Xtprdccz6ZC7vOwkbZcWFPpkDsIJd_s8fD3t88-UVN3ZlIjgdnqAL9ePLTCZLNsqhyc9YpaQmFaC3UzdHHu5b9D3JVhyG2sJ3xI34zW9mUnSn1NPcXCoj1qNVRNWxb7_zA388Hj-6pMBp40QBD3A7F0g110t5ebpB0cI2DkVQuxj4woLwiL_HZqn4hSWBmGvcjkLbbnUVzP-sfGFuE-qQYdKhWwZDaKgBA7jgUSrwryWN3gjw-C-RjwyAw0zWA7Xh9PPWZy_3SSxK68bQxNojxQ1T2zvpE-XsuKD2vGREisvExCiZcW7wiqQ-uXtpILZgl3RCwK2S-UsGqX55XtcUDDL_C8kfNN2HW42IN7EyOt_I0PCB-4btPskCQbFGaTaHzcT0VrRfnZ3rZoeLqYwo_XLjt-oJgPaO8pSkKQQwRB3-5d5SGQxjelESfhtof-zB3IfEyfCa8DJkaLv4meQwSEXVna66hMDco9F3Es6eYyijWYPA-xjg8zBIx5VM_eFl2YKczIf0BGNk9b0vzAHOHiujQ99GLaU-jlEqSrCHfQs8E7eQJx9agXR_Zvrhq6a4ntGjlGp55Yf0XnwqiKEuecsaQ1PjzJXB4eHXNeTlSy-2UB_uj-gS91ThDr4iJpFqhthGPkfSjM-YtWrJtmDgSX0wPlqR9R7Oxowfa6Q4mB17EPq4VW0J0Pa4zDfcycFz4OeyrSYUHiu40MdUbv1a_A5F5Cy9LFAMwbF06s95SitcEZvKzkEUP-w1ew2uZs6DXPP28uwZUS5Dxi-XftvFMFs8ZWrGa7F1btySK8NDv0ZrzxCmMfUEOlkB1V_ctz4YCVim6WPRZoCcFZbvSCMH2YBSGTcsVeQwkbu-dIzIiwVyexat7ApyD-hyk6mP9AwHJ7seU2ufH-92ckZ9DhNqpVoJg-Lbsc1k0L9ZvWegHIpobNlmPepFb-68igbXYwbNogmy6v_uF6YKR7y-kWVIeVD1OOGK5tFAMnhcDyAgFBKkC20_zquOP3VBLgHPmkOQZUN-ebQSKzqGDhur3SOR6Nfkp_FbhPNUF-A3CbvY2LEHx5XB0hhr0NZerCVP8pKadHSxdRzhCVTp4RD_nNYEdSwvvrQLT8lIB_Y7CuixUDBLOP1zCjyiUDKWN8bxW-wYKmn327TT1Xrqbbkn-shy6OZjSG0s1lBqnyWUCl9MmY4jIIPvrXKk9J2xAwytOqTLCrieRGKRa6N3D-ICKqCimxnWVOEEjIM_jD8F-YPVXTmBxopjYUPCUgzWjL1sV0Bp9Q3rlD2Q5housAzmM83Ju7dabnd0b0Sg0u91H2BZ7lTITdmtIaCBTiKk7E5l-HHxwcQNsUUkMOTcFQkXsGWi4LFqt4jIF--EELYgH5BbqOiB7aQ-ffUSBOYBsFi7A8FIF2jKjp6A2tkQ_LQCiZNiQE9BbVUSa6kfVA97KEFv1CS9XZ4hLJP7bmffoAL3e1VPs26UCEdeJLiL1H2_5Zf5dXcybNfuwIN7dMsNqvCJyAeyg2p_p1Qxc2V_eop6JbrDI07jZiHKZhwCdqJUewSDZhxFmhus05mH_7dhrqjBhq1coKdPslzc2QMO4MxOUjd6VQd8ii5snTjatAX7qVy4EGrpPmV1hrYCM_D_X5bGNBvMzpAPxtVckwfCSLD-7z_EEA2dD2q0XxGbNA-XiY1e5UVyIp9qtex0rnH87rOnE40QBsFjsYqQ36kHs9uIZtfBwYoDiSccMNfsoMZxwraNGyaz6zK9IXFc79K0Kzx8pJu3-0LkvVcey4chAoLL95ZWtjRABRpJoF9PVWqzZE8zrHk3_I0iCGCAx6HMdbijigVNxO4uFRAuVre82PnzYmIH0IlE6pyFjZvTDP1imP_4uaug-z7YGnNS1MponCornJlw_94rPpJS0qq73Rxl0mg8XSkaJfBC39XD4cYWt2kn8wKAEZ15cankOIrSz5qeXPlekkuC9XK7nPZP9b9twzqL1i6sVHWU67hN_qGb-MTC-nwvZUHYdG3W5JyhX9xww6w1AVAJs4dB2S0AjvT0n8WGbx6Pj1yNa0TDdnmcnMNPxSUOOfpwUGG7mG3EAzUxXezcKTQ2cY9ZBNH06AH-vyv6l7KCUAyyGTr9KvW6RZLdZ9a3cnLjpEWZQMnPxediumKR6LukbRI6p4JDu83q00vS1_XW05oE6Yr2npDgNQ2HNuBS6OLaI1GVyBJZmFl5TE579wzVwk229yly-ejAWVK6jNaRKtc3nFJCrGANxOVdw5iYLAOe317-gl7XZN9S7BKmnibWabUQBrvbaV1m5u5d9PtXP6nIt6ZsdkjnwzLoQa8Lagm_AgxhEBeD5qL5zRbtmej2aQ-Yos8G4Vya7yo5qLclIO_dyui5bTele2cuyPJ6JbgpTKkwGe-YuokS&pr=6%3A0.478400&cid=CAQSQADpaXnfuoCJmTf4saHGzxoCT_s_Hbdtz849_faMOTgBFjQzrAWXWoQiUYeX6oYbCVFW1YIhbT-sE4B4TLXswLYYAQ&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1Njg3MiZzaXRlSWQ9Mjg0OTgyJmFkSWQ9MTM3MzgzMyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE1MTUxNDMzNzMxMjYyNjkxNzkyJmFkU2VydmVySWQ9MjQzJmltcGlkPTRFNDE2OTA4LUE3OUYtNERCOC1BNjVDLUIzMjRFREEzRDc1QiZwYXNzYmFjaz0w_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202408260101&nel=1&rfl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ds=l&xdt=0&iif=1&cor=8028163047495298000&adk=789851058&idt=165&cac=0&dtd=34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 08:32:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 03 Oct 2024 08:32:32 GMT
content-type
image/png
content-security-policy
script-src 'none'; object-src 'none'
cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"628572524":"0x5ef445c39fa5f7b90000000000000000","628572525":"0x9edbeb3b94fb4dc0000000000000000","628572526":"0xc23ab3e15cf0fe7d0000000000000000","628572527":"0x961c0e1fec23080d0000000000000000"},"debug_key":"13638920093860837853","debug_reporting":true,"destination":["https://fiverr.com","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["8016204","8023643","8062705"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["9053352"]},"max_event_level_reports":2,"priority":"0","source_event_id":"9977588128599963627"}
server
cafe
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 38C2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ce3lhisEzrL4mc_ce-gQ3JNKMkKkoeNZweglRes8aXN4hLaCB_c68szwZ7flZU2pttmjEU61wglTTv-XVHim8Z6uARy4kbu0Me64YwJaHNUhKGpjvMAJiGQBQa7ls0v6FdIMG-D9hJ3ZZ9vpPKN2N5Y8VgHhFhscKGYWZbmLuk3Lv5pNFxH33lSzJzQEdPKaYfA4Rmh1MseaShbFCzR93syBn-K1D7uSMiV0i5hvVGs63i81g&dbm_d=AKAmf-Cezm_1T0_gCtzWUGwfyUzLGk9R4xgoE5jlIZhP_wFius-CIjrfSWCo87MWR6B6MUV6xuX3HIw0IULwwl0tcpAl2poCuv1O0jAEy54SU60UM1iIY7iOpbodQmSQNZA8dHIA7Em8aKoJJixj3vtJ4CgaJV_hQzAr4p7rxCCUvNyEoIKaLFruh11VRJdBhBGswHqfyZpxPX4UNyIdg5lgnwM6_7L1tIfscP_mTZs7RuYZt5UJb9X8-ReXtpihiWLXqL_eIVTlRoPFGynlDV7htHwFfMM8ILPSd_if0vVmNVfr2iXSKNxwIJ9ew-KSBSyxEVIOMNtVwvCzdlPoOMmWjXDp2SjMVdKDvFcu3XRrbofnfzspIIZye2Yc5qXthyDyeNntgW5QjWtVrGcYj3H3yCrD6TAaWVx63l1VP5CP2x7hCVYRG7aMPvLKBI5rK__gRgapNW8KCgs4DZHYBFD9xwXvzp3edSBF0odS3CiasCbspvpKJb7SqsLpIB22DE6DKJGl_1qzb_UoL2ckM6graO5YePb0XDFgVQZKdaK_HeNbgW84xVVdxs6RtEv5KSZwi0p6t5ou3EXML90jT1UT2MIHteL3P3b_y8Wh-Nxdxx-BczneDWSFMammDC3K9kRK5yVBJDWAcYwJGThf1CYYH3Zpje3cC-yMrY4kefLhv1-jaCP8HTynCGgbYMusVpQ6fcccj9sfy6zf6sXrTodkOkiHSvHZJY7p3JozVxij6fAarM0BjNJNUUtZ4Ynw6hHACVn1wP4nfk_9xICBfEIoFTzwRCvlr4_BtJEOAIHOpmtgnByywi9e1KFT9hXuxGy4b-o01YxUHfWrwE_K4AlQN_Mn1gGBzzZEaINLN8wKC1zlaIm65Kf38VWfywBePAO444FrfkzQ85hrjkDdooHDEmJk9CwDKVWU2VC-mY1Bn3LiSHLwBGwUxA_mxiY6e9EYbbTDUNgIesxfIg22LK4tsYYH9nKMLju7by-A1cFy1zW2bggfw_BmgNV8omNh17Fw0Jtb5MQhsHczlGwvZ7X4losWjAJEuW8joLKx6VNKyioVNul4G4CpO-LXhYRDqaS3ZwDBrZT6LLTLIVDlld-HCfKJdHi_HNepBNat7qZDCtl4LBWi4vKqTg3Y_6-Phh4Aq99YccLbY4DNWPJnH9uYJQAIpIn__K4Xtprdccz6ZC7vOwkbZcWFPpkDsIJd_s8fD3t88-UVN3ZlIjgdnqAL9ePLTCZLNsqhyc9YpaQmFaC3UzdHHu5b9D3JVhyG2sJ3xI34zW9mUnSn1NPcXCoj1qNVRNWxb7_zA388Hj-6pMBp40QBD3A7F0g110t5ebpB0cI2DkVQuxj4woLwiL_HZqn4hSWBmGvcjkLbbnUVzP-sfGFuE-qQYdKhWwZDaKgBA7jgUSrwryWN3gjw-C-RjwyAw0zWA7Xh9PPWZy_3SSxK68bQxNojxQ1T2zvpE-XsuKD2vGREisvExCiZcW7wiqQ-uXtpILZgl3RCwK2S-UsGqX55XtcUDDL_C8kfNN2HW42IN7EyOt_I0PCB-4btPskCQbFGaTaHzcT0VrRfnZ3rZoeLqYwo_XLjt-oJgPaO8pSkKQQwRB3-5d5SGQxjelESfhtof-zB3IfEyfCa8DJkaLv4meQwSEXVna66hMDco9F3Es6eYyijWYPA-xjg8zBIx5VM_eFl2YKczIf0BGNk9b0vzAHOHiujQ99GLaU-jlEqSrCHfQs8E7eQJx9agXR_Zvrhq6a4ntGjlGp55Yf0XnwqiKEuecsaQ1PjzJXB4eHXNeTlSy-2UB_uj-gS91ThDr4iJpFqhthGPkfSjM-YtWrJtmDgSX0wPlqR9R7Oxowfa6Q4mB17EPq4VW0J0Pa4zDfcycFz4OeyrSYUHiu40MdUbv1a_A5F5Cy9LFAMwbF06s95SitcEZvKzkEUP-w1ew2uZs6DXPP28uwZUS5Dxi-XftvFMFs8ZWrGa7F1btySK8NDv0ZrzxCmMfUEOlkB1V_ctz4YCVim6WPRZoCcFZbvSCMH2YBSGTcsVeQwkbu-dIzIiwVyexat7ApyD-hyk6mP9AwHJ7seU2ufH-92ckZ9DhNqpVoJg-Lbsc1k0L9ZvWegHIpobNlmPepFb-68igbXYwbNogmy6v_uF6YKR7y-kWVIeVD1OOGK5tFAMnhcDyAgFBKkC20_zquOP3VBLgHPmkOQZUN-ebQSKzqGDhur3SOR6Nfkp_FbhPNUF-A3CbvY2LEHx5XB0hhr0NZerCVP8pKadHSxdRzhCVTp4RD_nNYEdSwvvrQLT8lIB_Y7CuixUDBLOP1zCjyiUDKWN8bxW-wYKmn327TT1Xrqbbkn-shy6OZjSG0s1lBqnyWUCl9MmY4jIIPvrXKk9J2xAwytOqTLCrieRGKRa6N3D-ICKqCimxnWVOEEjIM_jD8F-YPVXTmBxopjYUPCUgzWjL1sV0Bp9Q3rlD2Q5housAzmM83Ju7dabnd0b0Sg0u91H2BZ7lTITdmtIaCBTiKk7E5l-HHxwcQNsUUkMOTcFQkXsGWi4LFqt4jIF--EELYgH5BbqOiB7aQ-ffUSBOYBsFi7A8FIF2jKjp6A2tkQ_LQCiZNiQE9BbVUSa6kfVA97KEFv1CS9XZ4hLJP7bmffoAL3e1VPs26UCEdeJLiL1H2_5Zf5dXcybNfuwIN7dMsNqvCJyAeyg2p_p1Qxc2V_eop6JbrDI07jZiHKZhwCdqJUewSDZhxFmhus05mH_7dhrqjBhq1coKdPslzc2QMO4MxOUjd6VQd8ii5snTjatAX7qVy4EGrpPmV1hrYCM_D_X5bGNBvMzpAPxtVckwfCSLD-7z_EEA2dD2q0XxGbNA-XiY1e5UVyIp9qtex0rnH87rOnE40QBsFjsYqQ36kHs9uIZtfBwYoDiSccMNfsoMZxwraNGyaz6zK9IXFc79K0Kzx8pJu3-0LkvVcey4chAoLL95ZWtjRABRpJoF9PVWqzZE8zrHk3_I0iCGCAx6HMdbijigVNxO4uFRAuVre82PnzYmIH0IlE6pyFjZvTDP1imP_4uaug-z7YGnNS1MponCornJlw_94rPpJS0qq73Rxl0mg8XSkaJfBC39XD4cYWt2kn8wKAEZ15cankOIrSz5qeXPlekkuC9XK7nPZP9b9twzqL1i6sVHWU67hN_qGb-MTC-nwvZUHYdG3W5JyhX9xww6w1AVAJs4dB2S0AjvT0n8WGbx6Pj1yNa0TDdnmcnMNPxSUOOfpwUGG7mG3EAzUxXezcKTQ2cY9ZBNH06AH-vyv6l7KCUAyyGTr9KvW6RZLdZ9a3cnLjpEWZQMnPxediumKR6LukbRI6p4JDu83q00vS1_XW05oE6Yr2npDgNQ2HNuBS6OLaI1GVyBJZmFl5TE579wzVwk229yly-ejAWVK6jNaRKtc3nFJCrGANxOVdw5iYLAOe317-gl7XZN9S7BKmnibWabUQBrvbaV1m5u5d9PtXP6nIt6ZsdkjnwzLoQa8Lagm_AgxhEBeD5qL5zRbtmej2aQ-Yos8G4Vya7yo5qLclIO_dyui5bTele2cuyPJ6JbgpTKkwGe-YuokS&pr=6%3A0.478400&cid=CAQSQADpaXnfuoCJmTf4saHGzxoCT_s_Hbdtz849_faMOTgBFjQzrAWXWoQiUYeX6oYbCVFW1YIhbT-sE4B4TLXswLYYAQ&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1Njg3MiZzaXRlSWQ9Mjg0OTgyJmFkSWQ9MTM3MzgzMyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE1MTUxNDMzNzMxMjYyNjkxNzkyJmFkU2VydmVySWQ9MjQzJmltcGlkPTRFNDE2OTA4LUE3OUYtNERCOC1BNjVDLUIzMjRFREEzRDc1QiZwYXNzYmFjaz0w_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202408260101&nel=1&rfl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ds=l&xdt=0&iif=1&cor=8028163047495298000&adk=789851058&idt=165&cac=0&dtd=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
age
586326
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 13:40:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 13:40:26 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
13937
x-xss-protection
0
server
sffe
7138348558614381586
s0.2mdn.net/simgad/ Frame 38C2 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7138348558614381586
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f32a3ddfccdb21a0aecbc1e5d93c3389427b8f13e0466c014ea1047f5197b4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

