urlscan.io logo urlscan.io
SecurityTrails logo

ezgif.com Open in urlscan Pro
142.132.249.108  Public Scan

Go To Rescan Add Verdict Report
URL: https://ezgif.com/
Submission Tags: falconsandbox
Submission: On December 23 via api from US — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 87 IPs in 8 countries across 68 domains to perform 402 HTTP transactions. The main IP is 142.132.249.108, located in Germany and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is ezgif.com. The Cisco Umbrella rank of the primary domain is 157111.
TLS certificate: Issued by R11 on December 21st 2024. Valid for: 3 months.
This is the only time ezgif.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 142.132.249.108 24940 (HETZNER-A...)
3 21 142.250.185.226 15169 (GOOGLE)
2 104.18.30.49 13335 (CLOUDFLAR...)
1 104.22.75.216 13335 (CLOUDFLAR...)
1 104.26.2.199 13335 (CLOUDFLAR...)
4 104.26.5.6 13335 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
2 172.67.69.19 13335 (CLOUDFLAR...)
10 216.58.206.38 15169 (GOOGLE)
11 18.66.147.69 16509 (AMAZON-02)
3 3.167.231.151 ()
1 151.101.129.229 54113 (FASTLY)
2 130.211.23.194 396982 (GOOGLE-CL...)
8 12 162.19.138.119 16276 (OVH OVH SAS)
3 178.250.1.11 44788 (ASN-CRITE...)
2 172.67.75.241 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.66.102.21 16509 (AMAZON-02)
5 178.250.1.3 44788 (ASN-CRITE...)
1 104.18.29.101 13335 (CLOUDFLAR...)
1 18.66.128.208 16509 (AMAZON-02)
1 18.66.186.105 16509 (AMAZON-02)
8 172.67.68.162 13335 (CLOUDFLAR...)
4 3.72.6.211 16509 (AMAZON-02)
6 209.38.48.20 14061 (DIGITALOC...)
4 172.64.153.78 13335 (CLOUDFLAR...)
1 5 54.217.95.60 16509 (AMAZON-02)
4 51.89.9.254 16276 (OVH OVH SAS)
1 2 37.157.4.29 198622 (ADFORM Ad...)
5 89.149.193.80 60781 (LEASEWEB-...)
3 7 37.252.171.52 29990 (ASN-APPNEX)
5 178.250.1.56 44788 (ASN-CRITE...)
5 7 163.5.194.34 60558 (SECUREDSE...)
4 3.124.64.248 16509 (AMAZON-02)
5 188.166.203.175 14061 (DIGITALOC...)
5 15.204.162.83 16276 (OVH OVH SAS)
5 46.228.174.115 56396 (Amobee NE...)
4 34.120.63.153 396982 (GOOGLE-CL...)
4 35.227.252.103 396982 (GOOGLE-CL...)
5 54.84.92.154 14618 (AMAZON-AES)
1 18.245.31.92 16509 (AMAZON-02)
4 13.32.47.193 16509 (AMAZON-02)
4 23.215.23.172 16625 (AKAMAI-AS)
1 104.22.53.173 13335 (CLOUDFLAR...)
1 172.67.38.106 13335 (CLOUDFLAR...)
2 162.19.138.120 16276 (OVH OVH SAS)
1 1 51.178.195.213 16276 (OVH OVH SAS)
1 2 52.95.126.138 16509 (AMAZON-02)
1 142.250.185.97 15169 (GOOGLE)
1 13 23.52.120.27 16625 (AKAMAI-AS)
1 104.18.22.145 13335 (CLOUDFLAR...)
1 87.248.119.252 203220 (YAHOO-DEB...)
79 142.250.184.194 15169 (GOOGLE)
6 159.89.25.223 14061 (DIGITALOC...)
15 216.58.206.33 15169 (GOOGLE)
3 172.217.16.202 15169 (GOOGLE)
16 142.250.185.225 15169 (GOOGLE)
3 142.250.185.98 15169 (GOOGLE)
2 178.250.1.6 44788 (ASN-CRITE...)
7 10 35.214.136.108 19527 (GOOGLE-2)
5 5 172.217.16.194 15169 (GOOGLE)
3 35.214.200.194 19527 (GOOGLE-2)
3 178.250.1.59 44788 (ASN-CRITE...)
1 35.214.230.116 19527 (GOOGLE-2)
4 2.20.245.134 20940 (AKAMAI-AS...)
1 1 79.127.227.46 60068 (CDN77 Dat...)
1 1 104.18.26.193 13335 (CLOUDFLAR...)
2 2 185.64.191.214 62713 (AS-PUBMATIC)
1 185.64.191.210 62713 (AS-PUBMATIC)
5 216.58.206.70 15169 (GOOGLE)
3 13.248.245.213 16509 (AMAZON-02)
3 142.250.185.163 15169 (GOOGLE)
2 163.5.194.35 60558 (SECUREDSE...)
1 15.204.46.102 16276 (OVH OVH SAS)
1 104.22.55.206 13335 (CLOUDFLAR...)
2 5 34.98.64.218 396982 (GOOGLE-CL...)
1 2.16.168.108 20940 (AKAMAI-AS...)
1 51.89.9.253 16276 (OVH OVH SAS)
1 24.144.114.245 14061 (DIGITALOC...)
1 1 13.32.27.108 16509 (AMAZON-02)
3 51.178.195.216 16276 (OVH OVH SAS)
2 2 89.207.16.137 41041 (VCLK-EU-S...)
1 1 91.228.74.200 16509 (AMAZON-02)
1 2 151.101.194.49 54113 (FASTLY)
1 34.248.76.113 16509 (AMAZON-02)
1 63.215.202.146 41041 (VCLK-EU-S...)
1 1 52.51.134.92 16509 (AMAZON-02)
1 52.17.32.26 16509 (AMAZON-02)
1 4 37.157.5.141 198622 (ADFORM Ad...)
1 1 3.33.220.150 16509 (AMAZON-02)
2 2 54.77.101.113 16509 (AMAZON-02)
1 1 216.200.232.253 30419 (PAEDAE-INC)
1 1 69.173.144.165 26667 (RUBICONPR...)
1 2 77.243.51.121 42697 (NETIC-AS ...)
3 18.195.178.170 16509 (AMAZON-02)
6 178.250.1.57 44788 (ASN-CRITE...)
2 3.69.226.21 16509 (AMAZON-02)
2 2 178.250.1.9 44788 (ASN-CRITE...)
2 195.138.255.24 201011 (CORE-BACK...)
1 130.211.44.5 396982 (GOOGLE-CL...)
402 87
5    142.132.249.108 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: s3.ezgif.com
ezgif.com
21    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
2    104.18.30.49 (None, )

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
1    104.22.75.216 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    104.26.2.199 (None, )

ASN13335 (CLOUDFLARENET, US)
img.buymeacoffee.com
4    104.26.5.6 (None, )

ASN13335 (CLOUDFLARENET, US)
cmp.setupcmp.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
bt.dns-finder.com
2    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
10    216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net
ad.doubleclick.net
11    18.66.147.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-69.fra60.r.cloudfront.net
tagan.adlightning.com
3    3.167.231.151 (United States)

ASN ()
PTR: server-3-167-231-151.fra60.r.cloudfront.net
c.amazon-adsystem.com
1    151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
12    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
3    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
gum.criteo.com
2    172.67.75.241 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    18.66.102.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-21.fra56.r.cloudfront.net
connectid.analytics.yahoo.com
5    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
static.criteo.net
1    104.18.29.101 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    18.66.128.208 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-128-208.fra60.r.cloudfront.net
cdn.prod.euid.eu
1    18.66.186.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-186-105.muc50.r.cloudfront.net
cdn.prod.uidapi.com
8    172.67.68.162 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid-stag.setupad.net
4    3.72.6.211 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-6-211.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
6    209.38.48.20 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)
exchange.cootlogix.com
4    172.64.153.78 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
5    54.217.95.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-95-60.eu-west-1.compute.amazonaws.com
ap.lijit.com
4    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
2    37.157.4.29 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
adx.adform.net
c1.adform.net
5    89.149.193.80 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
prg.smartadserver.com
7    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
5    178.250.1.56 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
bidder.criteo.com
7    163.5.194.34 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US)
prebid.a-mo.net
4    3.124.64.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-64-248.eu-central-1.compute.amazonaws.com
tlx.3lift.com
5    188.166.203.175 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
rt.marphezis.com
5    15.204.162.83 (Reston, United States)

ASN16276 (OVH OVH SAS, FR)
PTR: ns1016849.ip-15-204-162.us
pbs.nextmillmedia.com
5    46.228.174.115 (United Kingdom)

ASN56396 (Amobee NEXXEN GROUP LTD, GB)
targeting.unrulymedia.com
4    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
4    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
5    54.84.92.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-92-154.compute-1.amazonaws.com
report2.hb.brainlyads.com
1    18.245.31.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-92.fra56.r.cloudfront.net
config.aps.amazon-adsystem.com
4    13.32.47.193 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-47-193.fra60.r.cloudfront.net
aax.amazon-adsystem.com
4    23.215.23.172 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-23-172.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    104.22.53.173 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    51.178.195.213 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip213.ip-51-178-195.eu
ssbsync-global.smartadserver.com
2    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
9a37fdd55ce2aa37122daeaab6087163.safeframe.googlesyndication.com
13    23.52.120.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-27.deploy.static.akamaitechnologies.com
hbx.media.net
warp.media.net
hblg.media.net
contextual.media.net
cdn-geuw1-xch.media.net
1    104.18.22.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
1    87.248.119.252 (United Kingdom)

ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com
ups.analytics.yahoo.com
79    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
6    159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
node.setupad.com
15    216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f1.1e100.net
cdn.ampproject.org
3    172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f10.1e100.net
fonts.googleapis.com
16    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
tpc.googlesyndication.com
3    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googleadservices.com
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
cat.nl3.eu.criteo.com
10    35.214.136.108 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com
gce-nl-sync.bidswitch.net
x.bidswitch.net
5    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
cm.g.doubleclick.net
3    35.214.200.194 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 194.200.214.35.bc.googleusercontent.com
media.grid.bidswitch.net
3    178.250.1.59 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
grid-mercury.criteo.com
1    35.214.230.116 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 116.230.214.35.bc.googleusercontent.com
ghent-gce-nl.bidswitch.net
4    2.20.245.134 (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-20-245-134.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
1    79.127.227.46 (Amsterdam, Netherlands)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-79-127-227-46.datapacket.com
id.a-mx.com
1    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
2    185.64.191.214 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
5    216.58.206.70 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f6.1e100.net
s0.2mdn.net
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
fonts.gstatic.com
2    163.5.194.35 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US)
prebid.a-mo.net
sync.a-mo.net
1    15.204.46.102 (Hillsboro, United States)

ASN16276 (OVH OVH SAS, FR)
PTR: ns1021989.ip-15-204-46.us
cookies.nextmillmedia.com
1    104.22.55.206 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
setupad-d.openx.net
1    2.16.168.108 (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-168-108.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
1    24.144.114.245 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.cootlogix.com
1    13.32.27.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-108.fra56.r.cloudfront.net
s.ad.smaato.net
3    51.178.195.216 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip216.ip-51-178-195.eu
rtb-csync.smartadserver.com
2    89.207.16.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE Conversant LLC, US)
PTR: ams03-nessy-float1.dotomi.com
equativ-match.dotomi.com
1    91.228.74.200 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    151.101.194.49 (San Francisco, United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.248.76.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-76-113.eu-west-1.compute.amazonaws.com
pbs-cs.yellowblue.io
1    63.215.202.146 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE Conversant LLC, US)
PTR: ams01-convex-float1.dotomi.com
proc.ad.cpe.dotomi.com
1    52.51.134.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-134-92.eu-west-1.compute.amazonaws.com
ap.lijit.com
1    52.17.32.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-32-26.eu-west-1.compute.amazonaws.com
ce.lijit.com
4    37.157.5.141 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
cm.adform.net
adx.adform.net
1    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    54.77.101.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-101-113.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    216.200.232.253 (Frederick, United States)

ASN30419 (PAEDAE-INC, US)
sync.mathtag.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    77.243.51.121 (Aalborg, Denmark)

ASN42697 (NETIC-AS Netic A/S, DK)
uipglob.semasio.net
3    18.195.178.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-178-170.eu-central-1.compute.amazonaws.com
lwadm.com
6    178.250.1.57 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
ssp-sync.criteo.com
2    3.69.226.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-226-21.eu-central-1.compute.amazonaws.com
1x1.a-mo.net
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
dis.criteo.com
2    195.138.255.24 (Germany)