age
71051
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Thu, 02 Oct 2025 12:48:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 02 Oct 2024 12:48:21 GMT
last-modified
Mon, 29 Jul 2024 14:11:06 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
39485
x-xss-protection
0
server
sffe
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3FBF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=90654
content-encoding
gzip
content-length
14331
content-type
text/html
date
Thu, 03 Oct 2024 08:32:30 GMT
expires
Fri, 04 Oct 2024 09:43:24 GMT
last-modified
Wed, 05 Jun 2024 06:37:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame 822D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156872&siteId=284982&adId=1373833&imprId=4E416908-A79F-4DB8-A65C-B324EDA3D75B&cksum=8B26B10B3FE6B35E&adType=10&adServerId=243&kefact=0.442701&kaxefact=0.442701&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1727944351&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.478400&dcId=1&tldId=0&passback=0&svr=BIDSFO0047TB&adsver=_2186550348&adsabzcid=1&cls=BID&i0=0x2100000000000000&ekefact=n1b-ZnFdBACEKZCxeBLM108WFt-2dc-CIONc6NBwPFrv6QuU&ekaxefact=n1b-ZnldBABXfbONVu1dh3rXuoN4GS-aBw77s9r7TIZIN0s7&ekpbmtpfact=n1b-Zn9dBACxOK_UL9gTk55WgJqd0uY3iHKOnf2DhER7xeH5&enpp=n1b-ZoZdBADpG3SZq56OCOog8w0zr3NhiR_Nl7kGOiq19Ttl&pmr_m=n1b-ZoxdBAC8IZSkKF8H4l_Be3qZXvJ7zweNhZsRbWYTthba&mdsp=n1b-ZpJdBADTmICj1e69iPwzSeHBJfUhTtyCRkDOQEEoH08C&pfi=1&domId=15792293558594008061&dc=SFO&cpd=2&cpid=E0ED03CD-4A38-4ED3-A1D4-56486028D532&pubBuyId=22768&crID=588823848&lpu=fiverr.com&ucrid=15151433731262691792&wAdType=10&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=3236534&wDspId=80&wbId=1&wrId=0&wAdvID=15653&wDspCampId=19606222002&isRTB=1&rtbId=C0D25114-4F25-465E-8D1A-2B8EE2CFF93CB&ver=23&dateHr=2024100308&usrgen=0&usryob=0&layeringebl=1&usrip=162.245.206.248&gctry=us&uid=1&mid=0&wccookied=0&wcrnk=-1&qpsladszid=7&oid=4E416908-A79F-4DB8-A65C-B324EDA3D75B&cntryId=232&domain=controlc.com&sec=1&pAuSt=2&wops=0&sURL=controlc.com&BrID=5&oiabdvt=2&te=1
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.95 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 03 Oct 2024 08:32:31 GMT
expires
0
pragma
no-cache
id5
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://id5-sync.com/i/535/8.gif?id5id=ID5*3pexBcdx6PhIGGPRmnzPj_iyUmcZWGFp3MF-qdz0lWLK4GcYUg31dKYQB8Z5aGAR&o=api&gdpr_consent=undefined&gdpr=false
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F108%2F7%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/535/108/7/2.gif?puid=968b3549-a966-4dba-aeb4-32e5497c289f&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-7fb6LoA7y6HpsOJzjRy8EUOBVPCpslo1MK2aNQVGUQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F535%2F124%2F6%2F3.gif%3Fpuid%3...
  • https://id5-sync.com/cq/535/124/6/3.gif?puid=40b9c788-552c-4d45-ab75-deb5d4c463b7&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
Protocol
HTTP/1.1
Server
52.7.57.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-57-123.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length
43
Date
Thu, 03 Oct 2024 08:32:33 GMT
content-type
image/gif
Server
gunicorn

Redirect headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
location
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
p3p
CP="CAO PSA OUR"
date
Thu, 03 Oct 2024 08:32:32 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
/
ce.lijit.com/beacon/prebid-server/ Frame 816A
Redirect Chain
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%2...
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%2...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.199.38.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-38-231.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://controlc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
date
Thu, 03 Oct 2024 08:32:32 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept-Encoding