ASN201011 (CORE-BACKBONE Core-Backbone GmbH, DE)
cdn.doubleverify.com
1    130.211.44.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.44.211.130.bc.googleusercontent.com
tps.doubleverify.com
Apex Domain
Subdomains		 Transfer
86 googlesyndication.com
9a37fdd55ce2aa37122daeaab6087163.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
205 KB
46 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
ad.doubleclick.net — Cisco Umbrella Rank: 145
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
adx.g.doubleclick.net Failed
447 KB
21 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 450
bidder.criteo.com — Cisco Umbrella Rank: 949
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 13844
grid-mercury.criteo.com — Cisco Umbrella Rank: 3488
ssp-sync.criteo.com — Cisco Umbrella Rank: 980
dis.criteo.com — Cisco Umbrella Rank: 702
25 KB
17 media.net
prebid.media.net — Cisco Umbrella Rank: 1005
hbx.media.net — Cisco Umbrella Rank: 1165
warp.media.net — Cisco Umbrella Rank: 2743
hblg.media.net — Cisco Umbrella Rank: 2090
contextual.media.net — Cisco Umbrella Rank: 724
cdn-geuw1-xch.media.net — Cisco Umbrella Rank: 48573
97 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 527
104 KB
14 bidswitch.net
gce-nl-sync.bidswitch.net — Cisco Umbrella Rank: 31741
x.bidswitch.net — Cisco Umbrella Rank: 393
media.grid.bidswitch.net — Cisco Umbrella Rank: 3135
ghent-gce-nl.bidswitch.net — Cisco Umbrella Rank: 13769
3 KB
13 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 533
cdn.id5-sync.com — Cisco Umbrella Rank: 1004
43 KB
11 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 788
sync.a-mo.net — Cisco Umbrella Rank: 1726
1x1.a-mo.net — Cisco Umbrella Rank: 3182
4 KB
11 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2835
101 KB
10 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 347
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687
aax.amazon-adsystem.com — Cisco Umbrella Rank: 468
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1199
96 KB
9 openx.net
rtb.openx.net — Cisco Umbrella Rank: 552
u.openx.net — Cisco Umbrella Rank: 761
setupad-d.openx.net — Cisco Umbrella Rank: 86814
1 KB
9 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1998
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1817
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 739
10 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
acdn.adnxs.com — Cisco Umbrella Rank: 643
secure.adnxs.com — Cisco Umbrella Rank: 495
22 KB
8 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 49541
22 KB
7 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 551
eb2.3lift.com — Cisco Umbrella Rank: 429
4 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 780
ce.lijit.com — Cisco Umbrella Rank: 973
6 KB
7 cootlogix.com
exchange.cootlogix.com — Cisco Umbrella Rank: 6166
sync.cootlogix.com — Cisco Umbrella Rank: 2064
2 KB
6 setupad.com
node.setupad.com — Cisco Umbrella Rank: 60809
1 KB
6 nextmillmedia.com
pbs.nextmillmedia.com — Cisco Umbrella Rank: 3287
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2679
1 KB
6 adform.net
adx.adform.net — Cisco Umbrella Rank: 6835
cm.adform.net — Cisco Umbrella Rank: 1505
c1.adform.net — Cisco Umbrella Rank: 611
3 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 3460
mp.4dex.io — Cisco Umbrella Rank: 2752
22 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
62 KB
5 brainlyads.com
report2.hb.brainlyads.com — Cisco Umbrella Rank: 5991
2 KB
5 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 853
626 B
5 marphezis.com
rt.marphezis.com — Cisco Umbrella Rank: 6240
827 B
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
2 KB
5 criteo.net
static.criteo.net — Cisco Umbrella Rank: 793
45 KB
5 ezgif.com
ezgif.com — Cisco Umbrella Rank: 157111
28 KB
4 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1960
1 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1120
106 KB
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 985
1 KB
4 setupcmp.com
cmp.setupcmp.com — Cisco Umbrella Rank: 72396
37 KB
3 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 481
tps.doubleverify.com — Cisco Umbrella Rank: 516
87 KB
3 dotomi.com
equativ-match.dotomi.com — Cisco Umbrella Rank: 3440
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3098
1 KB
3 gstatic.com
fonts.gstatic.com
35 KB
3 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 684
image2.pubmatic.com — Cisco Umbrella Rank: 886
2 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
60 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
3 lwadm.com
lwadm.com — Cisco Umbrella Rank: 77519 Failed
6 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 947
api.btloader.com — Cisco Umbrella Rank: 1068
21 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1699
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 818
688 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946
562 B
2 crwdcntrl.net
tags.crwdcntrl.net Failed
sync.crwdcntrl.net — Cisco Umbrella Rank: 961
807 B
2 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 6469
ups.analytics.yahoo.com — Cisco Umbrella Rank: 548
9 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 975
2 KB
2 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 45151
142 KB
1 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 500
911 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1045
880 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
592 B
1 yellowblue.io
pbs-cs.yellowblue.io — Cisco Umbrella Rank: 4285
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 884
294 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 574
457 B
1 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1646
ssum-sec.casalemedia.com Failed
926 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 1660
723 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1618
239 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1791
326 B
1 connectad.io
i.connectad.io Failed
cdn.connectad.io — Cisco Umbrella Rank: 14051
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 4220
4 KB
1 euid.eu
cdn.prod.euid.eu — Cisco Umbrella Rank: 19768
4 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1329
7 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2700
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
1 KB
1 dns-finder.com
bt.dns-finder.com — Cisco Umbrella Rank: 277135
1 KB
1 buymeacoffee.com
img.buymeacoffee.com — Cisco Umbrella Rank: 147326
20 KB
0 admedo.com Failed
pool.admedo.com Failed
0 google.com Failed
www.google.com — Cisco Umbrella Rank: 3 Failed
0 openxcdn.net Failed
oa.openxcdn.net Failed
402 68
Domain Requested by
69 pagead2.googlesyndication.com tagan.adlightning.com
pagead2.googlesyndication.com
ezgif.com
21 securepubads.g.doubleclick.net 3 redirects ezgif.com
securepubads.g.doubleclick.net
tagan.adlightning.com
16 tpc.googlesyndication.com ezgif.com
tagan.adlightning.com
15 cdn.ampproject.org ezgif.com
tagan.adlightning.com
12 id5-sync.com 8 redirects stpd.cloud
cdn.id5-sync.com
11 tagan.adlightning.com stpd.cloud
tagan.adlightning.com
10 googleads.g.doubleclick.net tagan.adlightning.com
ezgif.com
10 ad.doubleclick.net ezgif.com
tagan.adlightning.com
8 prebid.a-mo.net 5 redirects stpd.cloud
8 prebid-stag.setupad.net stpd.cloud
ezgif.com
7 x.bidswitch.net 5 redirects ezgif.com
6 ssp-sync.criteo.com static.criteo.net
ezgif.com
6 hblg.media.net ezgif.com
6 node.setupad.com stpd.cloud
6 ib.adnxs.com 2 redirects stpd.cloud
6 ap.lijit.com 2 redirects stpd.cloud
6 exchange.cootlogix.com stpd.cloud
5 s0.2mdn.net ezgif.com
tagan.adlightning.com
5 cm.g.doubleclick.net 5 redirects
5 report2.hb.brainlyads.com ezgif.com
5 targeting.unrulymedia.com stpd.cloud
5 pbs.nextmillmedia.com stpd.cloud
5 rt.marphezis.com stpd.cloud
5 bidder.criteo.com stpd.cloud
static.criteo.net
5 prg.smartadserver.com stpd.cloud
5 onetag-sys.com stpd.cloud
5 static.criteo.net securepubads.g.doubleclick.net
stpd.cloud
static.criteo.net
ezgif.com
5 ezgif.com ezgif.com
4 qsearch-a.akamaihd.net tagan.adlightning.com
ezgif.com
4 secure.cdn.fastclick.net tagan.adlightning.com
secure.cdn.fastclick.net
4 aax.amazon-adsystem.com c.amazon-adsystem.com
4 rtb.openx.net stpd.cloud
4 prebid.media.net stpd.cloud
4 tlx.3lift.com stpd.cloud
4 adx.adform.net stpd.cloud
4 mp.4dex.io stpd.cloud
4 btlr.sharethrough.com stpd.cloud
4 cmp.setupcmp.com ezgif.com
cmp.setupcmp.com
3 rtb-csync.smartadserver.com ezgif.com
3 u.openx.net 1 redirects stpd.cloud
3 fonts.gstatic.com fonts.googleapis.com
3 eb2.3lift.com stpd.cloud
3 contextual.media.net ezgif.com
stpd.cloud
3 grid-mercury.criteo.com tagan.adlightning.com
3 media.grid.bidswitch.net tagan.adlightning.com
3 gce-nl-sync.bidswitch.net 2 redirects tagan.adlightning.com
3 www.googleadservices.com ezgif.com
3 fonts.googleapis.com ezgif.com
tagan.adlightning.com
3 lwadm.com stpd.cloud
3 gum.criteo.com stpd.cloud
tagan.adlightning.com
3 c.amazon-adsystem.com stpd.cloud
c.amazon-adsystem.com
2 cdn.doubleverify.com tagan.adlightning.com
2 dis.criteo.com 2 redirects
2 1x1.a-mo.net ezgif.com
2 uipglob.semasio.net 1 redirects ezgif.com
2 sync.crwdcntrl.net 2 redirects
2 sync-tm.everesttech.net 1 redirects ezgif.com
2 equativ-match.dotomi.com 2 redirects
2 setupad-d.openx.net 1 redirects stpd.cloud
2 image8.pubmatic.com 2 redirects
2 warp.media.net tagan.adlightning.com
2 cat.nl3.eu.criteo.com tagan.adlightning.com
2 aax-eu.amazon-adsystem.com 1 redirects tagan.adlightning.com
2 lb.eu-1-id5-sync.com stpd.cloud
cdn.id5-sync.com
2 script.4dex.io stpd.cloud
script.4dex.io
2 api.btloader.com btloader.com
2 ad-delivery.net ezgif.com
2 stpd.cloud ezgif.com
1 tps.doubleverify.com tagan.adlightning.com
1 cdn-geuw1-xch.media.net tagan.adlightning.com
1 secure.adnxs.com 1 redirects
1 token.rubiconproject.com 1 redirects
1 sync.mathtag.com 1 redirects
1 c1.adform.net 1 redirects
1 match.adsrvr.org 1 redirects
1 cm.adform.net 1 redirects
1 ce.lijit.com stpd.cloud
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 pbs-cs.yellowblue.io stpd.cloud
1 cms.quantserve.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 sync.cootlogix.com stpd.cloud
1 acdn.adnxs.com stpd.cloud
1 cdn.connectad.io stpd.cloud
1 cookies.nextmillmedia.com stpd.cloud
1 sync.a-mo.net stpd.cloud
1 image2.pubmatic.com ezgif.com
1 ssum.casalemedia.com 1 redirects
1 id.a-mx.com 1 redirects
1 ghent-gce-nl.bidswitch.net tagan.adlightning.com
1 ups.analytics.yahoo.com connectid.analytics.yahoo.com
1 cadmus.script.ac tagan.adlightning.com
1 hbx.media.net 1 redirects
1 9a37fdd55ce2aa37122daeaab6087163.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ssbsync-global.smartadserver.com 1 redirects
1 cdn.id5-sync.com tagan.adlightning.com
1 cdn.hadronid.net ezgif.com
1 config.aps.amazon-adsystem.com tagan.adlightning.com
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.prod.euid.eu securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net stpd.cloud
1 bt.dns-finder.com btloader.com
1 img.buymeacoffee.com ezgif.com
1 btloader.com ezgif.com
0 pool.admedo.com Failed ezgif.com
0 www.google.com Failed ezgif.com
0 ssum-sec.casalemedia.com Failed ezgif.com
0 adx.g.doubleclick.net Failed ezgif.com
0 i.connectad.io Failed stpd.cloud
0 tags.crwdcntrl.net Failed securepubads.g.doubleclick.net
tagan.adlightning.com
0 oa.openxcdn.net Failed securepubads.g.doubleclick.net
402 114

This site contains links to these domains. Also see Links.

Domain
www.buymeacoffee.com
Subject Issuer Validity Valid
ezgif.com
R11		 2024-12-21 -
2025-03-21		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
stpd.cloud
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
btloader.com
WE1		 2024-12-06 -
2025-03-06		 3 months crt.sh
buymeacoffee.com
E5		 2024-10-27 -
2025-01-25		 3 months crt.sh
setupcmp.com
WE1		 2024-12-14 -
2025-03-14		 3 months crt.sh
dns-finder.com
WE1		 2024-11-13 -
2025-02-11		 3 months crt.sh
ad-delivery.net
WE1		 2024-11-10 -
2025-02-08		 3 months crt.sh
*.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M02		 2024-07-30 -
2025-08-27		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
api.btloader.com
WR3		 2024-11-29 -
2025-02-27		 3 months crt.sh
id5-sync.com
E6		 2024-11-11 -
2025-02-09		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-03 -
2025-03-03		 3 months crt.sh
script.4dex.io
WE1		 2024-11-20 -
2025-02-18		 3 months crt.sh
invstatic101.creativecdn.com
WR3		 2024-12-14 -
2025-03-14		 3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2024-10-29 -
2025-04-24		 6 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-29 -
2025-02-25		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-30		 a year crt.sh
cdn.prod.euid.eu
Amazon RSA 2048 M02		 2024-11-20 -
2025-12-20		 a year crt.sh
cdn.prod.uidapi.com
Amazon RSA 2048 M03		 2024-11-20 -
2025-12-20		 a year crt.sh
setupad.net
WE1		 2024-11-02 -
2025-01-31		 3 months crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
*.cootlogix.com
Starfield Secure Certificate Authority - G2		 2024-10-13 -
2025-10-13		 a year crt.sh
mp.4dex.io
WE1		 2024-10-27 -
2025-01-25		 3 months crt.sh
*.lijit.com
Amazon RSA 2048 M03		 2024-10-21 -
2025-11-20		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-03 -
2025-09-24		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.a-mo.net
R11		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2024-03-13 -
2025-04-11		 a year crt.sh
*.marphezis.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-12 -
2025-01-10		 a year crt.sh
*.nextmillmedia.com
R11		 2024-10-08 -
2025-01-06		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-30 -
2025-05-31		 a year crt.sh
prebid.media.net
WR3		 2024-12-02 -
2025-03-02		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
report2.hb.brainlyads.com
E5		 2024-12-17 -
2025-03-17		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-12-22 -
2026-01-21		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-12-06 -
2026-01-04		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-07 -
2025-08-07		 a year crt.sh
hadronid.net
WE1		 2024-11-22 -
2025-02-20		 3 months crt.sh
eu-1-id5-sync.com
R11		 2024-11-11 -
2025-02-09		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-04-24 -
2025-04-20		 a year crt.sh
script.ac
E6		 2024-12-17 -
2025-03-17		 3 months crt.sh
sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-11-22 -
2025-05-21		 6 months crt.sh
node.setupad.com
R10		 2024-12-19 -
2025-03-19		 3 months crt.sh
misc-sni.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-28 -
2025-02-27		 3 months crt.sh
media.grid.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-04 -
2025-03-05		 3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-29 -
2025-02-23		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-18 -
2025-04-19		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-23 -
2025-10-22		 a year crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
connectad.io
E6		 2024-12-05 -
2025-03-05		 3 months crt.sh
cdn.adnxs.com
R11		 2024-10-31 -
2025-01-29		 3 months crt.sh
*.yellowblue.io
Amazon ECDSA 256 M03		 2024-03-19 -
2025-04-18		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2024-06-17 -
2025-07-19		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-27 -
2025-06-18		 a year crt.sh
lwadm.com
Amazon RSA 2048 M02		 2024-11-21 -
2025-12-20		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-11 -
2025-03-14		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2024-07-30 -
2025-08-31		 a year crt.sh

This page contains 44 frames:

Primary Page: https://ezgif.com/
Frame ID: D3519BCCF99914CD517B79DF17C3C173
Requests: 192 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 8406F4826816DDB46ADA26E66F6DC8D7
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&dcc=t
Frame ID: D7B2CEC51CD0645A2855007C095EA95E
Requests: 1 HTTP requests in this frame

Frame: https://9a37fdd55ce2aa37122daeaab6087163.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DAAAA8E7714BFAFC0991DA0C79D4A738
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Frame ID: 896EB039204012900DEEBD36E151EEAE
Requests: 14 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Frame ID: 050AF2F11C5E563D2FCD9ABD8E693FAB
Requests: 26 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Frame ID: 333A692681F9C95E166945D75A5DA863
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJzDdBDknrPhGBjV4OWlAjAB&v=APEucNX69PGDge-XX9rfQee1vGDUEC0bGBzQ0sDMDzQUUbMdNzEPeiovg9rOZgooNkuag3QTJVUnCkyZYJjHbXaz8fKJ8j-VjO6Q0omkUrXpsu32QYRWHWE
Frame ID: 267CB33997FBD722CE60BFA18F91C34D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJzDdBDknrPhGBifxeWlAjAB&v=APEucNWQdQlJJCXPVBb8oyIRfq9knxAeFdnB5Qvzetr2sPjHoJbQpCxXc2qukbvEGI1fk-O3MYFsUl-kM-niOhi-KuorPNIfd5suZlJKymJtJgo-midqPpk
Frame ID: 17E06E707194D23610D0FDD1A01BFCEE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 492C70A9A2ECD039004DC605AE144688
Requests: 21 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUAMBU35&prvid=2034%2C2033%2C2030%2C590%2C2073%2C273%2C233%2C2028%2C2027%2C236%2C313%2C2025%2C237%2C117%2C636%2C319%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C122%2C201%2C2039%2C3007%2C246%2C203%2C446%2C404%2C408%2C2011%2C2055%2C3022%2C3020%2C251%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C413%2C3014%2C77%2C20000%2C38%2C182%2C261%2C141%2C460%2C462%2C222%2C542%2C301%2C345%2C225%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 498ECF9B229D72478D04D60106BBBE83
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: 629F39171A3161E4813E76D7A30882BD
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: AFD5A9A42F3F25F7FBDFFA7ECE9E2016
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 196130D7C8D4AB157C4734A4862F803E
Requests: 1 HTTP requests in this frame

Frame: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=CtUBSgllemdpZi5jb21SC2Fhcy03NmU1ODJiWghwYmExLjMuM2oJZXpnaWYuY29t-gEGOC4yNy4w6AIBiAP7nae7BqgDC-oDJDdmM2I4NGIwLTgxNjctNDFmZi1iYmNhLTM1OTUwOTdjNzY1YaIEEmh0dHBzOi8vZXpnaWYuY29tL6oEA0RDSLIFA1VTROoFB2Rlc2t0b3D6BQNubGTABgDIBgGqBwN3ZWLKBwllemdpZi5jb23gBwGCCAllemdpZi5jb22KCAZjaHJvbWWZCAAAAAAACAAA
Frame ID: 21A1E42F379561D54E5B48F60351AFBC
Requests: 1 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&type=iframe
Frame ID: B5B9D4262D1A3D4CF8D2EFBF82F7F292
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 1F03B1CDEAFEC6A3F204AE33A27F2705
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 1CE1998317502CFB1D21DCB251CAC410
Requests: 1 HTTP requests in this frame

Frame: https://setupad-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=
Frame ID: CBF61A5A52F08A98114D02D7932E65C5
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 13C5D81380871F78CEC38769BDA97389
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B11F310DA62162A211D27F9A0EF1BB59
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1734987515968&gdpr=0
Frame ID: 445B515D9CBD0E937386520A2BB9773C
Requests: 1 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: A8B393471924807760219F30416E527B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUAMBU35&prvid=2034%2C2033%2C2030%2C590%2C2073%2C273%2C233%2C2028%2C2027%2C236%2C313%2C2025%2C237%2C117%2C636%2C319%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C122%2C201%2C2039%2C3007%2C246%2C203%2C446%2C404%2C408%2C2011%2C2055%2C3022%2C3020%2C251%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C413%2C3014%2C77%2C20000%2C38%2C182%2C261%2C141%2C460%2C462%2C222%2C542%2C301%2C345%2C225%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 907181EC73130814D39E9659D8E0A2DF
Requests: 1 HTTP requests in this frame

Frame: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Frame ID: 1B6F86A51606693FB361263A565B047F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 21F3A16E4BB9314C5CB5C027207C66EF
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: 61932ECE4BA51D2E0EA0B2F899F5D36B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ezgif.com&gdpr=0&gdpr_consent=
Frame ID: F778BFADD29BAF275971489CB86D797B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0C3B5B4DC8FAF5874860470D414D5B90
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6F3A0CF4D18EB598D72186B17B645534
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Frame ID: 8158CBB487BC3142771658432723C8AA
Requests: 15 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Frame ID: 064E27E154A5F4FF1F44373D309634F2
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJzDdBDknrPhGBjV4OWlAjAB&v=APEucNX69PGDge-XX9rfQee1vGDUEC0bGBzQ0sDMDzQUUbMdNzEPeiovg9rOZgooNkuag3QTJVUnCkyZYJjHbXaz8fKJ8j-VjO6Q0omkUrXpsu32QYRWHWE
Frame ID: B3BD93AEC9910D54E13EC1C962914F75
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D984FF9B5A2E390E2B7B7681D71CE96D
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Frame ID: FD656BA0E68407D09633351873B6A71B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJzDdBDknrPhGBjV4OWlAjAB&v=APEucNW4SbyeKisLgXYAZ9uhosKKx_E2VKriPBwK-6fBfdc-G3KqrhghQt8X3lBQWIb8Jjb1jzEl87hpSBj5sJBq446z_Da5yvvVi73IdqmhMAY1RE6lAnM
Frame ID: 8CEE0B2E03258CE2384313D2BE2EE74E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 694993F55C92A8B48CD6616EFECAFD2F
Requests: 18 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUAMBU35&prvid=2034%2C2033%2C2030%2C590%2C2073%2C273%2C233%2C2028%2C2027%2C236%2C313%2C2025%2C237%2C117%2C636%2C319%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C122%2C201%2C2039%2C3007%2C246%2C203%2C446%2C404%2C408%2C2011%2C2055%2C3022%2C3020%2C251%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C413%2C3014%2C77%2C20000%2C38%2C182%2C261%2C141%2C460%2C462%2C222%2C542%2C301%2C345%2C225%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 4370E914F3BEC97308A7842436002804
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A9434411050AF74E7FF5C1DEC946FC02
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Frame ID: 76E0EF908D6BD69E0CB3844CB0770923
Requests: 15 HTTP requests in this frame

Frame: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Frame ID: 5F40BBDC3AB73FB6A5BAAFB2703019C2
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJzDdBDknrPhGBjV4OWlAjAB&v=APEucNUEM34yPVNJUZUPWslvkyPLgQP0pvcGnLSwZDcI24-UqAGSuNUKgJlb9_WP2sVSQwzB9S8Of6kj_B8LDLr7NVhm4z11e_d2YlFVNuzLdxih0FtpeEo
Frame ID: 9CDCDCAF8967A3589EFAE7B1FA9593B8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 043DF6CA871206668D1AF0EAC1F0A607
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements7021.js
Frame ID: 23C8B9D158110C4923DD743C0A9C4320
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ezgif - free online animated GIF editor