Redirect headers

content-length
110
content-type
text/html
date
Thu, 03 Oct 2024 08:32:32 GMT
location
https://ce.lijit.com:443/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
server
awselb/2.0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3E05 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
79026
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Oct 2024 10:35:26 GMT
expires
Thu, 02 Oct 2025 10:35:26 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 03 Oct 2024 08:32:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
ad.doubleclick.net/pcs/ Frame 38C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstsZmtWr7JGLbgB-kR0A2AuXJAV4kjAzd5T9N3Yy92sWaC6U3rakLDeruVkisJNNwvpIa4h_t4EOVnIAa_etefmZGZ4oGhU1CfamzjNdr2e_z6KG6Pinv7IWqf5vsEAvq3Lu-XvurdGx38G695uxi4L4hogPQuXATLFEMdCsDjM720Poyx3pVr_h3-zaHsC5im-BodUcWYjCaFSsCNYLYjyp1edmOX1N-DEwnOHqtPGUSw_fsR6CXC6cydaRtDFjuITuZvyVfR2MxsD_bKo6vov6GrEYZhRraPXJPZvBPMKLVw5-p3DnN1Fts9fCrvJNjidVfehhkWLTWFh4ok42b28_8nmvHbxgQpwj5lHGG17AW9A_RKxULdc9u5WF6iBCJ5Objc1EFOGOYvMsDiEzJ2jWvqKIgZJ7_CfDINXEAph0Fqfb-pMg8Q-VpmGpeum3whqq84x3V4Ht-SX0MrLWISeHe6KKFV0JUbSmuMrGJqw2a2aURx8RYMrs88htWCeBM37mGwgk627DslgsnTbbFBCRg09NNHWUyhaf_CfBKGTbkjC3qv4w4BEoFlifCK66tQVVoItyn8mofyaM13gAD9CnQ6-sf_xlb1Pm4ekEfEHWBlZxIOqmhFG4TF2ElpHsSTL-EwRxKZOXqoCkgL7Rd0KTx3-4L5IP31TusaDm_W-GuGMdDxdZ16VdXSAc5SKuX9O1j6hA3L6JmUtmCcFbbRfZtFd8rZrxPhiJKFLRZ9F0klkX22v5uHJVH7ZQRQt-GfB2czuheSXToRi1lUxxdZztN3XsAXqvXmWeoopXVfhtfm9fpYOSvb_XFLTCArWDqKO8tIvpL211aMeO8ypW8EVU9qf3slbZh6Byqt5mWRixK1t-KhITe4CvOW-oyAOF0kITAWRiwhpwENoz9B274oQXc0zl5MqzmDf5LHCXVt-vUpojcNDQwRQZ1ylKslfUCO8nsHGoqnryWJ5T4P4_5LcY-GAYzjWuM-XANOaet-E1cJZLBkoe9_8GOu6imRbsHFNLFIW7f_eZEA-1wvsxO70AXOM-Ca_OHC_oBLYg9crsMIQEUH5BnSr_TMwzoyEcHCGZ14oWMQ0UFY5dGr1zK3yB-vS7JwDaq6zyYmrl-40HsuLQ05sINgb_J8tjI-B_8LMxfSEXykg7VzA020U8V2MObl2gqVq56TbO-MFv8as78SxSHlCeWgOso0A-fFkIZYyeXwHGWYpfQcaNJCdTk60y0PR206cWVhFtQE7yo7LxFBS2GOOb_RIbKj1dui-tJr3Qbg1qhdntsoplSszAzEZ0bn3BgKncmldMnct5tbVmSgH6kijGVCGTeZMxtzcqA-JygfjHn0j1-tVzbfHWQGnlMsiCCyGFIt_cx6KMyNf4S1LmL5M-6cNBL5d&sai=AMfl-YQhW2D7Kvo3D3C91xySwHsfyoQZzpbyV6qvkXdGMUmHPGqdC6ppNfBsOD7N4BEIW9Rglz6k0R9JmjahiS6WR-0z27kCNalOcCZMetcAWgqjflOzQ4SBJLsfgAs_sn2YxEJtr_jkZGAH8RNpuEs10xj5CoIoCvoIZBhCQfcTQ9h2EnoE9nbeRK5VN9vbGN2_3b6mwlYyuW8VRKgHC-ErYKAwFtifl5Wbd37HCtdbcyiO7eN6eYxV-IO_LzC7RVtxJGvXrGpkqMfwrtyyLJB7CIbqJ4zZRD0x&sig=Cg0ArKJSzM3P1urrVYFOEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9maXZlcnIuY29t&pr=6:0.478400&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=537&vt=11&dtpt=535&dett=2&cstd=0&cisv=r20241001.42712&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ce3lhisEzrL4mc_ce-gQ3JNKMkKkoeNZweglRes8aXN4hLaCB_c68szwZ7flZU2pttmjEU61wglTTv-XVHim8Z6uARy4kbu0Me64YwJaHNUhKGpjvMAJiGQBQa7ls0v6FdIMG-D9hJ3ZZ9vpPKN2N5Y8VgHhFhscKGYWZbmLuk3Lv5pNFxH33lSzJzQEdPKaYfA4Rmh1MseaShbFCzR93syBn-K1D7uSMiV0i5hvVGs63i81g&dbm_d=AKAmf-Cezm_1T0_gCtzWUGwfyUzLGk9R4xgoE5jlIZhP_wFius-CIjrfSWCo87MWR6B6MUV6xuX3HIw0IULwwl0tcpAl2poCuv1O0jAEy54SU60UM1iIY7iOpbodQmSQNZA8dHIA7Em8aKoJJixj3vtJ4CgaJV_hQzAr4p7rxCCUvNyEoIKaLFruh11VRJdBhBGswHqfyZpxPX4UNyIdg5lgnwM6_7L1tIfscP_mTZs7RuYZt5UJb9X8-ReXtpihiWLXqL_eIVTlRoPFGynlDV7htHwFfMM8ILPSd_if0vVmNVfr2iXSKNxwIJ9ew-KSBSyxEVIOMNtVwvCzdlPoOMmWjXDp2SjMVdKDvFcu3XRrbofnfzspIIZye2Yc5qXthyDyeNntgW5QjWtVrGcYj3H3yCrD6TAaWVx63l1VP5CP2x7hCVYRG7aMPvLKBI5rK__gRgapNW8KCgs4DZHYBFD9xwXvzp3edSBF0odS3CiasCbspvpKJb7SqsLpIB22DE6DKJGl_1qzb_UoL2ckM6graO5YePb0XDFgVQZKdaK_HeNbgW84xVVdxs6RtEv5KSZwi0p6t5ou3EXML90jT1UT2MIHteL3P3b_y8Wh-Nxdxx-BczneDWSFMammDC3K9kRK5yVBJDWAcYwJGThf1CYYH3Zpje3cC-yMrY4kefLhv1-jaCP8HTynCGgbYMusVpQ6fcccj9sfy6zf6sXrTodkOkiHSvHZJY7p3JozVxij6fAarM0BjNJNUUtZ4Ynw6hHACVn1wP4nfk_9xICBfEIoFTzwRCvlr4_BtJEOAIHOpmtgnByywi9e1KFT9hXuxGy4b-o01YxUHfWrwE_K4AlQN_Mn1gGBzzZEaINLN8wKC1zlaIm65Kf38VWfywBePAO444FrfkzQ85hrjkDdooHDEmJk9CwDKVWU2VC-mY1Bn3LiSHLwBGwUxA_mxiY6e9EYbbTDUNgIesxfIg22LK4tsYYH9nKMLju7by-A1cFy1zW2bggfw_BmgNV8omNh17Fw0Jtb5MQhsHczlGwvZ7X4losWjAJEuW8joLKx6VNKyioVNul4G4CpO-LXhYRDqaS3ZwDBrZT6LLTLIVDlld-HCfKJdHi_HNepBNat7qZDCtl4LBWi4vKqTg3Y_6-Phh4Aq99YccLbY4DNWPJnH9uYJQAIpIn__K4Xtprdccz6ZC7vOwkbZcWFPpkDsIJd_s8fD3t88-UVN3ZlIjgdnqAL9ePLTCZLNsqhyc9YpaQmFaC3UzdHHu5b9D3JVhyG2sJ3xI34zW9mUnSn1NPcXCoj1qNVRNWxb7_zA388Hj-6pMBp40QBD3A7F0g110t5ebpB0cI2DkVQuxj4woLwiL_HZqn4hSWBmGvcjkLbbnUVzP-sfGFuE-qQYdKhWwZDaKgBA7jgUSrwryWN3gjw-C-RjwyAw0zWA7Xh9PPWZy_3SSxK68bQxNojxQ1T2zvpE-XsuKD2vGREisvExCiZcW7wiqQ-uXtpILZgl3RCwK2S-UsGqX55XtcUDDL_C8kfNN2HW42IN7EyOt_I0PCB-4btPskCQbFGaTaHzcT0VrRfnZ3rZoeLqYwo_XLjt-oJgPaO8pSkKQQwRB3-5d5SGQxjelESfhtof-zB3IfEyfCa8DJkaLv4meQwSEXVna66hMDco9F3Es6eYyijWYPA-xjg8zBIx5VM_eFl2YKczIf0BGNk9b0vzAHOHiujQ99GLaU-jlEqSrCHfQs8E7eQJx9agXR_Zvrhq6a4ntGjlGp55Yf0XnwqiKEuecsaQ1PjzJXB4eHXNeTlSy-2UB_uj-gS91ThDr4iJpFqhthGPkfSjM-YtWrJtmDgSX0wPlqR9R7Oxowfa6Q4mB17EPq4VW0J0Pa4zDfcycFz4OeyrSYUHiu40MdUbv1a_A5F5Cy9LFAMwbF06s95SitcEZvKzkEUP-w1ew2uZs6DXPP28uwZUS5Dxi-XftvFMFs8ZWrGa7F1btySK8NDv0ZrzxCmMfUEOlkB1V_ctz4YCVim6WPRZoCcFZbvSCMH2YBSGTcsVeQwkbu-dIzIiwVyexat7ApyD-hyk6mP9AwHJ7seU2ufH-92ckZ9DhNqpVoJg-Lbsc1k0L9ZvWegHIpobNlmPepFb-68igbXYwbNogmy6v_uF6YKR7y-kWVIeVD1OOGK5tFAMnhcDyAgFBKkC20_zquOP3VBLgHPmkOQZUN-ebQSKzqGDhur3SOR6Nfkp_FbhPNUF-A3CbvY2LEHx5XB0hhr0NZerCVP8pKadHSxdRzhCVTp4RD_nNYEdSwvvrQLT8lIB_Y7CuixUDBLOP1zCjyiUDKWN8bxW-wYKmn327TT1Xrqbbkn-shy6OZjSG0s1lBqnyWUCl9MmY4jIIPvrXKk9J2xAwytOqTLCrieRGKRa6N3D-ICKqCimxnWVOEEjIM_jD8F-YPVXTmBxopjYUPCUgzWjL1sV0Bp9Q3rlD2Q5housAzmM83Ju7dabnd0b0Sg0u91H2BZ7lTITdmtIaCBTiKk7E5l-HHxwcQNsUUkMOTcFQkXsGWi4LFqt4jIF--EELYgH5BbqOiB7aQ-ffUSBOYBsFi7A8FIF2jKjp6A2tkQ_LQCiZNiQE9BbVUSa6kfVA97KEFv1CS9XZ4hLJP7bmffoAL3e1VPs26UCEdeJLiL1H2_5Zf5dXcybNfuwIN7dMsNqvCJyAeyg2p_p1Qxc2V_eop6JbrDI07jZiHKZhwCdqJUewSDZhxFmhus05mH_7dhrqjBhq1coKdPslzc2QMO4MxOUjd6VQd8ii5snTjatAX7qVy4EGrpPmV1hrYCM_D_X5bGNBvMzpAPxtVckwfCSLD-7z_EEA2dD2q0XxGbNA-XiY1e5UVyIp9qtex0rnH87rOnE40QBsFjsYqQ36kHs9uIZtfBwYoDiSccMNfsoMZxwraNGyaz6zK9IXFc79K0Kzx8pJu3-0LkvVcey4chAoLL95ZWtjRABRpJoF9PVWqzZE8zrHk3_I0iCGCAx6HMdbijigVNxO4uFRAuVre82PnzYmIH0IlE6pyFjZvTDP1imP_4uaug-z7YGnNS1MponCornJlw_94rPpJS0qq73Rxl0mg8XSkaJfBC39XD4cYWt2kn8wKAEZ15cankOIrSz5qeXPlekkuC9XK7nPZP9b9twzqL1i6sVHWU67hN_qGb-MTC-nwvZUHYdG3W5JyhX9xww6w1AVAJs4dB2S0AjvT0n8WGbx6Pj1yNa0TDdnmcnMNPxSUOOfpwUGG7mG3EAzUxXezcKTQ2cY9ZBNH06AH-vyv6l7KCUAyyGTr9KvW6RZLdZ9a3cnLjpEWZQMnPxediumKR6LukbRI6p4JDu83q00vS1_XW05oE6Yr2npDgNQ2HNuBS6OLaI1GVyBJZmFl5TE579wzVwk229yly-ejAWVK6jNaRKtc3nFJCrGANxOVdw5iYLAOe317-gl7XZN9S7BKmnibWabUQBrvbaV1m5u5d9PtXP6nIt6ZsdkjnwzLoQa8Lagm_AgxhEBeD5qL5zRbtmej2aQ-Yos8G4Vya7yo5qLclIO_dyui5bTele2cuyPJ6JbgpTKkwGe-YuokS&pr=6%3A0.478400&cid=CAQSQADpaXnfuoCJmTf4saHGzxoCT_s_Hbdtz849_faMOTgBFjQzrAWXWoQiUYeX6oYbCVFW1YIhbT-sE4B4TLXswLYYAQ&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1Njg3MiZzaXRlSWQ9Mjg0OTgyJmFkSWQ9MTM3MzgzMyZrYWRzaXplaWQ9NyZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTE1MTUxNDMzNzMxMjYyNjkxNzkyJmFkU2VydmVySWQ9MjQzJmltcGlkPTRFNDE2OTA4LUE3OUYtNERCOC1BNjVDLUIzMjRFREEzRDc1QiZwYXNzYmFjaz0w_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202408260101&nel=1&rfl=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&ds=l&xdt=0&iif=1&cor=8028163047495298000&adk=789851058&idt=165&cac=0&dtd=34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 08:32:32 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 03 Oct 2024 08:32:32 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"628572524":"0x5ef445c39fa5f7b90000000000000000","628572525":"0x9edbeb3b94fb4dc0000000000000000","628572526":"0xc23ab3e15cf0fe7d0000000000000000","628572527":"0x961c0e1fec23080d0000000000000000"},"debug_key":"5063095170119358367","debug_reporting":true,"destination":["https://fiverr.com","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["8016204","8023643","8062705"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["9053352"]},"max_event_level_reports":2,"priority":"0","source_event_id":"11970559006760394219"}
server
cafe
dcl.htm
rt3044.infolinks.com/action/ 		0
60 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3044.infolinks.com/action/dcl.htm?rid=0ab65d14-8f67-45a1-bc03-fef8286cd28c&prod_t=u&sdata=privacy%20policy&bdc=1&midx=0&capara=%7B%22ve%22%3A%22mrc50%22%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1959.008-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
no-cache,no-store
cf-cache-status
DYNAMIC
pragma
no-cache
cf-ray
8ccb950c38830ffb-LAX
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-application-context
application:prod
content-length
0
date
Thu, 03 Oct 2024 08:32:32 GMT
content-type
text/html;charset=UTF-8
server
cloudflare
setuid
s2s.t13.io/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=563220&ev=1&us_privacy=1---&gpp=&gpp_sid=&rurl=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpulsepointfsx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gp...
  • https://s2s.t13.io/setuid?bidder=pulsepointfsx&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=QbbapYOByUpq&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=563220
86 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=pulsepointfsx&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=QbbapYOByUpq&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=563220
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 08:32:33 GMT
content-type
image/png