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

402
Requests

88 %
HTTPS

0 %
IPv6

68
Domains

114
Subdomains

87
IPs

8
Countries

1825 kB
Transfer

9488 kB
Size

198
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1043720355458788004
Request Chain 82
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&dcc=t
Request Chain 87
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=medianet&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=3779891196891134000V10
Request Chain 107
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CCqWg_M5pZ76GOfm4juwPxfXV4A_o4Kmue5jKvvziEpTVhvG_JhABII3kvSlg-br0g5wQoAHM3pu4AcgBBuACAKgDAcgDCqoEhgJP0DrGzJn__KUdePqrtquZNnc1PnmfNAmGeqzWU8ob3Iw5URvjkDt3LZw-HjEHrQfVim-QG4G8vMy-ZWgtOIemtYbCij09ruWMDGb4IkjHFQA6E4TmEBbGWP2e3xUazSu5qU73Tmt6BsKBQeLnEOWFLOcHsjoOugdD2Mqz3UEW_gVeXFeIp3TkY_8pmgk3uQpl1SMg1hfvTAjlNxWWnyQUsBvrhnchyPIwsXSHTaypFcpr7TLwyOrjF2sZAr1Td_De7DuFZIRLLvBDrjVuwOkwr_uNjWQzm-PMAYA4441OEncXnJAmqEQ4AoHBJfRvlTTyKWpSMlLdStvR02iFPvpx2stkg0PvwATnrf2S8wTgBAGIBaud8JRQkgUECAQYAZIFBAgFGASAB5yh5McCqAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBBCykwHSCCYIgGEQARgdMgKKAjoLgECAwICAgKCogAJIvf3BOliVroiV5L6KA_IIG2FkeC1zdWJzeW4tMTM5NDUwMTEwODc5Mjk5M5oJwwFodHRwczovL3BsYXlib29rLmNvbS8_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1wYWlkJnV0bV9jYW1wYWlnbj1waG90b2dhbGxlcnkmdXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmY2FtcGFpZ249MjE1MTg1Nzc1NDMmdXRtX3Rlcm09JnV0bV9jYW1wYWlnbj1wbWF4Z2xvYmFsJnV0bV9jb250ZW50PSZnYWRfc291cmNlPTWACgPICwHaDBEKCxCg86Hpv-mfwt8BEgIBA-INEwi49oiV5L6KAxV5nIMHHcV6FfzqDRMIzvCJleS-igMVeZyDBx3FehX82BMM0BUBmBYBgBcBshcgChwIABIUcHViLTM5NzAyNzc1MzU1Mjg2MTMYleIfGAG6FwI4AbIYCRICnWMYASIBANAYAQ&sigh=3xf3p4PWCdY&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSYACa7L7dhwlaGG3U3RCjwFrR-JQNTvz-bdQVVg926rpWGgjRLo267cpP00GJf71W5tGSmAJZhPOgqetDWk90kAwKJbOo0P5BS7-Kah9erzJpvhcUnjUAfYdbI4P_ZBCpBxgB&template_id=492&ebtr=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6514d7782eaef6f00000000000000000%22,%222%22:%220x8bfe544585f6be540000000000000000%22,%223%22:%220xdeb9a9dee0d1f00e0000000000000000%22,%224%22:%220x5e80a647d61898a10000000000000000%22,%225%22:%220x2b8e921c52d592a10000000000000000%22},%22debug_key%22:%2214512654000819361660%22,%22debug_reporting%22:true,%22destination%22:%22https://playbook.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22386330444%22],%2222%22:[%22true%22],%224%22:[%2212-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229847308329622052737%22}&andc=true
Request Chain 114
  • https://gce-nl-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=cbbbb635-edfc-4b36-9545-5925e7d49ec0&google_hm=Y2JiYmI2MzUtZWRmYy00YjM2LTk1NDUtNTkyNWU3ZDQ5ZWMw&gdpr_consent=&gdpr= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESED-h_E8_eS8k_5fsBQ603-Y&google_cver=1&ssp=themediagrid&bsw_param=cbbbb635-edfc-4b36-9545-5925e7d49ec0&gdpr_consent=&gdpr=
Request Chain 120
  • https://ghent-gce-nl.bidswitch.net/imp/0.208/BSWhttps_A_B_Badx.g.doubleclick.net_Bpagead_Badview_Cai_RC0Y7X-85pZ8GEM62RjuwPo__KbMaDrq__B74OfF59sTZBABIIP95h9g-br0g5wQoAG83__X4PcgBAqgDAcgDmQSqBN8BT9Bp9ZKUpZasQizEqDfMfmFMUynWKMf6fAaGoqcJfFQLV13EZ52kFqs7evONkbhA-hBM9EceuMoUZ2W9DVaha5BA4fWC0rIhPgPD__h53poSaul8MhYz6QjskIQJNxcdBaPIdYmLCerVeOPRNLxxe5g9I1pXeWt-bjh9i1WhmrHXVL9mRBw8b8SYNo7QTotjwZeBVm527RDTY5eOnGaMxRzS01t__WoU5FBHhiRQ9Rp6zyZf9dm0fUgzEGnq7zjeSWkOtDZ2qxNnux9E81BmfVD__CTcJdAeknzt1g21yteTcAElJmn__ugE4AQDiAXzpoznT5IFCwgiEAEYAUiO0bQCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAYCgAe8l8bYGKgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB__6esQKoB6--sQKoB__fCsQLYBwDyBwoQstoMGJ__F5aUC0ggmCIBhEAEYXzICigI6C4BAgMCAgICgqIACSL39wTpY4dbIlOS-igPyCBliaWRkZXItbWVkaWFuZXRfOENVQU1CVTM1gAoEyAsB2gwQCgoQsO6j__PbnsIpiEgIBA7ATmpfRGsgTwcqK5QPQEwDYEwrYFAHQFQGAFwGyFwoKBggAEgAYABgC6BcBshgJEgLUaxgCIgEA_Jsigh_R7xbKMErNJKs_Juach__m_R_U5BUACH_U5D_Jase_R2_Jnis_R4_Jpr_R38_A_I_WAUCTION__PRICE_X_Jcid_RCAQSSQCa7L7dY2RYjcYa2wLfmnTQ-wBx3yf3Cq-AWkHoJIl0lyXOMahQcStKO8zAJEVegXUyiZvPtPmzxEGBWSKctWvCIekQMR4-dCwYAQ/wI41R6DUfadA3Fe3cWkeeQd3Y9PYMes3QgW5o0CTR52G7iMXZqglTkBsAYeULQDvoHvKDXtrxKKImUX2fyDgonhR_fK32bj3AIMOKddfT5_ug_Nu-1ssGXtkx9sGSc79MFk_liU383COsPV3-zalEIxb3qj8y_YmNHwEmhhcuczavQMqW4i7We21E0IlxceZvRWTlvFJl7jsf7_JEt7ge3i1d0mTiLQ8BiZwEMfY4GjCtwb356DjZeW5qTEQXMcm95MrfOLZ0FU2EaTj0x0aZXHPbY7aVOkSnub7dyV4c9yVOEo0Zxxi5xbucFASGSjt96d7OLIsrOgEqmtzEwDL2fXu4p1iEYkGXTafnps6OHvKvjYK8-ngyWabLcPT5kkraQB0djI7rO2JVhvqeb22WMKLqo6PTK2uIF6gtEMs3zhtAibjbACBG7WniBadhzsjbxJMjQJT12QYIcI2y6UTDAtsfJGRwQL5MQSS5dpYbuiJPDSz1YB5X_x8D00xvUQ-sToffBR8KBgJ7r-8UGXZUlLWYgjDxu_8n9YILSigD3wc0ZmE4Bg6NMqYOCEP4Gga6qGg3giMfWiJODRDPdEGRUkKRIlJuf8WRxtOGLM0cvTrQsPZoAoCSsEedKakZkeWWPT_Fl4PBPa3Mrc9w_m04B_Gl0kI0M0YNBCOJHHRpJCYzdh3BdQbElBSZRUYT4m3J6M4tVR_2EA_JaiGW4gJTl4zJpZrSXjLejk_9xUgs_bL2ppiVRMWoM4-eL5y9UOooju4pMZzl8EP1oQWsYlGYx0xMKt4xzIUO-3IOVr1BCyQd3mfH__dlYR-9EtPHgFp48lBvewmLtRR6mL8Ep9mGtls_i1m7B1YulsZL50c9cmtqH8qImBG4jl0COldIbKWCOL7gTtucHHE_vnL1A3fsBIvJv9TeQmcubaBPMG9a2VqLq3Chb8-ezsGIIruXIfUZ_eXvgdKeS1f3hpYzToPBz6ivFoVc5mqjYppMtwxkq6xVVLatteSsW9-PLER2deu93H0w-phqKulPw-Cb2BQ-7zIg_qMaH6y3w9vL4Tz_chkfRBy_0sMx4kjamEt8KFzcaxgT9wtM0lvL_uZaBqgIgC5ZCZ_qICydR_yQwMr0NiIyN9YXKHtqUDan2eoZXPEepJRaqr208jUVJEZsdFFeupfEFLSsBjiWLTUSvC5jennYbUz5mjfa-zbZN9JwYLQ7j0K-ovbb7ulY6cvwsgkyhSjEUoQgF_Q3FY_PjPt9we6ytR5vEq7FlMW36g4oftfx3oAgQM35-kZYcUmcgQHaxqE57iTCKzr--frmJsgvvTVss0FcV4C0ucug7JNZtHH5Gr1fl4zGXJOkWQskrHj0vfMQPW9qLMnbGkxGvUIhtfsroMOzdgM9jTJuwA86BXV3C8Kz8z0tsglj2RC9cXSjvVkPmFosCJr9pWlolfyT_MJxJHGp5kp8OJoxa__NjjlM1xZyv2GLlXdeDQco-oeuVvw93Paa6DbLBQhy90fP4c9zprDQ53lL89d69QB1ckvXVGkvVgweplG2qQMYQF3GzPDAdnDcQn4aeuwWloBzfFkfz9miuOvqcEQVx92cjGDxhmmPDEyuq7HfyKm9tqtaUVfHRr0yJMLEpW6LXivBJKTZ4ue0sn3iJ_QuY6bCNABKhvtPYzaMJjD_S4WZA2-HwTSYLZ2sv5pl6ESUyi33jZ_4uI74pVhUDxxex9O67-hqwqOijcs-cPs4D8HTQ1HaFB-o-nLtgwd2-2NbypwScnYNpnhp7eHFjY-Dr3Xzz1yjoCnYxBzBr_xVeUMPcqUg4nYD9VC30PZhrRMNOXq4dWbmu7U_BHcrfOtTD74TZ88GiVrECY4rjTTqIM8olV0PvOUi2C7WCgcqqp7GUI3Wx2bC8u18FemBp3fDeN50knRYTUGHF49HQ_COwYxn1VH_vJ06xk6FehbSm52Ksrk4jwreUAz91jt56n8N-o9Gn-NRrUNMUStZXbkz0vSS6DECI9B2mioHLGJNBRoM-_r9ycJYU44aqQVJpajo05T8EezwaDUuY9oiH107Q-Edj-42IjJsZkeaiWPd5I6wcWz93m65rmhtoTtaNXmlQKLZSjCleaknn55AYXEPbAswJoq_LKEPPyDBZ6ssFg8cWDQaSn0MydLqo7kiJDP1DR1ERpgj8TkASU4WFbbEpfQtIJ1mnDIUOEd_IKNaXPpDf35pFOJF2uG_QqHll375Y6FRX_Fpx074VmVFzJRaK-pKx94wJ1aUouXrZuWPIehGRtVDdC5nyBKQE6kQ2scD7gcLhfOvZfnEknvJHj7i5voOzPZkt-b5PfPlDFz5gttQMOErJmSfEHzcaGDab0CWFvVwVxKdoBSy96S0UJWGlI366cyr4J9mPYdOBHCOSOHka59coQSbX99bqu4yQUZ75fN0FPdmwqXYVQuCu3Gn90JHpssO9nE4a2MLnaJsmvEFDbqgmpdRg4olpsnCXRYBGh9qwEo3xNe93D4JHDNxylQo1aFl0btE0lvzpKD82AOgnVLCu1kPHxmQP9EXsCVd-fgD-I5PrF4Wl_qGxGKeubov0vhmD3RcEHjqCwsgzMTaQ-PDqX-Bp7viQIPZE5FB5nNIImvrg5VWaljSWGPHykuBbopH7RgFigEv6dJcqwlRMwbpXY_3Yh_11RQ1S1AYHwTQv3xMvppXJg3kgnfoM2Kft8_CAFm1IRA7pCKdX9lgeGCVMCFmoWOn0OA3aws5xIcb4Lp5St6l3UQdYzr0echksjPj3elYH2H4K3QraGZYtyGGIdnRr39UvprZHI9wnojdIX1QYv72TsMOEEmM7ONKCV_BTydQP3JpkBdZr80J61K8cyGBB8VQ7G7fogldCrcR25_VnIgR3D6_5gAWt3NxeXky2wyTY69IweS9ZIdWVU6AR8Dmx6QLP5k7irJ2DqwtEl_u8GdfgPqIb8gHxC2SE-EhlO-vfFEC9iuAKnX26Coxk_Y351QjDSm2ijfDRqk5DsPmEUugRvjvtHBgyLtZIZwbxXAFu3rh7t758MQouSBSgeetyFCY2IomH5oQ4_vvdIaIR1wc6LM4ieCbKnFWi2KJlGmmV8bw081BO_kVHu4b7Lmf5zHAR43jol15qcFbhCtdzDS-YpbptTmRmDlCPjAB7LLBnjKWRKcvs9OzNJeh71fsf6QQ-Yu38JI2kxGS6bl0EaIS0Ktm03LHcoS9_dCCEOXV0WX9ie3ZQbgpKk1fMSNLLMK2tMG9geMatcgsWamT1lu-02jGz2pg-yEh6cbiVrx596FUIMYRo-hlcYlGxHlPfi3cyId1qihj7o5PodNGGKDr-kQfgtBjevLA-MOieYJfYXb9s9KRgH_D8jpeLx5GISy9xuIpE_f-qzixcTApZ2J_owlMXMvjHBEIbuxUaKcjiltpFTg4u9iJSbZEgPTNPbh6gwqFTrP1AmOFvh4tYDF08L7bzzwFys5KRSINevB8KXvTZOMyx5lz-yM5yu_tL6Xy-PQF5OxqXUpX4QC7yFFIFaXbJuHYCH5O0ATY1UkQSrmzs2nqLLqofTMsqSLeSpR2ya7BswEPbCBYHUqAphLquLnjqB-DmdYZsfCr5dWvOUk2YpQw_NXtQHW0GrNCZQkSgKS9JR7eu0bohZcrGzKx5IFUPZGxwEBC90eU6skT8UUz7M5VJCsov73Be8Zzneg3iRZXKOeV7OAqN7cxIirp7Z2qxmgcw8mWl-cYxuWebL9bMc-4uMAJWVgHnfy_GBzdVRqZNe36-xiRW-Y0HZdmMCGVk_jsflVzOXg4S3eajsbfQHePkByiEqLgChmEQajW5pov73upVf-m6RDfiZJuNS6LCvPnDRjDsLF_peL7VEHIScrOaEiR3rggCBr80Gx78aJJbpDs1EVkBmQ4rngj5lU-seB3hmxqfMumjboKVW5HTr0s6dUBMpAHd-_N1rqnpSxov9S0vuw_V18ClXG_9D9PezTXmYcpqk6EQOUhxEOAlZZn8bOLOxF-KXWnbU2YikIXzeAs2iPPcIh8pTCAARZU1b29htyL4ULRgGxsCybb36sgnmduWDStHgtoVBTtHDnc6GAzQr-IDfxVG5C8ABBb98AihmF8u7qYm5wYawjmA82ehWfl82AjCBc0JUBTgnT6SlrYvsOJnHpOTi-wQZVIcNydKftNttLnKBHoqSR_PZPN9HEmwsuXZ5g_MUtJ0FjoRmRgMDhgMjGBOJih3Qg0iqpgoOui7SbsG60RpitE8v-9jsU4ANxnnIR8LB5zQ2Kx6hk_zB7cbVWxvlBSlq3CgAMBreXuTyO9Ptqh3jDku58UBHxn4T1qSiz5w1eu2TrDPZO_fHGUGnB3Mt07FqBCRnXabjk-FJtIPxHLJROHx_GXMkcap9rvRxjN3V-wULgcGcoTx5nVxxJMzgjbxevsyL1Go84ecd-405VTP4JNO8L_mav5_mJJy1RapuHcJfLoUwuaa-6pjtKprFGK8UJEMqHNnOK--9yAes0BAEgHSEb4GIv-k_C_ef6qCN5kf74scAgqw5Ntu5Keeb1L2TfgWGRf4bNHRPVgag4tnD5ROuhh-n-9bunc0kqP6JSpEUUnZIG41bl4ZJ7S-r2YIbcnSidcVwzBJ8WgW3sbHBwiVaM1kPRZZmSmjWQWiE3x4NsiYsCRTZIMiMDFGpfpI81jjJUXyz66JeHyWBRbjKt5uqPf3ruoC0th6qO_6OJWCnAERcUZ9EXKnwcdTTB9lJw3s5v8C4l7ciHRnBKPdebn5YaUdvvGs6iuvGymfjGCDwkvhxj6mfmIbwZCpoovg-m-qgTKmkN5fSbNKy_C4Kq_uPd8hgEEjTdqe3UIEIkpHj_odoU0T0pGCFKr6nwMEWh13ioDf_JFZ_B/ HTTP 302
  • https://adx.g.doubleclick.net/pagead/adview?ai=C0Y7X-85pZ8GEM62RjuwPo_KbMaDrq_B74OfF59sTZBABIIP95h9g-br0g5wQoAG83_X4PcgBAqgDAcgDmQSqBN8BT9Bp9ZKUpZasQizEqDfMfmFMUynWKMf6fAaGoqcJfFQLV13EZ52kFqs7evONkbhA-hBM9EceuMoUZ2W9DVaha5BA4fWC0rIhPgPD_h53poSaul8MhYz6QjskIQJNxcdBaPIdYmLCerVeOPRNLxxe5g9I1pXeWt-bjh9i1WhmrHXVL9mRBw8b8SYNo7QTotjwZeBVm527RDTY5eOnGaMxRzS01t_WoU5FBHhiRQ9Rp6zyZf9dm0fUgzEGnq7zjeSWkOtDZ2qxNnux9E81BmfVD_CTcJdAeknzt1g21yteTcAElJmn_ugE4AQDiAXzpoznT5IFCwgiEAEYAUiO0bQCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAYCgAe8l8bYGKgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwDyBwoQstoMGJ_F5aUC0ggmCIBhEAEYXzICigI6C4BAgMCAgICgqIACSL39wTpY4dbIlOS-igPyCBliaWRkZXItbWVkaWFuZXRfOENVQU1CVTM1gAoEyAsB2gwQCgoQsO6j_PbnsIpiEgIBA7ATmpfRGsgTwcqK5QPQEwDYEwrYFAHQFQGAFwGyFwoKBggAEgAYABgC6BcBshgJEgLUaxgCIgEA&sigh=7xbKMErNJKs&uach_m=%5BUACH%5D&ase=2&nis=4&pr=38:0.208&cid=CAQSSQCa7L7dY2RYjcYa2wLfmnTQ-wBx3yf3Cq-AWkHoJIl0lyXOMahQcStKO8zAJEVegXUyiZvPtPmzxEGBWSKctWvCIekQMR4-dCwYAQ
Request Chain 129
  • https://prebid.a-mo.net/cchain/0?gdpr=0&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F26521%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D985fdec6-87f4-4ae8-835e-a8062876f96c%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F26521%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D0%2526gpp_sid%253D%2526us_privacy%253D%2526A%253D985fdec6-87f4-4ae8-835e-a8062876f96c%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%2526uid%253D%2524UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/26521?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=985fdec6-87f4-4ae8-835e-a8062876f96c&bidder=appnexus&cbx=aHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=379148967230319548 HTTP 302