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
location
https://s2s.t13.io/setuid?bidder=pulsepointfsx&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=QbbapYOByUpq&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=563220
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server
bh-deployment-869c5fd4cc-rtjdt
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
server
Jetty(10.0.14)
video-js.css
vjs.zencdn.net/7.20.2/ 		46 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.20.2/video-js.css
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a600e503fc0dcb171bd2ce6b639bbb5cf35b91ccc3c045324a7a4e2603683a0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
etag
"92c4f5bba6e24134f07a508819300d2e"
access-control-allow-origin
*
x-cache
HIT
content-length
10964
date
Thu, 03 Oct 2024 08:32:33 GMT
last-modified
Thu, 28 Jul 2022 18:58:38 GMT
content-type
text/css
x-served-by
cache-bur-kbur8200140-BUR
x-cache-hits
5
vary
Accept-Encoding
videojs-contrib-ads.css
cdnjs.cloudflare.com/ajax/libs/videojs-contrib-ads/6.9.0/ 		975 B
875 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/videojs-contrib-ads/6.9.0/videojs-contrib-ads.css
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"60dbbbae-fe"
age
1097259
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZm72%2FpFlBBzBqCoKtT3C2mxAOyyufPJDUsxkNYBtR2zCq1hLMSGKVPTTD9pUmReietL4pTlEYuhjTkx0sNgPzUWn96zcLbRIM4MkHOdaGUMeVr9981BSE%2FHczbHBOPtIYMrUVX3"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 23 Sep 2025 08:32:33 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 08:32:33 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 30 Jun 2021 00:32:46 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ccb951208747ae5-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
254
server
cloudflare
videojs.ima.css
cdnjs.cloudflare.com/ajax/libs/videojs-ima/1.11.0/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/videojs-ima/1.11.0/videojs.ima.css
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"60be50aa-40f"
age
83523
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFTMIe0s0KRqpSkPLU9ybIICrfbnXN%2FH3c4INTYkpJGZvfSGEGrrd7BXp1gCkMv%2BKwcP%2BHrtEb1CnukVKKjtczsW9lpCkPEAjRLee1%2BhpTbpJOim00Gm%2Fn9YAMivzdJ8VMjYlLgg"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 23 Sep 2025 08:32:33 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 08:32:33 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 07 Jun 2021 17:00:26 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ccb951208767ae5-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
1039
server
cloudflare
video.min.js
vjs.zencdn.net/7.20.2/ 		569 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.20.2/video.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
55a979130309c3f0d4398298f648e90a8ded2df500fdf3c758e9051ecf6229cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
etag
"c038d4c38eb6160ddb328b8944a5422b"
access-control-allow-origin
*
x-cache
HIT
content-length
162713
date
Thu, 03 Oct 2024 08:32:33 GMT
last-modified
Thu, 28 Jul 2022 18:58:38 GMT
content-type
application/javascript
x-served-by
cache-bur-kbur8200140-BUR
x-cache-hits
1
vary
Accept-Encoding
setuid
s2s.t13.io/
Redirect Chain
  • https://cms.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0&gdpr=&gdpr_consent=&us_privacy=1---&redir=
  • https://s2s.t13.io/setuid?bidder=quantcastfsx&us_privacy=1---&uid=7h6udO0e8XX1S_8nvhvlKexM-nL1EP8g6hlcbWoP
86 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=quantcastfsx&us_privacy=1---&uid=7h6udO0e8XX1S_8nvhvlKexM-nL1EP8g6hlcbWoP
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 08:32:33 GMT
content-type
image/png

Redirect headers

strict-transport-security
max-age=86400
cache-control
private, no-store, proxy-revalidate
location
https://s2s.t13.io/setuid?bidder=quantcastfsx&us_privacy=1---&uid=7h6udO0e8XX1S_8nvhvlKexM-nL1EP8g6hlcbWoP
content-length
0
date
Thu, 03 Oct 2024 08:32:33 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 38C2 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxUtp9HVAUljz3XGirGx_fH7T32f4q7NXVSzUzkjH1K-DWo0FY8Q5yL_8srbMNDToqgw8u2eMpoTlsW75z_dlzyiOv33zfDFUqdV8s5XKBud7nhq8PcFc-QVUVKQJR4d4vXXtwepfHEHJbX7EBJQc&sig=Cg0ArKJSzBQ07Wa81qHAEAE&id=lidar2&mcvt=1000&p=0,0,90,728&tm=1320.3000001907349&tu=320.1000003814697&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240930&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2387715200&rst=1727944351630&rpt=1007&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 03 Oct 2024 08:32:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		423 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98cc156b03820740ae172f00da45848efbc175b3fea3757cc58ac5e3d25b23ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
private, max-age=900, stale-while-revalidate=3600
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 08:32:34 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147683
date
Thu, 03 Oct 2024 08:32:34 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		141 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
c78b04a02bfbf8b4f184265e524c9f03b4e73bea4b0c6e3a3aeb150938df99de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 03 Oct 2024 08:32:34 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
58
date
Thu, 03 Oct 2024 08:32:34 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
videojs-contrib-ads.js
cdnjs.cloudflare.com/ajax/libs/videojs-contrib-ads/6.9.0/ 		92 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/videojs-contrib-ads/6.9.0/videojs-contrib-ads.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c72fcc889cf4f2a5e4aed49db5986f77e6af8d586392e8d93d4d126a8c435149
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"60dbbbae-4a18"
age
3193
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8x95gv9fez5Bp8bpFQuujtI9KZpCE6XcAwxu5CNsFLryxEo3rmp7m1hwRE3B%2FgiUsxmQJew1utAzoAIbjIIxf0rrGvwtrDgLY%2FxoUzRDzPkXSpR54jjayKIHECjjJMjnE6tiFbLu"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 23 Sep 2025 08:32:34 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 08:32:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 30 Jun 2021 00:32:46 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ccb95189d067ae5-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
18968
server
cloudflare
videojs.ima.js
cdnjs.cloudflare.com/ajax/libs/videojs-ima/1.11.0/ 		84 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/videojs-ima/1.11.0/videojs.ima.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://controlc.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"60be50aa-367b"
age
744008
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GAGDNk%2Fk%2FH4GzJghM5T7iiffRSNLC%2BPoTFlwng4zmE1WdnB1D1AnKjMFALp7Mhl1QY6XskQ20MoUq6XxFZ2W6ecbYi4IOdwT8mVHYeTKP0FWVVIB1I5%2FXO1M8mHgvqAKSYd5B8EL"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 23 Sep 2025 08:32:34 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 03 Oct 2024 08:32:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 07 Jun 2021 17:00:26 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ccb95198dc37ae5-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
13947
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ 		27 B
109 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://controlc.com/

Response headers

cf-cache-status
DYNAMIC
debug
rtd-nx-sv
access-control-allow-methods
GET, POST, OPTIONS
allow
POST, OPTIONS, GET
cf-ray
8ccb951acd71d7af-LAX
access-control-allow-origin
*
content-length
27
date
Thu, 03 Oct 2024 08:32:35 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
*
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://controlc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
8ccb951a4c6ed7af-LAX
content-length
0
content-type
application/json
date
Thu, 03 Oct 2024 08:32:34 GMT
debug
rtd-nx-sv
server
cloudflare
auction
s2s.t13.io/openrtb2/ 		433 B
339 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2a0ee540255d0ba5c91e1b83d648cbcab67f5a11012a01c2a3ed8702023c0a0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://controlc.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
0
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
date
Thu, 03 Oct 2024 08:32:35 GMT
x-prebid
pbs-java/3.8.0
content-type
application/json
vary
origin
auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ 		60 B
216 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.83.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.221.217.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-221-217-118.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a97f0487ee4b31b751e041c53b5704ba6cc986a322864c0141933167029166dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://controlc.com/

Response headers

access-control-allow-origin
https://controlc.com
content-length
60
date
Thu, 03 Oct 2024 08:32:35 GMT
content-type
application/json; charset=utf-8
vary
Origin
access-control-allow-credentials
true
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/controlc-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2c9eca453aa7ce7daf2d71dbb6a3d134154488825d9e213de5413050289508ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://controlc.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://controlc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 03 Oct 2024 08:32:35 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=106
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=15&alt_size_ids=2%2C55%2C57&us_privacy=1---&rp_schain=1.0,1!freestar.com,1715,1,,,&eid_pubcid.org=6940e85b-d466-40e7-aeb3-e4a7f216a092%5E1&rf=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&tg_v.id=bba76477-a6c7-471e-a8d5-96af1b596dc6&tg_i.domain=controlc.com&tg_i.page=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&tg_i.name=controlc-com&tg_i.cat=IAB19&tg_i.sectioncat=IAB19&tg_i.pagecat=IAB19&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=6234&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Fcontrolc_billboard_atf%2Fcontrolc_billboard_atf&tk_flint=pbjs_lite_v8.49.83&x_source.tid=51c38a38-a443-4218-bc30-ef7ad504ca6e&l_pb_bid_id=10fc08a816b54ab&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e520de21-f401-4fed-b065-bbd3b098588f&rp_maxbids=1&p_gpid=%2F15184186%2Fcontrolc_billboard_atf%2Fcontrolc_billboard_atf&m_ch_mobile=%3F0&slots=1&rand=0.18612173038724156
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.49.83&p=%5B%7B%22placement_id%22%3A%22controlc_billboard_atf%22%2C%22callback_id%22%3A%2230b1b43aa357fc6%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F15184186%2Fcontrolc_billboard_atf%2Fcontrolc_billboard_atf%22%2C%22tid%22%3A%22e520de21-f401-4fed-b065-bbd3b098588f%22%2C%22auctionId%22%3A%2251c38a38-a443-4218-bc30-ef7ad504ca6e%22%7D%5D&page_url=https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe%2520https%3A%2F%2Fcontrolc.com%2Fe4d11035%2520benign.exe&bust=1727944348689&dnt=false&description=The%20ControlC%20%20pastebin%20is%20the%20original%20next%20generation%20tool%20for%20sharing%20text.%20We%20offer%20a%20full%20suite%20of%20tools%20and%20a%20affiliate%20program%20for%20users%20to%20make%20money.%20Formerly%20known%20as%20Pasted%20and%20Tinypaste&tmax=589&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=The%20easiest%20way%20to%20host%20your%20text&w=1600&h=1200&pubcid=6940e85b-d466-40e7-aeb3-e4a7f216a092&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221715%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%226940e85b-d466-40e7-aeb3-e4a7f216a092%22%2C%22atype%22%3A1%7D%5D%7D%5D
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202409260101&jk=2867010303201669&bg=!lJell9jNAAax3igvkd47ADQBe5WfOOlEcLSTsQQvJyC6XRM-J_wA8XX_k3Yf03-Ss0Crco4r4hjTpzLw6vABT5a_HN_jAgAAAEZSAAAABGgBB34ANrx69jO3gwxmf9i8oItRj7VDWZrztsYQDiFeVxFzPIRuqbIUgM5xFd-T-QCPHxeNmwDpIYUGcZkCoCv6SNEyGiSH8H0ejjIFZhkEeGgholvon8ftHnv2ktXf1AkhMeyrMc2DIyQNHeQTwMhslKLbvtyBWg7AjoqG8Y3GHeZbSyPSNkOGUtkUso8cKWIhjHEjc__blUOzQnFIAXqDtJcZTxz6AEcOjRt1WOJmY83gpSMpc7T8hweKF2pC4jnM9-pf0feTH4cqhWKdF3Q8w-pqyCqtrg1j1B2bVQNvI4gHCVOLPz7JfS96BK6uaduH1iJhoIHqwdMI9JWcNEXoGJ_AR2E_JQQpCM9CKNpjVIzG2Yq7EH4N3yOV1cnUia8hslS69BzG_0KzUEC_S_YK5VGaUjQm1xuD9C6o7TXkAWybCHbEan6GDJe1MVqgPEnUUsWyCNnMG1cnxaibkcRG5ez7dnbAqZTnKmyCWc5ehRH3Ar0QnXhBZ_pqx85O-XjzC6Rrq1HFwSo-RJHc613ojEuK-GOw_tPcyHZXmHw6ahxbXoBNEZh9CnYUVy2WoJ49TogV2BP7gxRQCznDB4IukAMMmvzHqqkhmpyOUF1SYmxtd3X1FEP4vNRW9aGuh9oFbqepWc2OFof3cpd5KFxgt7OW9l6ln_9KSlj813oAJduy9YCyf6pbwbKX4bmMUmj7ZlIeJFzdgg-3l_yrcapAcNFHuqcheBH2EGxB_AF52G3RezVKnUh_mjyZPp7WE7e8RDXnSkP5D-_SiXV32i2DvYwBGK5O1jtUV-UQjuU3VKV_s-MRQhjVYxWCVAHkbQJpoaPfOHKb_fgbjwysVLgpjGDaeSCxtDpCItiazCbtDLGOglOCFSB3Bby3cxfOBymFXUjDpuCxhG684J4i2bdeK-pWH098hDO69-L2HNF0SlYYEXuM70o-NIWK4aaU92990hQlArQ7o24qOiNHlQ

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 number| _sf_startpt string| root_url function| socialNetwork function| socialNetworkTwitter function| socialNetworkFacebook function| socialNetworkOther function| popPreview function| embedCode function| getARealBrowser function| $ function| jQuery object| freestar function| gtag object| dataLayer object| _pubfigInstanceManagerConfig object| googletag object| fsprebid object| fsprebidChunk object| _pbjsGlobals object| mnet object| google_tag_manager object| google_tag_data function| __tcfapi function| __uspapi object| gaGlobal object| ggeac object| google_js_reporting_queue object| google_reactive_ads_global_state object| regeneratorRuntime function| __tcfapiui function| load_script object| confiant function| _hadron object| edktInitializor object| liQ_instances object| _qevents object| google_tag_topics_state number| google_unique_id function| pubHadronCb object| Criteo object| hadron boolean| __halo_loaded__ object| __bt object| __bt_intrnl object| au object| GoogleGcLKhOms function| quantserve function| __qc object| ezt object| auvars object| __bt_tag_d boolean| __bt_already_invoked function| docReady object| autag string| GoogleAnalyticsObject function| ga object| audDataLayer function| audGtag object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_144 object| Criteo_prebid_144 object| gaplugins object| gaData number| infolinks_pid boolean| infolinks_iframe string| infolinks_basePath object| infolinks_slots boolean| infolinks_initFromFrame boolean| iceLoadStarted function| _typeof function| _defineProperty object| iqscript object| google_image_requests number| $iceId function| getIfbip number| iqilsource function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| PartnersWinEvent object| iiq_object_array function| setImmediate function| clearImmediate object| ID5 function| _33AcrossIdMappingsProvider object| stip object| liQd object| liQHub object| liQd_did_004d object| hook object| dimObj string| adviewUrl object| googDdmPs object| vttjs function| WebVTT function| videojs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event function| videojsContribAds function| videojsIma