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F26521%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D985fdec6-87f4-4ae8-835e-a8062876f96c%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/1/26521?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=985fdec6-87f4-4ae8-835e-a8062876f96c&bidder=sovrn&cbx=aHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=J4aqABZHHOGmn5jHQQ-KEKG7 HTTP 302
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F26521%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D985fdec6-87f4-4ae8-835e-a8062876f96c%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/2/26521?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=985fdec6-87f4-4ae8-835e-a8062876f96c&bidder=amx_com&cbx=aHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=985fdec6-87f4-4ae8-835e-a8062876f96c HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F26521%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D985fdec6-87f4-4ae8-835e-a8062876f96c%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/4/26521?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=985fdec6-87f4-4ae8-835e-a8062876f96c&bidder=index_rtb&cbx=aHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=Z2nO-osFVZ8AAHMyA.SKiAAA%264839 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F5%252F26521%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D0%2526gpp_sid%253D%2526us_privacy%253D%2526A%253D985fdec6-87f4-4ae8-835e-a8062876f96c%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F5%252F26521%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D0%2526gpp_sid%253D%2526us_privacy%253D%2526A%253D985fdec6-87f4-4ae8-835e-a8062876f96c%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ_YmlkZGVyPWFteCZnZHByPTAmZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzEyNjU4NDAtMDYyNy00QzQyLTgyNTItRTgxMThFOTJGQ0RC&gdpr=0&gdpr_consent=&google_cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOYWR8pH84NCPMiYD5e1bUY&google_cver=1
Request Chain 154
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 167
  • https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba HTTP 302
  • https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Request Chain 168
  • https://setupad-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent= HTTP 302
  • https://setupad-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=
Request Chain 174
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=c0e91bef0c
Request Chain 175
  • https://equativ-match.dotomi.com/match/bounce/current?networkId=9252325&version=1&nuid=SMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://equativ-match.dotomi.com/match/bounce/current?DotomiTest=3f881d1a8c5016c0&is_secure=true&networkId=9252325&version=1&nuid=SMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=155&partneruserid=AQAJFCHlZh2MCQJW4_VoAQEBAQEBAQCS9FHSnAEBAJL0UdKc&expiration=1735073935&nuid=SMART_USER_ID&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 176
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=s3wJH-YtDxOoeFpDtS8SF-MpXhGoeA9HtHIJbPho
Request Chain 178
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Z2nPCQANjjif1ABR
Request Chain 184
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Request Chain 188
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1735867950667549031
Request Chain 194
  • https://id5-sync.com/i/481/8.gif?o=api&id5id=ID5*4Y9vvk2Q_OM24O3gv45-zO3awXMMzvzWJ9neM9p2xMbl-36uEdo3cnao9fZCyK-B&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=d61f5e5f-0b48-49d1-ade5-b4ceca30de6f&ttl=%%TTL%% HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F10%2F6%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/481/10/6/3.gif?puid=1735867950667549031&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/481/19/5/4.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/481/19/5/4.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/481/19/5/4.gif?puid=4b084e15d64b669ac724c8b59b807be0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-2b5cnn2mPuUNtz1sYyQRPjebrt8jpgv0NITuCZueGw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F3%2F4%2F5.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/481/3/4/5.gif?puid=5b1d6769-cf0b-4400-a6cb-140de9279671&gdpr=0&gdpr_consent= HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=M51IS0HB-23-GB43&gdpr=0 HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/481/112/2/7.gif?puid=CF03B863553C947E&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/481/104/1/8.gif?puid=e956d046-38fa-4e19-bbe5-64f4a598c858&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Q0YwM0I4NjM1NTNDOTQ3RQ%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-2b5cnn2mPuUNtz1sYyQRPjebrt8jpgv0NITuCZueGw HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEF3_EnmSunAi0hnNkwHhGXs&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-2b5cnn2mPuUNtz1sYyQRPjebrt8jpgv0NITuCZueGw&google_cver=1
Request Chain 211
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C10VMB89pZ8y6JNSKjuwPx9bymAWs8uyGfKGAy-KGE7epnZ2KKhABII3kvSlg-br0g5wQoAGE-ZbGA8gBBuACAKgDAcgDCqoElQJP0N_7MR7vFWJdAmahBItHzNnAwTHB2-SfgzXXKuEepfVDhy1-FmtQ6sr190i62W5D9_J7CMbzBHlsQTvkSFIV0wlaI-J3Joj7fwl3e8SFbDarxt2v8MGC0Gzk0q2EdLQaq6XyVtMToOdTxNDNITLXDf-btpXL8yddSepWI44bYaofGBqQ-2qOfmfxP0VjbmcIpIv5zOdOfqFwJTMfXQul_mzzzs-hogJZgHKcS5hNymaeOQOiSFti200Kq0k4t8Anh5XFNOqy4teBQPxPXegl4gR6E2P-2pjtSPiDfddxVt2blgeY9LzUB_KGWhiY7KiNkJa19eHMZaj4WFy-rIu_7H1uePaRFefNtVehyXVTxMRWpoyUwATKl-zhzATgBAGIBbjW89JNkgUECAQYAZIFBAgFGASAB-SG6TmoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBBCwmgTSCCYIgGEQARgdMgKKAjoLgECAwICAgKCogAJIvf3BOlio2JSa5L6KA_IIG2FkeC1zdWJzeW4tMTM5NDUwMTEwODc5Mjk5M5oJf2h0dHBzOi8vY3VyaW9zaXR5c3RyZWFtLmNvbS8_dXRtX2NhbXBhaWduPXtjYW1wYWlnbn0mdXRtX21lZGl1bT1wbWF4JnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9wbGFjZW1lbnQ9JnV0bV9jb250ZW50PSZnYWRfc291cmNlPTWACgPICwHaDBAKChDw9fPvquT0xTcSAgED4g0TCLmMlZrkvooDFVSFgwcdR6scU-oNEwi46JWa5L6KAxVUhYMHHUerHFPYEwzQFQGYFgGAFwGyFyAKHAgAEhRwdWItMzk3MDI3NzUzNTUyODYxMxiV4h8YAboXAjgBshgJEgK9UhgBIgEA0BgB6BgB&sigh=-kSTvdg02Mw&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTQCa7L7dULeDl3KBacQo-MJBmVxwztYOSiIqIiU49yUHKcuDdhAFQZ8JJ36Gl4U7RheBxcHPwrIS6ilhx_nLfhC8Wvtf2nNEQ2SJuaJWGAE&template_id=492&ebtr=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe2a7e80d18ab2d90000000000000000%22,%222%22:%220xbbfb17407987d4040000000000000000%22,%223%22:%220x518e1f1e383731e30000000000000000%22,%224%22:%220xea469b26eb7ddd720000000000000000%22,%225%22:%220xc2db4001994b2f9c0000000000000000%22},%22debug_key%22:%227235041901012047022%22,%22debug_reporting%22:true,%22destination%22:%22https://curiositystream.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22952482948%22],%2222%22:[%22true%22],%224%22:[%2212-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223287632011737160881%22}&andc=true
Request Chain 222
  • https://gce-nl-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=e956d046-38fa-4e19-bbe5-64f4a598c858&google_hm=ZTk1NmQwNDYtMzhmYS00ZTE5LWJiZTUtNjRmNGE1OThjODU4&gdpr_consent=&gdpr= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESED-h_E8_eS8k_5fsBQ603-Y&google_cver=1&ssp=themediagrid&bsw_param=e956d046-38fa-4e19-bbe5-64f4a598c858&gdpr_consent=&gdpr=
Request Chain 297
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=QxKyul9mcWVVSXJsZEp3WE9XN2NQTThZUUdsd0NVU2pwemFZMDVvbTlYUllhRDhJJTNE&gpp=&gpp_sid=&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-s0qbHok8Zi8yrW8r7avammgeGAzt-U9evq91BQ HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-s0qbHok8Zi8yrW8r7avammgeGAzt-U9evq91BQ&gdpr=&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=KygbfF9PS0hsM29kR1V3VlcxakxIbkFtZ2FmZ0RlJTJGQWJ6dk5ZWTFRSkglMkI3WG5QcyUzRA&u=e956d046-38fa-4e19-bbe5-64f4a598c858
Request Chain 298
  • https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dz4DxgV9jblJDNWk5cVJaalc5eGNUZXVXUFNlSWl5Rjd0R3BLRE42Y0VqUTh2T0lvJTNE%26u%3d%24UID&gdpr=&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=z4DxgV9jblJDNWk5cVJaalc5eGNUZXVXUFNlSWl5Rjd0R3BLRE42Y0VqUTh2T0lvJTNE&u=379148967230319548&gdpr=&gdpr_consent=
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=k-s0qbHok8Zi8yrW8r7avammgeGAzt-U9evq91BQ&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dfNKEvl9zNjkxZlNjVThoM29VaCUyRkgwRlZPWFZKNkdwMGszeVY1U2hHY0hzTk1NSm8lM0Q%26u%3d%25%25GOOGLE_GID%25%25&gdpr=&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=fNKEvl9zNjkxZlNjVThoM29VaCUyRkgwRlZPWFZKNkdwMGszeVY1U2hHY0hzTk1NSm8lM0Q&u=CAESECppALDOAnpb5knTLTtVq8s&gdpr=&gdpr_consent=&google_cver=1
Request Chain 356
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=KygbfF9PS0hsM29kR1V3VlcxakxIbkFtZ2FmZ0RlJTJGQWJ6dk5ZWTFRSkglMkI3WG5QcyUzRA&gpp=&gpp_sid=&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-s0qbHok8Zi8yrW8r7avammgeGAzt-U9evq91BQ HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-s0qbHok8Zi8yrW8r7avammgeGAzt-U9evq91BQ&gdpr=&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=KygbfF9PS0hsM29kR1V3VlcxakxIbkFtZ2FmZ0RlJTJGQWJ6dk5ZWTFRSkglMkI3WG5QcyUzRA&u=e956d046-38fa-4e19-bbe5-64f4a598c858
Request Chain 368
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=COPArFs9pZ4SDBLPTjuwPs9mE-Qys8uyGfKGAy-KGE7epnZ2KKhABII3kvSlg-br0g5wQoAGE-ZbGA8gBBuACAKgDAcgDCqoElQJP0D6dcyRFHyabsF67KFkzUJnGl0UraXhzYQ_iwooIACVFc3WZ1shcdANUzihzEfn3jKHBdNdt7_mrzkN-A32tdCiTWFB5VjBwVtkMU_lW31KNxUlFRsJZVqgE6FV5yKxh1-ePhiEozBUFKReFyCt6pe7gq6dJICXNY1wiKaAIVINPWRD6HooiyiQFtptZQNj9AtSorlJa9klTxOBwqR4vdRJynoqbzRooMxgf0I8DlN4FS5RndImDDcl4h7NaAr99Dgb9CPaswiq8BSKmlnEB53pFfOUObey7zqe5ms3_nsl_HUfzs4mb3VqPlKRm_8p8y5UhwdfIYUxuNktFlK-2CxNJo-xwGFVAu_qtWFL1hA0e7LkjwATKl-zhzATgBAGIBbjW89JNkgUECAQYAZIFBAgFGASAB-SG6TmoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBBDanwTSCCYIgGEQARgdMgKKAjoLgECAwICAgKCogAJIvf3BOlia3oeh5L6KA_IIG2FkeC1zdWJzeW4tMTM5NDUwMTEwODc5Mjk5M5oJf2h0dHBzOi8vY3VyaW9zaXR5c3RyZWFtLmNvbS8_dXRtX2NhbXBhaWduPXtjYW1wYWlnbn0mdXRtX21lZGl1bT1wbWF4JnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9wbGFjZW1lbnQ9JnV0bV9jb250ZW50PSZnYWRfc291cmNlPTWACgPICwHaDBEKCxDAy-z4xpvg2JwBEgIBA-INEwimk4ih5L6KAxWzqYMHHbMsIc_qDRMI8veIoeS-igMVs6mDBx2zLCHP2BMM0BUBmBYBgBcBshcgChwIABIUcHViLTM5NzAyNzc1MzU1Mjg2MTMYleIfGAG6FwI4AbIYCRICvVIYASIBANAYAegYAQ&sigh=WmdTsdSkUew&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTQCa7L7dZpXhdw9gwQVyXnUsuS8lmWabRu11P-twQ0NwaDb6ndySMP6YHgzCpqPI-TfVG6QpgSwUD7Tg84hnl-wcEW0a6eVV6QQBFS4QGAE&template_id=492&ebtr=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe2a7e80d18ab2d90000000000000000%22,%222%22:%220xbbfb17407987d4040000000000000000%22,%223%22:%220x518e1f1e383731e30000000000000000%22,%224%22:%220xea469b26eb7ddd720000000000000000%22,%225%22:%220xc2db4001994b2f9c0000000000000000%22},%22debug_key%22:%227643029835689666485%22,%22debug_reporting%22:true,%22destination%22:%22https://curiositystream.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22952482948%22],%2222%22:[%22true%22],%224%22:[%2212-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217694316414724183745%22}&andc=true
Request Chain 380
  • https://gce-nl-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_custom_parameter=e956d046-38fa-4e19-bbe5-64f4a598c858

402 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ezgif.com/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.249.108 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
s3.ezgif.com
Software
nginx /
Resource Hash
2685c503016f3a30a187d0a46e2c6869eb5193c25c0414a5914d04b6f59bb32f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=7200, public
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 23 Dec 2024 20:58:33 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
l.css
ezgif.com/css/ 		16 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ezgif.com/css/l.css
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.249.108 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
s3.ezgif.com
Software
nginx /
Resource Hash
32dc682b52595d2020b907e8081b2b75eef4d198ffc75cbe6b74efcc4490e103

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
max-age=2592000, public
content-encoding
gzip
etag
W/"660e48fd-40f7"
expires
Wed, 22 Jan 2025 20:58:34 GMT
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
text/css
last-modified
Thu, 04 Apr 2024 06:30:21 GMT
server
nginx
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
c16a9eab9e77015fe2ca80a734da377b3b8772719b2570a2e6271c5164c14f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
912 / 20080 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33812
x-xss-protection
0
server
cafe
3148
stpd.cloud/saas/ 		493 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/saas/3148
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1268384eab0b669597a10e50e4011fa2cd35105667a1b880b4210a567bc5bae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
max-age=300
x-stpd-module-cache
HIT
content-encoding
br
cf-ray
8f6b453b7cfac22f-TLV
access-control-allow-origin
*
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
text/javascript
vary
Accept-Encoding
server
cloudflare
tag
btloader.com/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5646025299591168&upapi=true
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.75.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18fb9d34a9b863ee64252af10235533897c31e27b436c912546348b7f3a22b02

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
EXPIRED
etag
"ce2dd1f7814fae7fa0f51543d6357c48"
via
1.1 google
cf-ray
8f6b453c5b767d98-TLV
accept-ranges
bytes
content-length
21097
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
application/javascript
last-modified
Mon, 23 Dec 2024 20:55:05 GMT
vary
Origin, Accept-Encoding
server
cloudflare
/
img.buymeacoffee.com/button-api/ 		29 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.buymeacoffee.com/button-api/?text=Buy%20me%20a%20coffee&emoji=%E2%98%95&slug=ezgif&button_colour=FFDD00&font_colour=000000&font_family=Cookie&outline_colour=000000&coffee_colour=ffffff
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.2.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
255b0d922ff5d3a1f30d95b3fd9ea6579af06638f597e2049ab1a96308ca294b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

access-control-max-age
3600
content-encoding
br
cf-cache-status
HIT
age
2041141
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FT1Jc1y3HdNVTOgVUokBwck5rV0hFRoaq15IIRcJPbzckacktPl7rRMZpO%2FS7wNSv8diFx1rsr8Bzn97HcqKpqv0YHn6Xlk3xufqxy%2BDbps8qvk9RMpag1y14eUlLtN0q6YIvu1j"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
expires
Thu, 21 Nov 2024 04:19:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=120706&min_rtt=120617&rtt_var=45295&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4172&recv_bytes=4423&delivery_rate=27382&cwnd=12000&unsent_bytes=0&cid=36f56bd8125bc6c2&ts=142&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=2,i
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
last-modified
Tue, 19 Nov 2024 04:19:23 GMT
access-control-allow-credentials
true
cf-ray
8f6b453b6d9418e0-FRA
access-control-allow-origin
*
server
cloudflare
inview.min.js
stpd.cloud/assets/libraries/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/libraries/inview.min.js
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
public, max-age=1200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"23df7c2f5fe3a534a7299c9c9e923fa9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JzZitJENlp3dFf66ne5gTOctVHDo42B1RAbmZfcLS1tRGjBXS8X0CQRRBH%2BnKYP4SxVIz6hj3rxukyo%2B7WLyNFUJEh87Wjpd5M%2BBLLukfq9kGTa0iV90nVRSxLJs"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f6b453b7cf4c22f-TLV
expires
Mon, 23 Dec 2024 21:18:34 GMT
access-control-allow-origin
*
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
cmp-stub.js
cmp.setupcmp.com/cmp/cmp/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.setupcmp.com/cmp/cmp/cmp-stub.js
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ecc4cd36aa5d13b26bfdf89c9b0c41af9a3311985c0c878bcc687b9f55986a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-md5
3jfo58Cotbsu8TxBvJOgIw==
access-control-expose-headers
country
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
3331
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UqG3af5zk5yzEzdiob1i89O3TfKq2zexs2B8t5W7cWsJmVy4v0mxLVQx5JHcKLXJVpDBoCkDEwq%2BXp%2B0k1fJ8uCeffWGV9sEZ63w%2BY6Rh%2B7e2apQubg2MVEPYJgBNb3zZWY%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=55185&min_rtt=55158&rtt_var=20703&sent=7&recv=9&lost=0&retrans=0&sent_bytes=4005&recv_bytes=2234&delivery_rate=77450&cwnd=252&unsent_bytes=0&cid=623a507c81185921&ts=156&x=0"
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
text/javascript
last-modified
Tue, 28 Nov 2023 10:43:06 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
5bd348c8-901e-0012-0943-553de3000000
cf-ray
8f6b453d4967371c-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
cmp-v1.js
cmp.setupcmp.com/cmp/cmp/ 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.setupcmp.com/cmp/cmp/cmp-v1.js
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
303f225bfafe4c6cfbecd3de821c6835b76e5bdecc8f3402ae2ed88d26787cb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-md5
rPqEV5vnW93ZjFOdeovBzg==
access-control-expose-headers
country
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
3324
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jiOAhquphJEZUNoAKZhyK0h5RFyoqN%2Fck%2FWg5xZnYNeM2DSCcQJTJUAdhbzyUW%2FkyWHlGf27KJ2C2rP0tu5U6DYx9fY8OjOk6dcdiyTLepRnUIrpRRZTtghWTE2hdUp2p78%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=55185&min_rtt=55158&rtt_var=20703&sent=10&recv=9&lost=0&retrans=0&sent_bytes=5410&recv_bytes=2234&delivery_rate=77450&cwnd=252&unsent_bytes=0&cid=623a507c81185921&ts=159&x=0"
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
text/javascript
last-modified
Thu, 24 Oct 2024 11:32:46 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
88afbd70-d01e-0095-129b-54ae86000000
cf-ray
8f6b453d496c371c-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
truncated
/ 		45 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0878caf45ab3e9900e069b7be7d430ca6a3ccd3f8ce3fe3a08632c5a6f3a3ce7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
logo.svg
ezgif.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ezgif.com/logo.svg
Requested by
Host: ezgif.com
URL: https://ezgif.com/css/l.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.249.108 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
s3.ezgif.com
Software
nginx /
Resource Hash
29d1d62bf17b4a1975fb3d9e1daea3ac47edf5cd8ed78155faa03afa03aa9d56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/css/l.css

Response headers

cache-control
max-age=2592000, public
etag
"65f0890d-d10"
expires
Wed, 22 Jan 2025 20:58:34 GMT
accept-ranges
bytes
content-length
3344
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Mar 2024 16:55:41 GMT
server
nginx
e.png
ezgif.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ezgif.com/e.png
Requested by
Host: ezgif.com
URL: https://ezgif.com/css/l.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.249.108 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
s3.ezgif.com
Software
nginx /
Resource Hash
9f18c71a79bca371f0378d87de0a9b5db5a0512622598032e69e056dcf586cd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/css/l.css

Response headers

cache-control
max-age=2592000, public
etag
"65f06ee0-8b7"
expires
Wed, 22 Jan 2025 20:58:34 GMT
accept-ranges
bytes
content-length
2231
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
image/png
last-modified
Tue, 12 Mar 2024 15:04:00 GMT
server
nginx
homepage.png
ezgif.com/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ezgif.com/images/homepage.png
Requested by
Host: ezgif.com
URL: https://ezgif.com/css/l.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.249.108 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
s3.ezgif.com
Software
nginx /
Resource Hash
7d0ee335c95a73d2e86a8e641cadab3ab4a84cfa91bb91ad11ce726e3d4e6ab2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/css/l.css

Response headers

cache-control
max-age=2592000, public
etag
"659c50f5-2e9c"
expires
Wed, 22 Jan 2025 20:58:34 GMT
accept-ranges
bytes
content-length
11932
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
image/png
last-modified
Mon, 08 Jan 2024 19:45:57 GMT
server
nginx
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 		492 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
5395541545685299795
age
21587
x-content-type-options
nosniff
expires
Tue, 23 Dec 2025 14:58:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 23 Dec 2024 14:58:47 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
156760
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 		63 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
21587
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 14:58:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 23 Dec 2024 14:58:47 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
px.gif
bt.dns-finder.com/ 		43 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bt.dns-finder.com/px.gif
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5646025299591168&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
211
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HOwwA9BeEm1imn%2FChJ%2Be6C4hoRmgDV2WLae5JAU7f%2FiaI0OdMK2Z54oZKI6%2FiqGW9xfWJvugYQz64sDT0%2BoauFulqnRA8545jRnKA2htUE3dofmQjzMAVzTv3xfUj8doX3lcIA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Mon, 23 Dec 2024 20:55:41 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
43
server-timing
cfL4;desc="?proto=QUIC&rtt=72943&min_rtt=72938&rtt_var=27362&sent=9&recv=7&lost=0&retrans=0&sent_bytes=4061&recv_bytes=4257&delivery_rate=45785&cwnd=12000&unsent_bytes=0&cid=11bc822ef3a36b3a&ts=98&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 16:36:17 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
AFiumC7CIRyC_wGd1yNvJtW7vjVGspDPO5TTTE3mfE6EEMpVtJyeRnfu5F7RK-wpGB7biyPkxCOnRFM
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8f6b453f0916c21f-TLV
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1721406977485562
content-length
43
server
cloudflare
px.gif
ad-delivery.net/ 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
283748
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2AFuqlicFBe37QJBgBx%2FuQ4YPbqdeGZ1w8MFGXJ8he5dbq7MqN1CSlTy%2FS%2FlXJwjL%2BvMb6fr3mmncWTapAnDQQ9Lkx8oN63UO5F0f74hB1G2Y2%2BUqcWQWNH83MbOBqGNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Tue, 24 Dec 2024 20:58:34 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=52560&min_rtt=52557&rtt_var=19716&sent=10&recv=9&lost=0&retrans=0&sent_bytes=5156&recv_bytes=2264&delivery_rate=73479&cwnd=252&unsent_bytes=0&cid=7cc8d93c02a5c32d&ts=134&x=0"
x-goog-stored-content-length
43
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY2L9qXq_rDmTix2LeWeC79koU-ruSeBvCnublDlZRy2OunCnQETn2DHpUFNqkJei0j8xB0
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f6b45403bc2dc4f-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
age
21536
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 14:59:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 14:59:38 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.06254400694628459
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
283748
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qBmEvFtG9%2FlPxEEi0F96R%2BH55W39wcamr6Mzdy3hlUmafZTP%2Bs3SVKjfV98lK9SUulkwOIc86RWQ1Iq61ftFYtA%2FNhh3E9Lc%2Bv%2BH0m6ZaWsqwgH7q0jsuS3s%2B1UXflxYOA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Tue, 24 Dec 2024 20:58:34 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=52560&min_rtt=52557&rtt_var=19716&sent=7&recv=9&lost=0&retrans=0&sent_bytes=4024&recv_bytes=2264&delivery_rate=73479&cwnd=252&unsent_bytes=0&cid=7cc8d93c02a5c32d&ts=132&x=0"
x-goog-stored-content-length
43
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY2L9qXq_rDmTix2LeWeC79koU-ruSeBvCnublDlZRy2OunCnQETn2DHpUFNqkJei0j8xB0
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f6b45403bbedc4f-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
391-light.json
cmp.setupcmp.com/cmp/config/ 		119 B
857 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.setupcmp.com/cmp/config/391-light.json
Requested by
Host: cmp.setupcmp.com
URL: https://cmp.setupcmp.com/cmp/cmp/cmp-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d49ae8fb5513116d0f019c5e73e2326eac2d5e3792978cff0ff2f53ec2fe793