269 Cookies

Domain/Path Name / Value
controlc.com/e4d11035%20benign.exe%20https://controlc.com Name: logglytrackingsession
Value: 7c2844c6-3094-47d5-b87a-23196821fcf4
cdn.edkt.io/check Name: 3pc
Value: 1
.3lift.com/sync Name: sync
Value: CgoIoQEQzq-JjKUyCgoI4gEQzq-JjKUyCgoI5gEQzq-JjKUyCgoIhwIQzq-JjKUyCgkIOhDOr4mMpTIKCQgbEM6viYylMgoKCIwCEM6viYylMgoKCKwCEM6viYylMgoKCK0CEM6viYylMgoJCF8Qzq-JjKUy
.smartadserver.com/api Name: pid
Value: 1681707399010623644
.liadm.com/j Name: lidid
Value: aca08447-8e67-447d-8abc-d79081c993d1
.pub.network/ Name: _fsuid
Value: bba76477-a6c7-471e-a8d5-96af1b596dc6
.controlc.com/ Name: cf_clearance
Value: dHRT.dMD74ZbHHK.8ktv0Z8PFf8F1wUO8yrk.lYebNo-1727944346-1.2.1.1-QjM6amRKugc2XZ70L5Jpzj9RePGXwJH.meKy4ZEWzyfDdn5W7j19pP.SE2IzWtNxFQXFbDjq5cZ9Ce6lhXEL.f.aD.hR7gaSH9vWExacjg4oOhwziEwfrWXDq5v.ZSTapaMOHMUVFr1ROHwf9mNAvs.EGHmutKbDKMphf3MGwxoi2ztQ2BBP6m2RQ_Q2GyheRn9Oh8D8L9iOANus.QOIQ1AvSPAfdF7V9wikd6FOAo8fTTSgmlA9L63VZBucd2cGYQckWYzoUOxASWkGmObvux0s7iBWKWsQQnvNN66ShH0plvs.d49xzH4z3m0j1bZe3CAG3AZsLUA6zSRnwinbGUKSIZtALDK1ncDVEjVvJ5FUlPnXVuOG7I1v4Ti75y2l
.controlc.com/ Name: _ga_3KD3DPS4TE
Value: GS1.1.1727944346.1.0.1727944346.60.0.0
.controlc.com/ Name: usprivacy
Value: 1---
.controlc.com/ Name: _li_dcdm_c
Value: .controlc.com
.controlc.com/ Name: _lc2_fpi
Value: f90009682691--01j98r4mqbwdpvg1wf9vbnmef8
.controlc.com/ Name: _lc2_fpi_meta
Value: %7B%22w%22%3A1727944348395%7D
.controlc.com/ Name: cookie
Value: 6940e85b-d466-40e7-aeb3-e4a7f216a092
.controlc.com/ Name: cookie_cst
Value: VyxHLMwsHQ%3D%3D
controlc.com/ Name: _lr_retry_request
Value: true
controlc.com/ Name: _lr_env_src_ats
Value: false
.33across.com/ Name: check
Value: true
.adsrvr.org/ Name: TDID
Value: 6ce2d808-e2a0-4054-944c-bde259c45f88
.liadm.com/ Name: lidid
Value: aca08447-8e67-447d-8abc-d79081c993d1
controlc.com/ Name: pbjs_fabrickId_cst
Value: VyxHLMwsHQ%3D%3D
.ccgateway.net/ Name: ccuid
Value: ef3cfd39-7ebf-402d-847c-23a489c8ff78
.doubleclick.net/ Name: IDE
Value: AHWqTUnSOFYcdiKPo4wQd7bfcRznrEl8X0ajEnI_LAIxhSHi6aoyWzlxB3jhnV8q7us
.agkn.com/ Name: ab
Value: 0001%3APPunDgyNal6Vdd8FZCau7WC8w25cEvsp
.controlc.com/ Name: __gads
Value: ID=ffd1d5e0db02c25d:T=1727944348:RT=1727944348:S=ALNI_MYEllLGvLMnD5cLE5b-wIdNcCQMug
.controlc.com/ Name: __gpi
Value: UID=00000f22db792d86:T=1727944348:RT=1727944348:S=ALNI_MaTPThIOCCG5hBjcUlsDcwj-KJ__A
.controlc.com/ Name: __eoi
Value: ID=31355065bd5fd9f8:T=1727944348:RT=1727944348:S=AA-AfjYXKc0pXLz0O9uvF78FldmB
controlc.com/ Name: pbjs_fabrickId
Value: %7B%22fabrickId%22%3A%22E1%3AcqDcuSCnxocodd5kfMAAgaR4qQA7S_dfo2gZYOrj7sLGhTBxwi3EUwucGAeMhlMlDVSYUMrimLBIVi80tChZ-KRm02gJfYjXusYYI4y0MrCSwzDEfyy9CtzVi4luR4g4%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBJxW_mYCEOhFwf89_HGdcSOzgo4J-YkFEgEBAQGo_2YIZ9wAAAAA_eMAAA&S=AQAAAisqpifhcTYBkjFkp37zz7E
.controlc.com/ Name: connectId
Value: %7B%22puid%22%3A%22a94a66fa86b9ea270d707a82a668131015e2a549cab8ae14cd4a23e0f6908238%22%2C%22vmuid%22%3A%227jFAX5AmAjQiX1h_AwAmoeTDzp74qMVx65HebZQFofWaYWlSFwmiH6iAj2Hw02HQkx-Xdkmi01ASpZBV6yLiDQ%22%2C%22connectid%22%3A%227jFAX5AmAjQiX1h_AwAmoeTDzp74qMVx65HebZQFofWaYWlSFwmiH6iAj2Hw02HQkx-Xdkmi01ASpZBV6yLiDQ%22%2C%22connectId%22%3A%227jFAX5AmAjQiX1h_AwAmoeTDzp74qMVx65HebZQFofWaYWlSFwmiH6iAj2Hw02HQkx-Xdkmi01ASpZBV6yLiDQ%22%2C%22ttl%22%3A86400000%2C%22lastSynced%22%3A1727944349019%2C%22lastUsed%22%3A1727944349019%7D
.ad.gt/ Name: au_3p_check
Value: 1
.controlc.com/ Name: _au_1d
Value: AU1D-0100-001727944349-1R9T7QAL-78ES
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: vst
Value: u_df7b7b2e-5173-461e-b2ab-24bcbbd32144
.3lift.com/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: tluid
Value: 203985481728458924759
.tapad.com/ Name: TapAd_TS
Value: 1727944349276
.tapad.com/ Name: TapAd_DID
Value: 968b3549-a966-4dba-aeb4-32e5497c289f
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.ad.gt/ Name: au_id
Value: AU1D-0100-001727944349-1R9T7QAL-78ES
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: M1T1G94S-12-DDU3
.rubiconproject.com/ Name: khaos_p
Value: M1T1G94S-12-DDU3
.openx.net/ Name: i
Value: 28f5673b-1064-0264-0874-c044cb9f7fae|1727944349
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6656
controlc.com/ Name: ccuid
Value: ef3cfd39-7ebf-402d-847c-23a489c8ff78
.media.net/ Name: visitor-id
Value: 3709459491829665000V10
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.media.net/ Name: usp_status
Value: 1
.adnxs.com/ Name: icu
Value: ChgIodc0EAoYASABKAEwna35twY4AUABSAEQna35twYYAA..
.openx.net/ Name: pd
Value: v2|1727944349|vMgavPkWgyiK
.3lift.com/ Name: tluidp
Value: 203985481728458924759
.demdex.net/ Name: demdex
Value: 85833650942936553521639466197083373697
.yieldmo.com/ Name: yieldmo_id
Value: VeqYmccQmYcHxy7fCBpQ%7C1727913600000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: unl%3D1200801%7Cc%3D1200801%7Ct%3D1200801%7Cdv360%3D1200801%7Can%3D1200801
.turn.com/ Name: uid
Value: 3617358378010279803
.adform.net/ Name: C
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 85833650942936553521639466197083373697
.quantserve.com/ Name: mc
Value: 66fe569d-c76f3-84d2c-87121
.controlc.com/ Name: __qca
Value: P0-1034626856-1727944348971
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A874733E-539B-40A8-B534-644FE380A4B0
.adform.net/ Name: uid
Value: 8375283706388319130
.linkedin.com/ Name: li_sugr
Value: bd030301-581b-4a1d-bced-940eb0182725
.linkedin.com/ Name: bcookie
Value: "v=2&71ef4531-aad6-4ca5-8a5c-8358fad379ba"
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=3015:u=1:x=1:i=1727944349:t=1728030749:v=2:sig=AQFLao-pjhohkzIkxknaS8aKKpNZ59tH"
.adnxs.com/ Name: XANDR_PANID
Value: onVC1AdLVhq3ejRerhZXX5wQjC42025qwrb78MruA9cODnSE1osPA_jQT7L7J4NdFxi3NotauVMIMoURs-RjSFBaqr2DhKKKwBoVYFvdJF4.
.adnxs.com/ Name: uuid2
Value: 1344584842485863353
.controlc.com/ Name: _ga
Value: GA1.2.366337405.1727944347
.controlc.com/ Name: _gid
Value: GA1.2.954027973.1727944350
.bing.com/ Name: MUID
Value: 304A558F7B566BDC2AAC40827AAD6A49
.c.bing.com/ Name: MR
Value: 0
.ads.yieldmo.com/ Name: ptrt
Value: 6ce2d808-e2a0-4054-944c-bde259c45f88
.creativecdn.com/ Name: g
Value: 7rWdXG3UPFEOHDMk6qSp_1727944350015
.creativecdn.com/ Name: ts
Value: 1727944350
.bidswitch.net/ Name: c
Value: 1727944350
.bidswitch.net/ Name: tuuid_lu
Value: 1727944350
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjIwtLAwsLA0MjOwMDMxtTCxsBTiM9T11g0wN6808IpMDU8HADAyT5olAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjIwtLAwsLA0MjOwMDMxtTCxsBTiM9T11g0wN6808IpMDU8HADAyT5olAAAA
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-5ee85c3f-33b6-5af6-735c-6f6c1cec8cc4.XVxdKuuFnJAaqQmQA41%2BOm4sYgfS8BNirOxg%2BIglB1U
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-5ee85c3f-33b6-5af6-735c-6f6c1cec8cc4.XVxdKuuFnJAaqQmQA41%2BOm4sYgfS8BNirOxg%2BIglB1U
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AXuhcPzO2WvZzXG9sHOyMxKL1zvg.cLHdvtGLaLdXs9WbxqMx8h8JQfPZ2druLNI5T4RcEOw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AXuhcPzO2WvZzXG9sHOyMxKL1zvg.cLHdvtGLaLdXs9WbxqMx8h8JQfPZ2druLNI5T4RcEOw
.ads.yieldmo.com/ Name: ptrunl
Value: OPTOUT
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.simpli.fi/ Name: suid
Value: 5A4877C47684458EB6EF7D9247550E2C
.bidswitch.net/ Name: tuuid
Value: 50eabd42-953d-4e5b-807c-3e2ad7472959
.deepintent.com/ Name: CDIUSER
Value: di_670e6a9b7519464c8d820
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220241003%22%7D
.criteo.com/ Name: uid
Value: a116309b-2a6a-4e04-a430-8f73abcac814
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINP6C5bZG_PyMfHFoncdHsbe8k9lUqMWqcqZCt20K5mcEGcYBCCerfm3BjABOgS9RxseQgTWBhPf.spmgDDnLRDXnFefBhYL6ufF%2FOmgSTBb3wfaos8iXJpI
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINP6C5bZG_PyMfHFoncdHsbe8k9lUqMWqcqZCt20K5mcEGcYBCCerfm3BjABOgS9RxseQgTWBhPf.spmgDDnLRDXnFefBhYL6ufF%2FOmgSTBb3wfaos8iXJpI