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-md5
TVHaXS7NJPdAk0DB03hpKg==
access-control-expose-headers
country
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
DYNAMIC
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ETFe8hOA8mAXh8naGw4c4vTsyB4iHQbCWoSOppXwfZovvC6lXKFxjxMcL%2FCLVw1OuBwDwZ7TikaLEwSbM1pIAdqo2UVr%2F6u4VdiaGpyNa8dQmgp8qKWoM4309IfqxL6GufM%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=56017&min_rtt=55898&rtt_var=15826&sent=6&recv=9&lost=0&retrans=0&sent_bytes=4005&recv_bytes=2240&delivery_rate=69116&cwnd=252&unsent_bytes=0&cid=d5ee9cf4603f2941&ts=152&x=0"
date
Mon, 23 Dec 2024 20:58:34 GMT
content-type
application/json
last-modified
Tue, 08 Aug 2023 06:04:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
63d810bf-601e-0029-537d-557847000000
country
IL
cf-ray
8f6b454058c1d371-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
op.js
tagan.adlightning.com/setupad/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/op.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be918810309cae7d75e4b2f42b9a8a162218f92919b5954eaad9f6d2ba56e6dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
x-amz-version-id
HKlzD2.kJfY703EhT3KoHZU0r6u.kWKd
etag
"687f8937b3b275f583033a41c3d5d24d"
age
541
x-cache
Hit from cloudfront
x-amz-cf-id
z8CCJ0aAbGxwgO_zzuom0oUCKrNeI4hhuxNepraoUdU7E_FVeDhljw==
date
Mon, 23 Dec 2024 20:49:35 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Mon, 23 Dec 2024 18:54:49 GMT
cache-control
max-age=3600
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
6575
x-amz-meta-git_commit
bde0e05
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
apstag.js
c.amazon-adsystem.com/aax2/ 		347 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.231.151 , United States, ASN (),
Reverse DNS
server-3-167-231-151.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c234a39335c68efa876173f1af885a07eb982fde169e3627c70956ba0088313

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"7e51aa38db51fceb0afb5b4671f303d3"
age
2696
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 1b406976e43f339920dd4ca9beffceb8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
tIY6S0hrwdMhVUmXYCelQs3CecVey9HABKI2dKhOBtUPboNwNmPtCg==
date
Mon, 23 Dec 2024 20:13:40 GMT
content-type
application/javascript
last-modified
Wed, 18 Dec 2024 21:58:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA60-P11
x-amz-server-side-encryption
AES256
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241223
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41cc11557fd30c42c6fdacbacbd588a6d91aa70a37a7efbab2540f207e7e8a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"63e-wkDJtmyjaEQ581p3cxTFRPyMA84"
age
17864
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Mon, 23 Dec 2024 20:58:35 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230103-FRA, cache-lcy-eglc8600099-LCY
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
831
x-jsd-version
1.0.2279
country
api.btloader.com/ 		36 B
214 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=5646025299591168
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5646025299591168&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
70fee922218a67fda3635615f2b1e7d2af2b1832cdd6df452759672368312351

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 23 Dec 2024 20:58:35 GMT
content-type
application/json
vary
Origin
default-vendors.json
cmp.setupcmp.com/cmp/gvl/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.setupcmp.com/cmp/gvl/default-vendors.json
Requested by
Host: cmp.setupcmp.com
URL: https://cmp.setupcmp.com/cmp/cmp/cmp-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c56c6468d613b3d7ba2bafbf52099d398defa05420167652b7cadbb7faa075

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-md5
iHaIJvxRz6vxevmXJ0GCWw==
access-control-expose-headers
country
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
78937
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XmyPAQJksItRC1FC0OwHi%2FsGVnZQJ%2BpAv1yxLH9v70wDkCBVNHRD4h7%2BZPe3iRGLRLU4h5rt06vRl7y%2FEemEEX2YyjSdnkeCNRhmORGHeWWVgFzHApPalqbmtWnj7TXaRIw%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=55976&min_rtt=55871&rtt_var=3804&sent=10&recv=16&lost=0&retrans=0&sent_bytes=4928&recv_bytes=2343&delivery_rate=78979&cwnd=257&unsent_bytes=0&cid=d5ee9cf4603f2941&ts=285&x=0"
date
Mon, 23 Dec 2024 20:58:35 GMT
content-type
application/json
last-modified
Thu, 19 Dec 2024 16:30:37 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id
c73cdec2-001e-0010-51c5-54835b000000
cf-ray
8f6b45414ad0d371-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
prebid
id5-sync.com/api/config/ 		167 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
3b9767e5d0bea4d284bb1e624cc6ee3244b13efedfe5424eb5140ef326511eb7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:58:35 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
json
gum.criteo.com/sid/ 		349 B
934 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fezgif.com%2F&domain=ezgif.com&cw=1&lsw=1&gdpr=0
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c4c7b263d669970cf411f115c63fba308aeb27a3f2883ab5afdd28d1b72745bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
521033
expires
0
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:58:36 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
localstore.js
script.4dex.io/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

Content-Encoding
br
CF-Cache-Status
HIT
ETag
W/"00a8e13a83b2bbab51af8e55f52be363"
Age
446203
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2oxc6C4pxbslxP72Mvw4mJzUTrC1FyR%2FMZ21XXeX%2F%2FsgyA3FJd0VEIuAolYwGzuqAWmD2LKV1lBtubEaNY2AN8TXRzwGWg5ifiZpnFZqWtRLYF43igQY8ENv8%2FF8YSxD"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=52219&min_rtt=52211&rtt_var=19596&sent=6&recv=7&lost=0&retrans=0&sent_bytes=3471&recv_bytes=2507&delivery_rate=81713&cwnd=252&unsent_bytes=0&cid=6e279ec05ef6ee6d&ts=147&x=0"
Date
Mon, 23 Dec 2024 20:58:37 GMT
Content-Type
application/javascript
Last-Modified
Wed, 18 Dec 2024 16:59:11 GMT
Vary
Accept-Encoding
Transfer-Encoding
chunked
Cache-Control
public, max-age=1800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8f6b454dda90038e-FRA
Server
cloudflare
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=HxAAYiosD8-m4SryGaf-93f55082ec&w=6372427745984512&o=5646025299591168&cv=2.1.67&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fezgif.com%2F&sid=HXIXOmGmgb-iYNBnyF1-93f55082ec&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5646025299591168&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

via
1.1 google
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 20:58:35 GMT
vary
Origin
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 8406 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1018
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29117
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 20:41:37 GMT
expires
Mon, 23 Dec 2024 21:31:37 GMT
last-modified
Mon, 09 Dec 2024 20:44:42 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5d8dac2d4ae43a0b541c160f30e8238951b42b13bb5f01ca2697271b3a804ad2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

etag
e8fb4c5e5648d4012fd13b4c454df319
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1558
date
Mon, 23 Dec 2024 20:58:36 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 11 Dec 2024 20:03:09 GMT
server
Google Frontend
x-cloud-trace-context
285b96cf25aef415bbc055ad89a53af9
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56351c084d8d56437d41f1e58b7eb184b563871e88bab60f6b15486c39f13996
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

etag
"faa388a163b1b6d0377ee77a861591e5"
age
3134
x-cache
Hit from cloudfront
x-amz-cf-id
UUnDE_fCNm8cGIIdVbrd6E4Zxr4PdV_F0yiP5JEwtkvkfgT7W3qedg==
date
Mon, 23 Dec 2024 20:06:24 GMT
content-type
application/javascript
last-modified
Mon, 22 Apr 2024 18:18:45 GMT
x-amz-expiration
expiry-date="Mon, 23 Apr 2029 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
content-security-policy
default-src 'self'
cache-control
max-age=3600
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
8729
x-amz-cf-pop
FRA56-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
esp.js
oa.openxcdn.net/ 		0
0
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
nginx /
Resource Hash
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"670e3454-a69c"
cross-origin-resource-policy
cross-origin
expires
Tue, 24 Dec 2024 20:58:46 GMT
access-control-allow-origin
*
date
Mon, 23 Dec 2024 20:58:46 GMT
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 09:22:28 GMT
server
nginx
ob.js
cdn-ima.33across.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"671a7174-43df"
age
146603
cf-ray
8f6b45aded77c21f-TLV
expires
Thu, 26 Dec 2024 20:58:52 GMT
date
Mon, 23 Dec 2024 20:58:52 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 16:10:28 GMT
vary
Accept-Encoding
server
cloudflare
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		0
0
euidSecureSignal.js
cdn.prod.euid.eu/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.euid.eu/euidSecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.128.208 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-128-208.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46348bf466224f50e75a82c10ff7b5c9450efbf6a14e9d7582d69ad54cb4305d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

x-amz-version-id
in7SWoW.EC8.UA6UeVqHFLQoMBQcukKC
ETag
"a41aa54a261591676de791781ccb5a21"
Age
65096
Connection
keep-alive
Via
1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
3117
X-Amz-Cf-Id
3E1qFjAtW5-P64DDzYzjmwm9m_5JFj6E2_W2ZujuIpvUMht_6emJUw==
Date
Mon, 23 Dec 2024 02:53:44 GMT
Content-Type
text/javascript
Last-Modified
Wed, 11 Dec 2024 19:25:17 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
x-amz-server-side-encryption
AES256
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.186.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-186-105.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

x-amz-version-id
suVMGQsV8z1neCwtnAwOA2e_FhSjpoa6
ETag
"e264379414c85b18fe5fb338ed4823f8"
Age
67800
Connection
keep-alive
Via
1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
3117
X-Amz-Cf-Id
h512oqYIvXPV00xX0mAQgVSMw_4dPyGBr32pjePNxD8A67T8QR-p5w==
Date
Mon, 23 Dec 2024 02:08:45 GMT
Content-Type
text/javascript
Last-Modified
Wed, 11 Dec 2024 19:25:11 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P1
x-amz-server-side-encryption
AES256
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fezgif.com%2F&domain=ezgif.com&cw=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ezgif.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ezgif.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 23 Dec 2024 20:58:35 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
197852
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_sync
prebid-stag.setupad.net/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52dfbd181cd8f02932abe5ecffd87ce5f66474322c78515384fd832b0acb8836