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-6ce2d808-e2a0-4054-944c-bde259c45f88&KRTB&22918-6ce2d808-e2a0-4054-944c-bde259c45f88&KRTB&22926-6ce2d808-e2a0-4054-944c-bde259c45f88&KRTB&23031-6ce2d808-e2a0-4054-944c-bde259c45f88
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8375283706388319130&KRTB&23263-8375283706388319130&KRTB&23481-8375283706388319130
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-XuhcPzO2WvZzXG9sHOyMxKL1zvg&KRTB&23334-XuhcPzO2WvZzXG9sHOyMxKL1zvg&KRTB&23417-XuhcPzO2WvZzXG9sHOyMxKL1zvg&KRTB&23426-XuhcPzO2WvZzXG9sHOyMxKL1zvg
.thrtle.com/ Name: mc
Value: eyJpZCI6IjQ3MTQwMjFmLTI4MjYtNDliNC04MTY5LTU2N2E3OGEyNzAxZiIsImwiOjE3Mjc5NDQzNTAzMzksInQiOjF9
.amazon-adsystem.com/ Name: ad-id
Value: A4SSpvFp9kDIlKUj2b-a5Uc
.ipredictive.com/ Name: cu
Value: c388ef35-8f82-478d-9f42-413f64f6bafb|1727944350342
.w55c.net/ Name: wfivefivec
Value: hqMBNRQH1SWhga5
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-7SZ--O4mIfn2cy-rvSM1pe90Kv72KC-s6SGUp7eF&KRTB&22979-7SZ--O4mIfn2cy-rvSM1pe90Kv72KC-s6SGUp7eF&KRTB&23462-7SZ--O4mIfn2cy-rvSM1pe90Kv72KC-s6SGUp7eF
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-2018808926086458489&KRTB&23628-2018808926086458489
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:5A4877C47684458EB6EF7D9247550E2C&KRTB&23486-uid:5A4877C47684458EB6EF7D9247550E2C&KRTB&23489-uid:5A4877C47684458EB6EF7D9247550E2C&KRTB&23539-uid:5A4877C47684458EB6EF7D9247550E2C
.bidr.io/ Name: bito
Value: AAEr6E7N_K0AABTClZ5CWw
.bidr.io/ Name: bitoIsSecure
Value: ok
.doubleclick.net/ Name: DSID
Value: NO_DATA
.sitescout.com/ Name: ssi
Value: 912e59c0-ffe5-4630-ae06-e88a4d6ad158#1727944350476
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-k5hn-T1ZTf8bmFZU48il4Kw7tq8EOQXEU5Oxg5b0MF0&KRTB&23047-k5hn-T1ZTf8bmFZU48il4Kw7tq8EOQXEU5Oxg5b0MF0&KRTB&23234-k5hn-T1ZTf8bmFZU48il4Kw7tq8EOQXEU5Oxg5b0MF0&KRTB&23361-k5hn-T1ZTf8bmFZU48il4Kw7tq8EOQXEU5Oxg5b0MF0
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-c388ef35-8f82-478d-9f42-413f64f6bafb&KRTB&23011-c388ef35-8f82-478d-9f42-413f64f6bafb&KRTB&23355-c388ef35-8f82-478d-9f42-413f64f6bafb
.w55c.net/ Name: matchpubmatic
Value: 5
.googleadservices.com/ Name: ar_debug
Value: 1
.adx.opera.com/ Name: UID
Value: OPU6e8bc3c9f9814cbda15912ec5ae89519
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-a10d793a-9778-4ded-85fc-b413a9298754&KRTB&23340-a10d793a-9778-4ded-85fc-b413a9298754&KRTB&23498-a10d793a-9778-4ded-85fc-b413a9298754
.adgrx.com/ Name: ADGRX_UID
Value: 078a9568-8162-11ef-a9aa-7f6d53b2bc3d
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcyNzk0NDM1MDUzOX0
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:hqMBNRQH1SWhga5&KRTB&23421-uid:hqMBNRQH1SWhga5
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU6e8bc3c9f9814cbda15912ec5ae89519&KRTB&23485-OPU6e8bc3c9f9814cbda15912ec5ae89519&KRTB&23524-OPU6e8bc3c9f9814cbda15912ec5ae89519&KRTB&23575-OPU6e8bc3c9f9814cbda15912ec5ae89519
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 84bd42e9-8688-47f6-91c5-bc40dc50a51a
beacon.lynx.cognitivlabs.com/ Name: ss
Value: e%2BFeQxg3uhhfJ5skCH4w8ruMCdEEDi%2FQALb8hY%2BFU5C6T8uEV5V%2BujlZFRR6ab3XiQxrDr2pS7YWINV9o80GHA%3D%3D
.mookie1.com/ Name: id
Value: 10607736342953550856
.mookie1.com/ Name: mdata
Value: 1|10607736342953550856|1727944350621
.mookie1.com/ Name: ov
Value: 605c72c807886af6e19ee208915edad5
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-912e59c0-ffe5-4630-ae06-e88a4d6ad158-66fe569e-5553&KRTB&23418-912e59c0-ffe5-4630-ae06-e88a4d6ad158-66fe569e-5553&KRTB&23634-912e59c0-ffe5-4630-ae06-e88a4d6ad158-66fe569e-5553
.infolinks.com/ Name: cuid
Value: 890d8d6e-c8b8-4ae3-b871-95d8b7353801
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3617358378010279803&KRTB&23150-3617358378010279803&KRTB&23527-3617358378010279803&KRTB&23629-3617358378010279803
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-078a9568-8162-11ef-a9aa-7f6d53b2bc3d&KRTB&23275-078a9568-8162-11ef-a9aa-7f6d53b2bc3d
.mxptint.net/ Name: mxpim
Value: R33647_11CCFA78C_3FA9BFE.1.000000000000000066FE569E
.controlc.com/ Name: cto_bundle
Value: q_hlVl9NN2FHNUl6TDFoT053emJ2NnAyV3o3T29EbVc5ZnQ1ZEF3Y2I4Z0NydnpJZmJJbWVuaW8ybG9wT1gwSjQlMkIyRjNrUUw2Q2t2UDJiYUpmMlBsYnZiYXBXQ2lhYWVsVzMwb0RTN3BqR0Jac0tzRmZnMTQzc1ZIM29UNUtKNzZMeUVCQ1BVNGptTUk2dTJoVUFaQnBwZFpmbTJMNUNHV3FLQlZjbnNMejdyYWl5MCUzRA
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33647_11CCFA78C_3FA9BFE&KRTB&23092-R33647_11CCFA78C_3FA9BFE
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: df1belsirr1bpwze2umfp4m0
.dotomi.com/ Name: DotomiTest
Value: 6f46820fdcc912b9
.casalemedia.com/ Name: CMID
Value: Zv5Wn9HM4c4AAGc2ALfk0gAA
.casalemedia.com/ Name: CMPS
Value: 2524
.casalemedia.com/ Name: CMPRO
Value: 2524
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.infolinks.com/ Name: OXUSERCOOKIE
Value: d0ce7af3-aa37-0a1f-136d-3f5e571fe9c6
.infolinks.com/ Name: QCUSERCOOKIE
Value: HrjGOx24mToF7ZdoTr2NZhzqkj0FtpdvGr8WJQYf
.infolinks.com/ Name: URUSERCOOKIE
Value: OPTOUT
.infolinks.com/ Name: R1USERCOOKIE
Value: OPTOUT
.adkernel.com/ Name: DSP2F_3
Value: 336050
.adkernel.com/ Name: ADKUID
Value: A4070972125820932991
.infolinks.com/ Name: TPLSERCOOKIE
Value: 203985481728458924759
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQAEwhxEYu7_LgId871UAQEBAQEBAQCTUINcRgEBAJNQg1xG&KRTB&22715-AQAEwhxEYu7_LgId871UAQEBAQEBAQCTUINcRgEBAJNQg1xG&KRTB&23519-AQAEwhxEYu7_LgId871UAQEBAQEBAQCTUINcRgEBAJNQg1xG&KRTB&23632-AQAEwhxEYu7_LgId871UAQEBAQEBAQCTUINcRgEBAJNQg1xG
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwjQx5G3_uOxPRAFEhcKCHB1Ym1hdGljEgsItLWuu_7jsT0QBRIWCgdydWJpY29uEgsI1NnMwf7jsT0QBRIVCgZjYXNhbGUSCwjsk4PH_uOxPRAFGAEgAygCMgsImqux6JTksT0QBTgBWghwdWJtYXRpY2AC
.tribalfusion.com/ Name: ANON_ID
Value: aLnsPCpkijcDifqAbPsoOO40QxBVuJD425K0ZcH12vo1qM5TGq61yOJlhX7mcStScUXV1WH2Bnsdy94sy
.infolinks.com/ Name: IXUSERCOOKIE
Value: Zv5Wn9HM4c4AAGc2ALfk0gAA&2524
.pxl.iqm.com/ Name: infolink
Value: MTcyOTE1Mzk1MTE4NA==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: a793a2ff-caa2-46bb-b9e2-bd667bedd524
.go.sonobi.com/ Name: __uis
Value: 5d01cd74-ebf6-422d-a7cd-d87203b60f76
.go.sonobi.com/ Name: HAPLB8G
Value: s8530|Zv5Wo
.zemanta.com/ Name: zuid
Value: eFIjFAodMQ4QueWsEeH5
.33across.com/ Name: 33x_ps
Value: u%3D212818401702759%3As1%3D1727944351203%3Ats%3D1727944351203
.sharethrough.com/ Name: stx_user_id
Value: 4ea1c614-6f48-4ddd-82f9-176946a45060
.360yield.com/ Name: tuuid
Value: 40b9c788-552c-4d45-ab75-deb5d4c463b7
.360yield.com/ Name: tuuid_lu
Value: 1727944351
.infolinks.com/ Name: EQVSERCOOKIE
Value: 1681707399010623644
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQCDate
Value: 1727944351260
.infolinks.com/ Name: IQMUS
Value: a793a2ff-caa2-46bb-b9e2-bd667bedd524
.infolinks.com/ Name: SONOBIUSERCOOKIE
Value: 5d01cd74-ebf6-422d-a7cd-d87203b60f76
.intentiq.com/ Name: intentIQ
Value: p9gIGDfHNo
.infolinks.com/ Name: SHTUSERCOOKIE
Value: 3a2e093d-0d2c-4319-8f28-94867ba0a1b4
.contextweb.com/ Name: V
Value: QbbapYOByUpq
.contextweb.com/ Name: VP
Value: part_QbbapYOByUpq
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f42e455f64abce02
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmRuaWJibGpgaGy-ShzBNzS2NAcAlZxb7yAAAAA
.infolinks.com/ Name: ZMNUSERCOOKIE
Value: eFIjFAodMQ4QueWsEeH5
.adkernel.com/ Name: SSPR_40
Value: aHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vMTUybXVzP3VpZD1BNDA3MDk3MjEyNTgyMDkzMjk5MQ==
.adkernel.com/ Name: SSPZ
Value: 202694
.adkernel.com/ Name: DSP2F_40
Value: 639242
.intentiq.com/ Name: IQPData
Value: 2734018296#1727944351410#0#1727944351410
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6MTUzMjRfMCZVUTd5UDIz
.infolinks.com/ Name: IMDUSERCOOKIE
Value: 40b9c788-552c-4d45-ab75-deb5d4c463b7
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-EyF7vUtE2uKKFhBBVRsNp3EEPJ5th_db~A
.infolinks.com/ Name: PLPOUSERCOOKIE
Value: QbbapYOByUpq
.mookie1.com/ Name: syncdata_IOW
Value: 1
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 2018808926086458489
.infolinks.com/ Name: FRWHUSERCOOKIE
Value: 8cd5e906c5026d531dafa7287d5d7c8
.tynt.com/ Name: uid
Value: RbTjAmb+Vp+ElRLxS/K9JQ==
.creative-serving.com/ Name: tuuid
Value: 2f8151f6-45ba-4ffa-b114-a27b905910b4
.creative-serving.com/ Name: c
Value: 1727944351
.creative-serving.com/ Name: tuuid_lu
Value: 1727944351
.lijit.com/ Name: ljt_reader
Value: JbwgALZHvsJXdDmYT2KYm-ym
.infolinks.com/ Name: 33AUSERCOOKIE
Value: 212818401702759
.technoratimedia.com/ Name: tads_uidp_16
Value: 1549172725125
.technoratimedia.com/ Name: tads_uidp_37
Value: 2c52c1ae-8f99-37e6-b050-374be9382a44
.technoratimedia.com/ Name: tads_uidp_44
Value: M1T0FF2S-4-BXSE
.technoratimedia.com/ Name: tads_uidp_45
Value: 87E5DB58-8DE7-4051-832D-E713C19D4F1C
.technoratimedia.com/ Name: tads_uidp_46
Value: 6966832938580388838
.technoratimedia.com/ Name: tads_uidp_48
Value: 73119cbc-20c3-48c5-9fe9-0feefcc75c39
.technoratimedia.com/ Name: tads_uidp_49
Value: AQAH_5lniPmiTgIwp9RrAQEBAQEBAQCTUGkvvwEBAJNQaS-_
.technoratimedia.com/ Name: tads_uidp_50
Value: 07c6dddc-290b-455a-a997-f3071dab2354
.technoratimedia.com/ Name: tads_uidp_61
Value: 212817331653730
.technoratimedia.com/ Name: tads_uidp_62
Value: 3709442331829370000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: DYBYz62lq4rVneB-mGHkxVsRosuavDzK
.technoratimedia.com/ Name: tads_uidp_7
Value: d8b60183-8582-48dd-ac99-2caba206b256
.technoratimedia.com/ Name: tads_uidp_70
Value: 1670646038087-955011302607-007242-002-000574
.technoratimedia.com/ Name: tads_uidp_73
Value: AADAME7NxqYAABVLEw9LFw
.technoratimedia.com/ Name: tads_uidp_77
Value: jD7bAXIPU3ySSDb_oYFUwuayHlSrM8F4ah_RCqTYSto
.technoratimedia.com/ Name: tads_uidp_79
Value: 127b81f0-aa12-4796-834d-b50a26773db5
.technoratimedia.com/ Name: tads_uidp_80
Value: y-E2qSYr9E2uGL9Ds3Q1CcwBYflGxQjeJB~A
.technoratimedia.com/ Name: tads_uidp_82
Value: Zv5P6cAoIn0AACb4AR-2SQAA&2636
.technoratimedia.com/ Name: tads_uidp_83
Value: selLuQkEz1d8
.technoratimedia.com/ Name: tads_uidp_88
Value: 3481815887861451633137
.technoratimedia.com/ Name: tads_uidp_90
Value: 4ceb69ec-600e-47a9-9b1e-3a4adb6cfe84
.technoratimedia.com/ Name: tads_uidp_91
Value: 2238247929118836949brt54341665178665280338b5
.technoratimedia.com/ Name: tads_uid
Value: 5E15D2A62FC44EC58D52C87AC88A86C7
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230719045631+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1693142250488
.serverbid.com/ Name: CONSUMABLEID
Value: a48130d8721f45868130d8721f2586bb
.mgid.com/ Name: lmg_usr
Value: 5a3b36ef-a5c8-42df-8819-c70e7771e4f3
.mgid.com/ Name: lmg_r
Value: 13
.infolinks.com/ Name: IMDSUC
Value: 5E15D2A62FC44EC58D52C87AC88A86C7
.emxdgt.com/ Name: uid
Value: 51141727944351724633a2
.infolinks.com/ Name: CONSUSERCOOKIE
Value: a48130d8721f45868130d8721f2586bb
.infolinks.com/ Name: QORAUSERCOOKIE
Value: A4070972125820932991
.infolinks.com/ Name: MGIDUSERCOOKIE
Value: 5a3b36ef-a5c8-42df-8819-c70e7771e4f3
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-7633e554-83be-3da5-a3e0-4e90a8d1be8c
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: JbwgALZHvsJXdDmYT2KYm-ym
.csync.loopme.me/ Name: viewer_token
Value: 26245935-0463-485c-92d1-1290e820a6b2
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1727944351918%7D%2C%7B%22p%22%3A%224ef5c9a86a%22%2C%22f%22%3A1%2C%22ts%22%3A1727944351918%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1727944351918%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1727944351918%7D%2C%7B%22p%22%3A%22cf4d6e49b5%22%2C%22f%22%3A1%2C%22ts%22%3A1727944351918%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1727944351918%7D%5D
.infolinks.com/ Name: LOPMUSERCOOKIE
Value: 26245935-0463-485c-92d1-1290e820a6b2
.doubleclick.net/ Name: APC
Value: AfxxVi7rwiFdUyUDB6tvVj16t0xaAHURGz2uReq5SQvmDt5CumqYwQ
.doubleclick.net/ Name: __Secure-EPC
Value: AZoQ-q_3NOwBbGqwJSx-V2Ds7v6TCpaDE8-TtTmSAGcZoTn48OXK
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.media.net/ Name: data-inf
Value: setstatuscode~~41
.adsby.bidtheatre.com/ Name: __kuid
Value: 7295ab12-83f9-406c-8985-9008a17eee68.497158352
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2l1k:19cy~2l1k:190u~2l1k"
.infolinks.com/ Name: MNETUSERCOOKIE
Value: 3709459491829665000V10
.doubleclick.net/ Name: ar_debug
Value: 1
.pubmatic.com/ Name: SyncRTB4
Value: 1730505600%3A224%7C1733097600%3A69%7C1729123200%3A99_5_55_7_56_220_13_266_240_201_264_214_271_231_250_178_166_54_81_267_243_22_71_3_234_249_238_165_21_176_8_46_104_233_48_96%7C1728345600%3A216%7C1728777600%3A63%7C1728518400%3A223_2_15_38%7C1729209600%3A268_35
.id5-sync.com/ Name: id5
Value: e9675c37-a21f-78b0-ad6b-64a2e837e396#1727944352077#2
.infolinks.com/ Name: KADUSERCOOKIE
Value: A874733E-539B-40A8-B534-644FE380A4B0~1727952128442
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/ Name: PugT
Value: 1727944352
.krushmedia.com/ Name: krm_r
Value: 615
.krushmedia.com/ Name: krm_usr
Value: f039c1c9-469c-5797-9f03-e9417389b326
.ctnsnet.com/ Name: cid_a16a4b23c37b43a184c5caa2723deca3
Value: 1
.mathtag.com/ Name: uuid
Value: cd5666fe-56a0-4c00-bcfa-46243c898b8a
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: DPSync4
Value: 1729123200%3A258_262_263_261_260_259%7C1728518400%3A252_265
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1727965952730
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:cd5666fe-56a0-4c00-bcfa-46243c898b8a
.iqzone.com/ Name: iq_u_key
Value: 8f3716be-8486-41f9-98f0-dcd9966a60b4
.iqzone.com/ Name: iq_r_key
Value: 277
.resetdigital.co/ Name: ckbk
Value: 0000015D80EDD4EA
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7812307521144253798P
.owneriq.net/ Name: pmc
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23168-0000015D80EDD4EA&KRTB&23175-0000015D80EDD4EA
.360yield.com/ Name: um
Value: !313,O-Ojk-mzVaH2T7J6zMvFLeB0oVJY3UkYeFCcsho-1cBzbTpkBOHcSTXY0he9IFS3UnjqQV2iLqfjeav8,1735720352
.360yield.com/ Name: umeh
Value: !313,0,1790152352,-1
.kargo.com/ Name: ktcid
Value: 456979cb-700e-0609-5696-953bc2f8f253
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-mEFpAGA6Cj2AanqKoFb-Zg&KRTB&23557-mEFpAGA6Cj2AanqKoFb-Zg&KRTB&23586-mEFpAGA6Cj2AanqKoFb-Zg
.id5-sync.com/ Name: 3pi
Value: 108#1727944352584#-1816308446|124#1727944353146#-664485297
.id5-sync.com/ Name: cf
Value: gif
.id5-sync.com/ Name: cip
Value: 535
.id5-sync.com/ Name: cnac
Value: 5
.id5-sync.com/ Name: car
Value: 4
.id5-sync.com/ Name: gdpr
Value: 0|
.rubiconproject.com/ Name: audit_p
Value: 1|tcU7drVMZM6t1bdvgcGbXatyCNudzMjWlPKXFTOZxp4JD8deNwibMGBFLjCpjuoOAM9cvcJjp4hBK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPPuNhTILVOVI6hi7c8MRlpaYTw39Fr2+GfLfaw4G02zHzY7yoJVHQ3jeJRBGYIPH7q5ngH95WvEWDtzpiw79u8dIi/0PgMapEQ==
.rubiconproject.com/ Name: audit
Value: 1|tcU7drVMZM6t1bdvgcGbXatyCNudzMjWlPKXFTOZxp4JD8deNwibMGBFLjCpjuoOAM9cvcJjp4hBK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPPuNhTILVOVI6hi7c8MRlpaYTw39Fr2+GfLfaw4G02zHzY7yoJVHQ3jeJRBGYIPH7q5ngH95WvEWDtzpiw79u8dIi/0PgMapEQ==
.contextweb.com/ Name: ccpa
Value: 1---
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1tzf|8rT.0.1|8vA.0.1
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1tzf|8rT.0.1|8vA.0.1
.quantserve.com/ Name: sp
Value: CggIiQ0SAxDIDQoJCO7oBhIDEMgNCgkIjqMGEgMQyA0=
s2s.t13.io/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJwdWJtYXRpYyI6eyJ1aWQiOiJBODc0NzMzRS01MzlCLTQwQTgtQjUzNC02NDRGRTM4MEE0QjAiLCJleHBpcmVzIjoiMjAyNC0xMC0xN1QwODozMjozMy4wNTk2NTYwMDlaIn0sInB1bHNlcG9pbnRmc3giOnsidWlkIjoiUWJiYXBZT0J5VXBxIiwiZXhwaXJlcyI6IjIwMjQtMTAtMTdUMDg6MzI6MzMuNTk0ODY2NTI0WiJ9LCJxdWFudGNhc3Rmc3giOnsidWlkIjoiN2g2dWRPMGU4WFgxU184bnZodmxLZXhNLW5MMUVQOGc2aGxjYldvUCIsImV4cGlyZXMiOiIyMDI0LTEwLTE3VDA4OjMyOjMzLjgwNjg0NzYwOFoifSwibWVkaWFuZXQiOnsidWlkIjoiMzcwOTQ1OTQ5MTgyOTY2NTAwMFYxMCIsImV4cGlyZXMiOiIyMDI0LTEwLTE3VDA4OjMyOjI5LjY4OTg4NzE4MloifSwiMzNhY3Jvc3MiOnsidWlkIjoiMjEyODE4NDAxNzAyNzU5IiwiZXhwaXJlcyI6IjIwMjQtMTAtMTdUMDg6MzI6MzIuMjgxNDE3NDg2WiJ9fX0=
.pubmatic.com/ Name: SPugT
Value: 1727944354

3 Console Messages

Source Level URL
Text
network error URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://controlc.com/e4d11035%20benign.exe%20https://controlc.com/e4d11035%20benign.exe
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=106' from origin 'https://controlc.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=106
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.pub.network
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ads.yieldmo.com
analytics.google.com
ap.lijit.com
api.btloader.com
api.edkt.io
api.intentiq.com
api.rlcdn.com
bh.contextweb.com
bidder.criteo.com
btloader.com
c.pub.network
c1.adform.net
c2shb.pubgw.yahoo.com
cdn-ima.33across.com
cdn.confiant-integrations.net
cdn.edkt.io
cdn.hadronid.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
cmp.inmobi.com
cms.quantserve.com
controlc.com
creativecdn.com
d-code.liadm.com
d.pub.network
d.turn.com
d0867346db9452d1fff2d62a7f27f941.safeframe.googlesyndication.com
de.tynt.com
dpm.demdex.net
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
freestar-io.videoplayerhub.com
g2.gumgum.com
global.ib-ibi.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
hde.tynt.com
ib.adnxs.com
ice.360yield.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
idx.liadm.com
image2.pubmatic.com
imasdk.googleapis.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
odr.mookie1.com
optimise.net
p.ad.gt
pa.openx.net
pagead2.googlesyndication.com
pb-ing.ccgateway.net
pb-rtd.ccgateway.net
pixel.quantserve.com
pixel.tapad.com
pixels.ad.gt
protected-by.clarium.io
proton.ad.gt
resources.infolinks.com
router.infolinks.com
rp.liadm.com
rp4.liadm.com
rt3044.infolinks.com
rtb.openx.net
rules.quantcount.com
s0.2mdn.net
s2s.t13.io
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
seg.ad.gt
ssbsync-global.smartadserver.com
ssc-cms.33across.com
st.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.intentiq.com
td.doubleclick.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
usersync.gumgum.com
vjs.zencdn.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
ads.yieldmo.com
api.rlcdn.com
c2shb.pubgw.yahoo.com
fastlane.rubiconproject.com
ib.adnxs.com
pagead2.googlesyndication.com
rtb.openx.net
104.17.25.14
104.18.21.206
108.139.29.127
130.211.23.194
142.251.111.155
142.251.163.103
142.251.174.155
142.251.179.155
142.251.179.156
15.197.193.217
151.101.130.49
151.101.193.108
162.19.138.116
162.19.138.82
172.253.62.157
172.64.144.166
172.64.152.89
172.66.41.9
172.66.42.247
172.67.219.69
173.194.66.148
18.236.67.200
185.167.164.39
185.184.8.90
2001:4860:4802:34::181
207.65.37.179
209.85.232.132
23.220.128.23
23.50.125.215
23.62.164.208
23.83.76.53
2600:1f18:730:b120:a80c:fec8:4759:b1e1
2600:9000:21dd:8400:6:44e3:f8c0:93a1
2600:9000:26fa:6400:1b:cadc:ef40:93a1
2600:9000:26fa:7e00:1c:2afd:fb00:93a1
2600:9000:26fa:dc00:1b:6b7d:2300:93a1
2602:803:c002:200::32
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::6816:4bd8
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::681a:346
2606:4700:20::681a:932
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c09::61
2607:f8b0:4004:c09::8a
2607:f8b0:4004:c0b::9a
2607:f8b0:4004:c17::84
2607:f8b0:4004:c1d::95
2607:f8b0:400d:c00::5f
2607:f8b0:400d:c07::84
2620:100:a00b::12
2620:100:a00b::30
2620:100:a00b::4
2620:112:f008:200::101
2620:116:800b:21:c1e8:5385:5098:6bf0
2a04:4e42:200::729
3.208.175.5
3.211.226.62
3.224.48.30
3.226.63.171
3.87.177.86
34.107.140.113
34.111.113.62
34.111.152.239
34.120.111.33
34.160.152.31
34.199.38.231
34.200.65.202
34.201.158.95
34.221.217.118
34.226.166.142
34.36.214.49
34.98.64.218
35.186.253.211
35.190.90.30
35.211.202.130
35.244.193.51
35.71.139.29
44.193.142.207
44.227.183.117
50.16.193.48
52.7.57.123
54.198.126.40
54.81.176.122
54.87.127.173
54.88.183.94
67.202.105.24
67.202.105.33
67.202.105.34
68.67.181.211
69.169.85.6
69.173.151.100
69.194.240.13
74.214.194.131
8.28.7.83
8.28.7.95
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea
0907959b11d1b4773eedf78b7b3e49db56eac004f06c3015d8a79c8f09dbf70d
09852816009dd6a43f8701bc4dcdd022fa7386625f70b93bcc690b4e76a0bf64
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ddba0922a45957701891711e9f25d998cb23fc853271bba573dc0bc96dc64fc
0f5842ea7eb05626c815cc831ef3c8626910ab49b45660fa94ca207abb88603e
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
15f8c8ed7381d3d14f06154b3bdc7d65ba5b8cfbd596f6ac99002fd58f65f45c
19f66a747e37c4f60229edfb077bd68a12582f0de40e450ecefc7350bdabb0bf
1bf5435c55a81e3f050dc22ed008eb354bcecd1c042316e81a95a488a6c0ae43
1c93c1979b0cc25970a10afb9de41f2ff109083a11d3fd9ed0746772ff5ad7d5
1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587
1f1f68585f3a316013c0b304f8053b54ec01cbfd17564ca551960a289eb4f8d1
1f3ae296f92790801c06671107b0ff276eb63d81e3d5fc4d6dbb7d5a796521aa
20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c
21f4265b3a5d2022b7b4da2cb5247039ef8eb6518b7ed2a8f7f0be0c87d421b1
23359dfbe55a61f8508c6b608a5213dc3c0fc7bb31c356c65a406ad9d884f09d
2a0ee540255d0ba5c91e1b83d648cbcab67f5a11012a01c2a3ed8702023c0a0b
2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6
2c9eca453aa7ce7daf2d71dbb6a3d134154488825d9e213de5413050289508ce
2dd1b4e7e2c6ebfd815d4cdf497a829b83e9d30089e9f2cc35830594b78ffd39
2f32a3ddfccdb21a0aecbc1e5d93c3389427b8f13e0466c014ea1047f5197b4e
33a7b22c5a697d510b9763824fc4357af4c10064fee8cea5f91a17bd0ced6d79
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
34ca6e141af02ad5870ffe703525e06e82573fefa255353c40124c3df5243b4c
374c185af0bd0f7f525a2b15ed1ebc31410fa20b69cb425a315584970b67b368
385bd200f3facdd9f400d6bab45bb0f1d34ec4c2c00c77f11ebbf1e0e7278677
39285d3828cf2f4ac7ce28f19fea967a91ba152377039c52e645a745cb19df35
3a997a0e2ef776d90fd122ff35b872b388a17c3d086d125a7517f4256f9e7c2a
3b6a1eb5dce682f859d4bad99986e39efce56caf8be392017c391b4eca0fd36e
3c2d81c2b78ab201707cd6eb215fbe9277947c70684a3bb812f47a90901e0ef7
3c33fc0ff1eae6ad1e0d70b226b3bdbdede2558c115a941ba70c8d24f38192e0
40b3b4542e4d05f6bbd68e7eba6d424abffd64fb9cc3ba8c8c9c932f088c787a
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
47fe320192a454338f720922b358b42cea853f201605296fe1dc2f6c7887e6dc
48f11ad04221f75f7524c836d81a34e5d8af839c4496c214001be00a04c3ac7c
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4bbc50e8d3c5ae89a578d9069290f9de8d12caa81c38980ae952af049c3db2a2
4c0118be63e8834d146eb74d5ba15532cc3a2e960327feb951b6139f80bd127c
4e88bdd593ff03eb5690c3cdfbd55742dc6e5e18e6c92a82faf6f7f4ec31a3b2
4f26899b12dda4d140a1a0ea0358ae9aeaccb3ef48e5b1794cbad831cf544e64
51d7ab26f75ddc39c88182b6ed612ff26a9088ad35b7409ee4f582df4d9fcff2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a979130309c3f0d4398298f648e90a8ded2df500fdf3c758e9051ecf6229cb
58d30a8fb7e80b506821fab9036063345f6e79410c8ab8f396c6975047a4f6f6
6270b0ca90833978572e7972591fe5f6c15fef5a0bd6104bc14d0957ae7a5e90
6323e644fa3d524f95c8e11e845bd3ff2eabb808a27bd7ce2c1c4a43c5150b26
63f865e695f26856e6384e6c4acdf855c9a5d2561c5c822d7bdc3d86f2d1bd09
662a11022bd585bc2ea6bf2e1dc35c33b8e68b1c27c5aea83da55ba8e48f7499
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a0548d5077feeeb6e5d9eb0b997df12b2145b88d8ecd86aed4b73a07dd8a9f1
6c3065ea722dd8df15cb72820274aa0a75b53d97631ce10c6352cc5cac6f4946
6d6d6db82b72de0cabadc4c1c80723186f0c6009b78201fee9b582455ebb9c89
6df3af046b6b96ee735a8bac1ebd1214ffad19c702d6dd39a64b31b6c77b4b6e
6df9f9b78f713dce0353fa00d2f7758ce8afd5d2e62364fe2fb1d1a1cc6f7d10
6e7a09dc648c125ad958d1465bcab558ee19b62b1ad3dd7d7b3fc9af795c7ac4
7031d160601f0d765c12d44c9773caafb7dc03236c9196636bc4255174ebf501
712369aef7db8ee613780ed94892762890345add2113c7749b2f03b819c0a4fc
74bb59a6cc43a0b8d78be9e9f31c9ef4c62d32afbbcc72486ab9e2a89348c907
7504a0559e4a774e4aa680f0b14bba83b8f702952fe83f61493dc3d2bdeb3f14
782188de4d34d7278c4901be819c2f1c8115a48b5e36a61937b6f89596717a00
78c668d13e43b8030ac7995ee755adfe9c2df87ce0d74b52f2f124c7b2eac90a
7aaace6236fdd87287b80219774b504cd41da9667ff077e9e3ec90a44e2448a3
7b8444a91947796fedf2b5e080d5a5e484493db385443ddad5cc0a153b3e8eb7
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
7ff9977af2b5f8bc4cb3ec6c0300c9a9029be11b7896a67d6af64706ab24ff69
7ffddeea0560cc868d6f000aa6c817fa15f35a50739b7b3784b62f528884e9af
87fb370f04b1b338ebcf630ec698018f89a79420f351510405aca38cd66872a6
8d5bf46c39d89b356938b844221412c85f6d5f18a9c4ccd929ef11862b860db1
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f60c8e46ff2161132091c8bdaf0628c161918a67a1d65854c21bc6bdff7eb91
92e0169558da5873e19b4dd4503c83cf6edf71b6ffc435d04e3938a2e5dcfee9
98cc156b03820740ae172f00da45848efbc175b3fea3757cc58ac5e3d25b23ed
9a373ae6214168509dc4fe047f320b9d27bd87ed907d66806ce9b865ca55042a
9b0f98cacb28b6e5e9b5b4e688b97b7e9216e869af4888dc6c8eff929c28216e
9b1a8fdbe6cb3b769f692a437da370b9941e8c72d54fb39e5e9b3eacccdf0111
9f3bc57a2717917947cad2ec0b4b07040e997776ee1059865f4f8494d3c2ff96
a0be5718f216fd2b289375e348e8115ed84df63f313ce02424f2f1483f259612
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a600e503fc0dcb171bd2ce6b639bbb5cf35b91ccc3c045324a7a4e2603683a0f
a68b5555f2e4db3454bca121bb60d255ff942e57985f3a7b1dfc1f9489dab1bf
a770bf9b5b48da91710fac55755757ef910f55c12d39cde1e19acaade6440001
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7cf1bcd874d4a78388eb5103f715ffd9dd3178be184e81efa4e62a2ca64d763
a86aaf9d38b306a6e0babf4ed504e5e6461cbd3386780a58d243fa9edc678e55
a97f0487ee4b31b751e041c53b5704ba6cc986a322864c0141933167029166dd
aa2d5d522b04b79738c2c7497ca8286046fbb7712d49569b58c60c8535780755
aaf5f21b6aa1f318e7d141b4e71314964d5b806c2672b28f4227773a5d1d38d4
ab2438e15c02ce7ed04062be3f3ae1e59a9470a22f66eac4e82d735c530e1eee
abab6a4e17f9e089f4d8ea9df6831cc70f3ca4f59837c649e91524707fd68173
acd4e7001db94b80bc6dab74d980a9c6c65933917e3af6de002442a6afe562f0
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a
bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2
bf48621b8007e02bc674735cd562b54bd9a0d917db1abc2adc5f111754bd0865
bfaa838d915186f23c3ec5a536d2ec63f71d14653e791c7d7cdf6437c8f55807
c21a0123c7d24c9800ebed7a00fffd3ec7cef85f822425e8d50562984a2b4669
c2d9d0a69ef56a50ced6f3de634730c76fafecf0697e41e5f7373c0b28d5dca1
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c396e678cf2db4e0553c655ac2c42c0c48793872de82e5119d99e6d45c759642
c3ec7a34fd384ac5180d01c4533c982dae64ed101e6d4c6c60c7d7d4d41f8db2
c3eff6c5c11ba97dc172800d6bcd9dff907d0ed2a78cc978cdf75866b621aaeb
c72fcc889cf4f2a5e4aed49db5986f77e6af8d586392e8d93d4d126a8c435149
c78b04a02bfbf8b4f184265e524c9f03b4e73bea4b0c6e3a3aeb150938df99de
ca07fdf0b0b924123007e4f38f7b8a3576afc6e4d068c1c439997190e26bae20
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbd59b119ffc511f695d98732dace1e51f31874cad85bea1124b1697509a038a
cdd92fb102c992c7155ac1ede876793d44e1ad29a151eeaa3615915ed3b7c17a
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d88b55022f9d85f8102ad0c7cfddaf2beee5e6e8f73d05f7808013af1e6e5268
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
daf4aeb19979d50923fb13f87101323a7a9cd3116f68fc79ec069ca974bde8df
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1ad4c63e69c70fb1903ebff7b49b78ecee259f680d5625c9304ad3cf70a7a80
e345e11707cdde24bc4e889617bb6701e86e86df8ffe67cabb18a5360b7dd0af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52c3c88b94eb01147119d9708ae7c15a3a9f2876129c5b34aa7125842778d03
e62798140379008b3de9cf422020c1e5abd0bfc16440ebc66dcb8f5c80c8c663
e67c2983ce9f0d72efa2023c2d0e5c15de736310798d5f57cd4414edfbcc5e27
e738183a60e8cf19e763729b96c19d0ccee30f225e75ad61b8648a3cc7bfa969
e92bc4757cac451a3670b497c1006d709cf39b83aa47bc8f01c41070c2a5049e
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f1d93ba67e8f6d78f4ebe80d436ec2d719706f8372444aa77fd09fd52ba0f1f9
f1e032375812c262236c158867ab8b9b3916e1bf6665fa999b0186c594ab7b14
f66ae1b24b3bfd9d8c322e131c7e18991613cce376b9f89f22e1cbee38fb03ac
f9644de09906ff7b61ff5216efd323a7f59c4a43554522fb3ad5149b483fb7f2
fa9f02bdf13fb2e73589a274dc8aab402c9ec4f90f7e5449b6f18324edf28011
fe17ce2104d0118f874f5ec8ac87768914005c62daad7ac09648ae0d904f02b0
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ffb035bbb0247ca4432e521af4574c76dd07c3ae13853936ae16df84c341bcf5