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vDhb9PSTJGpoiMxZvKSY1e1s3gtlSt99zctcq9jnq3H9NXZD667aiDGKzSJ3wRZqXghhgK9fsHk3dq7qs4J17BDo1bBSky4ChXxMm7Q3Rc44kCdWfKnsD4s%2FRrHR1KT2iGEbS3KNi3Y"}],"group":"cf-nel","max_age":604800}
cf-ray
8f6b4545b8a12c47-FRA
expires
0
access-control-allow-origin
https://ezgif.com
server-timing
cfL4;desc="?proto=TCP&rtt=52286&min_rtt=52259&rtt_var=11070&sent=9&recv=15&lost=0&retrans=0&sent_bytes=3990&recv_bytes=6133&delivery_rate=81734&cwnd=252&unsent_bytes=0&cid=2241be70c065a27b&ts=417&x=0"
date
Mon, 23 Dec 2024 20:58:35 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
auction
prebid-stag.setupad.net/openrtb2/ 		349 B
712 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ec06c61acd5576a642e16fc4b292466cafba177e6220215cb4cfeeb3c08fa7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t9bxZJi6O28QM4CDK8%2FlaIIKtdMMnndA1Y8Pov1fWQnpxCUm9D%2FgOLqHqVQe0NibrzoO5kKQdMMMXrI9%2FPrRh7MU4zwPaTXvs85z9nKqgdQsIXVjYzguJRcWl6yg1XfdUH0DgVehsJAT"}],"group":"cf-nel","max_age":604800}
expires
0
server-timing
cfL4;desc="?proto=TCP&rtt=52230&min_rtt=52127&rtt_var=3579&sent=14&recv=20&lost=0&retrans=0&sent_bytes=5513&recv_bytes=6164&delivery_rate=109083&cwnd=255&unsent_bytes=0&cid=2241be70c065a27b&ts=496&x=0"
date
Mon, 23 Dec 2024 20:58:35 GMT
content-type
application/json
vary
Origin
cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8f6b4545b8a22c47-FRA
access-control-allow-origin
https://ezgif.com
x-prebid
pbs-go/0.259.0
server
cloudflare
v1
btlr.sharethrough.com/universal/ 		588 B
739 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.72.6.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-6-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8cb3f57ac157ae625fe7feb5c9e4e8c7fc311b0f9726164804b012424355be74
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

x-openrtb-version
2.5
strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://ezgif.com
content-encoding
gzip
content-length
384
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
115 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.72.6.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-6-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://ezgif.com
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.72.6.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-6-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://ezgif.com
access-control-allow-credentials
true
66b0e577077feb8d85703adf
exchange.cootlogix.com/prebid/multi/ 		0
498 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/66b0e577077feb8d85703adf
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.38.48.20 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

access-control-allow-origin
https://ezgif.com
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Mon, 23 Dec 2024 20:58:35 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
66b0e577077feb8d85703adf
exchange.cootlogix.com/prebid/multi/ 		0
498 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/66b0e577077feb8d85703adf
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.38.48.20 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

access-control-allow-origin
https://ezgif.com
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Mon, 23 Dec 2024 20:58:35 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
66b0e577077feb8d85703adf
exchange.cootlogix.com/prebid/multi/ 		0
498 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/66b0e577077feb8d85703adf
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.38.48.20 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

access-control-allow-origin
https://ezgif.com
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Mon, 23 Dec 2024 20:58:35 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
prebid
mp.4dex.io/ 		0
500 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.78 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

x-version
3.0.0-gcp-ams
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Shapings: no adunits with size and seat and mapping
access-control-allow-credentials
true
via
1.1 google
cf-ray
8f6b45459d37c21d-TLV
expires
0
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:58:36 GMT
vary
Origin, Accept-Encoding
server
cloudflare
bid
ap.lijit.com/rtb/ 		25 B
359 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.27.0
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.217.95.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-95-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
98c79672b8786441b288bd5f5a9e03c663183ec6956660761be5fecce64ddc96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://ezgif.com
content-length
25
date
Mon, 23 Dec 2024 20:58:35 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
v2
i.connectad.io/api/ 		0
0
prebid-request
onetag-sys.com/ 		15 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length
41
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
openrtb
adx.adform.net/adx/ 		0
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
expires
-1
access-control-allow-origin
https://ezgif.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Mon, 23 Dec 2024 20:58:35 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
v1
prg.smartadserver.com/prebid/ 		955 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.149.193.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
f925e2f42ae2bbf3f9b7147f9865fc5239a041f9d013efd8fd09d90942181d83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 23 Dec 2024 20:58:36 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
v1
prg.smartadserver.com/prebid/ 		956 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.149.193.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
3ed88758ccb25e90632c0be31e0da154191ec2f3665e2b5644d37b09d49c6a90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 23 Dec 2024 20:58:35 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
v1
prg.smartadserver.com/prebid/ 		1008 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.149.193.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
9e396e1693459828e5b5a7d9fc56d457337684e201e87c31fe55c5d6127928c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 23 Dec 2024 20:58:36 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
prebid
ib.adnxs.com/ut/v3/ 		360 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0fa865e924e65d0c9f6820a2673597415051118726d2a0e44dfd686ac45255f1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
31.187.78.15; 31.187.78.15; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://ezgif.com
an-x-request-uuid
bfde0a8c-5d4b-4f17-8827-68747f670472
content-length
360
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 23 Dec 2024 20:58:35 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
cdb
bidder.criteo.com/ 		16 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.27.0&cb=10290497548&lsavail=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.56 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3fd1021543260dafbc39f57fb21eecbcb4ed61169313aa829b3acba38c26e7d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:58:35 GMT
content-type
application/json
vary
Accept-Encoding, Origin
server
Kestrel
c
prebid.a-mo.net/a/ 		936 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.34 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software
envoy /
Resource Hash
c37221724906b297161691c9bd0dd38701b30985fa9e5c516fe53cfe501e0e94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
x-envoy-upstream-service-time
184
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
content-length
468
date
Mon, 23 Dec 2024 20:58:35 GMT
content-type
application/json; charset=utf-8
vary
origin, accept-encoding
server
envoy
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.27.0&referrer=https%3A%2F%2Fezgif.com%2F&tmax=1500&gdpr=false
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.64.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://ezgif.com
x-auction-status
29
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
hb
rt.marphezis.com/ 		0
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.203.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

access-control-max-age
86400
access-control-expose-headers
Content-Length
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
expires
0
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:58:35 GMT
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
auction
pbs.nextmillmedia.com/openrtb2/ 		0
50 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.162.83 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns1016849.ip-15-204-162.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
x-trace-id
63613581-4e35-4d6f-9a55-81bca20c85fb
expires
0
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:58:36 GMT
x-prebid
pbs-go/43.52.0
vary
Origin
auction
pbs.nextmillmedia.com/openrtb2/ 		0
50 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.162.83 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns1016849.ip-15-204-162.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
x-trace-id
6afca063-8b67-4e1d-945c-2fc9596338f7
expires
0
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:58:36 GMT
x-prebid
pbs-go/43.52.0
vary
Origin
auction
pbs.nextmillmedia.com/openrtb2/ 		0
462 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.162.83 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns1016849.ip-15-204-162.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
x-trace-id
659cdead-82e7-4564-8d32-4ee1fae746cb
expires
0
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:58:36 GMT
x-prebid
pbs-go/43.52.0
vary
Origin
unruly_prebid
targeting.unrulymedia.com/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://ezgif.com/

Response headers

access-control-allow-origin
https://ezgif.com
cache-control
private, max-age=0, no-cache, no-store
date
Mon, 23 Dec 2024 20:58:36 GMT
pragma
no-cache
access-control-allow-credentials
true
ad
lwadm.com/ 		0
0
prebid
prebid.media.net/rtb/ 		66 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUAMBU35
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
0fbad98c4cc343f2f9e81db59790b5ec8ccce43f65e2ca1250e367f1c4ae967c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
128
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
Mon, 23 Dec 2024 20:58:35 GMT
access-control-allow-origin
https://ezgif.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 20:58:35 GMT
content-type
application/json;charset=utf-8
server
envoy
prebidjs
rtb.openx.net/openrtbb/ 		53 B
380 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
aeca388c050eeef22aa2607bde8e15da0a5582432f1564f6011913983de040f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
x-forwarded-for
31.187.78.15
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://ezgif.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Mon, 23 Dec 2024 20:58:35 GMT
content-type
text/plain
vary
Origin
metric
report2.hb.brainlyads.com/statistics/ 		68 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&groups=1161;1161;1161
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
0464f45b495a5aac8d0e6edd4cc000fef4d3f90187ba1a7b7faf39cf4087085f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

ETag
W/"44-BLfixpdlXhg7c93spq1PGUM+F+4"
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
68
Date
Mon, 23 Dec 2024 20:58:43 GMT
Content-Type
image/png
X-Powered-By
Express
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Headers
*
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ezgif.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ezgif.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 23 Dec 2024 20:58:35 GMT
b-bde0e05-b5b90430.js
tagan.adlightning.com/setupad/ 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8006523641cfe7752eff7fab6bb5a7f7d0881ac0d494447eb8541e5f645d2edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
etag
"777a63c7bb73394365962e8e0fd2dc01"
x-amz-version-id
tHAtBRpN__u5ySMyvqtc44KVZeaJWugx
age
4582575
x-cache
Hit from cloudfront
x-amz-cf-id
lim2m97is37oNdZaufHwSgdSUEwyKmHio9nTlUHuLkyuIrwCskVdug==
date
Thu, 31 Oct 2024 20:02:22 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 20:01:47 GMT
cache-control
max-age=31536000
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
25896
x-amz-meta-git_commit
bde0e05
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
bl-2f64429-2a10f671.js
tagan.adlightning.com/setupad/ 		194 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/bl-2f64429-2a10f671.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cea0b96d663393b7e25c6c3a778922ba6a9febc96915bc7bca8661462178a21d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
etag
"5a8668a8f95c71e84f06c71b3166c88c"
x-amz-version-id
PyH6VPUlOkft5KKSqMxGV_gCQ8MgDlLJ
age
6725
x-cache
Hit from cloudfront
x-amz-cf-id
3EUQC8w00PhYCMFow7pTQRYZk-SKacASfNvFJBxSg69-mrqbKTDzSA==
date
Mon, 23 Dec 2024 19:06:32 GMT
content-type
application/javascript
last-modified
Mon, 23 Dec 2024 18:54:40 GMT
cache-control
max-age=31536000
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
69246
x-amz-meta-git_commit
2f64429
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
config.aps.amazon-adsystem.com/configs/ 		563 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-92.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
22e881cb8b8a492792e3c45a5cb3a55a9bf2d4a139e34fab89afdaf536923fda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
max-age=3600
age
348
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
beFaSGNHQEJIZ0JW7ixChx4Egw3S42SHZFkChyDOyK2e0tyU9c4lDQ==
date
Mon, 23 Dec 2024 20:52:52 GMT
content-type
application/javascript
x-amz-cf-pop
FRA56-P8
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fezgif.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.231.151 , United States, ASN (),
Reverse DNS
server-3-167-231-151.fra60.r.cloudfront.net
Software
Server /
Resource Hash
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
11435
access-control-allow-credentials
true
via
1.1 1b406976e43f339920dd4ca9beffceb8.cloudfront.net (CloudFront)
access-control-allow-origin
https://ezgif.com
x-cache
Hit from cloudfront
content-length
3623
x-amz-cf-id
LpPK8q2Rixm9CAt28dUMsHkAu7oRsLUw67iHbgFu5kja8f2BFqL2Sg==
date
Mon, 23 Dec 2024 17:47:59 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA60-P11
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		264 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fezgif.com%2F&pid=CfD6FW3yl1bVh&cb=0&ws=1600x1200&v=24.1212.711&t=1500&slots=%5B%7B%22sd%22%3A%22ezgif_com_728x90_top_responsive%22%2C%22s%22%3A%5B%22728x90%22%2C%22460x60%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F147246189%2C21770999482%2Fezgif.com_728x90_desktop_top%22%7D%2C%7B%22sd%22%3A%22ezgif_com_300x600_2%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x300%22%2C%22300x250%22%2C%22160x600%22%2C%22120x600%22%2C%22240x400%22%5D%2C%22sn%22%3A%22%2F147246189%2C21770999482%2Fezgif.com_300x600_2%22%7D%2C%7B%22sd%22%3A%22ezgif_com_300x600_1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x300%22%2C%22300x250%22%2C%22160x600%22%2C%22120x600%22%2C%22240x400%22%5D%2C%22sn%22%3A%22%2F147246189%2C21770999482%2Fezgif.com_300x600_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21setupad.com%2C158%2C1%2C%2C%2C&sm=87f9ad21-adfa-4af9-b9ac-59139a9132da&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.47.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-47-193.fra60.r.cloudfront.net
Software
Server /
Resource Hash
6ce248bc1bbb0b8eabea8634d363fa1487eb05840a831a85db7628233bdceb5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
access-control-allow-origin
https://ezgif.com
x-cache
Miss from cloudfront
content-length
227
x-amz-cf-id
xrV5MN3_QxM4XxxVU1GwV9_p-YPbVEAxfGGZ9Yp5NNfeak3QY3FEdQ==
date
Mon, 23 Dec 2024 20:58:35 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA60-P3
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.231.151 , United States, ASN (),
Reverse DNS
server-3-167-231-151.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
69312
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
qN3ofWdBZfCSexhCIvWUOdchfMFth0NUsaGblHLYvqSMzZ9iP1RY-w==
date
Mon, 23 Dec 2024 01:43:24 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 e961568a7f39e8e23cb01bf72601c308.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.23.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-23-172.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Mon, 23 Dec 2024 21:13:37 GMT
accept-ranges
bytes
content-length
17407
date
Mon, 23 Dec 2024 20:58:37 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		0
0
hadron.js
cdn.hadronid.net/ 		11 B
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fezgif.com%2F&ref=&_it=amazon&partner_id=533
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73f5986eb985871284e6e216372de3505634a97229de643216728d0fbfd6227

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
max-age=432000
cf-cache-status
HIT
etag
"ba4f7a703ea78ac1b72b5fe1be4fb407"
age
2011
x-amz-request-id
FF8NK4F72XPREDJR
cf-ray
8f6b45b63ea71293-MRS
accept-ranges
bytes
content-length
11
date
Mon, 23 Dec 2024 20:58:53 GMT
content-type
application/javascript
last-modified
Thu, 05 Dec 2024 20:48:49 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
oiBLYc3PFXZKl3QZyFtXw3DEPjL1nlhVpn5+4qSBaf4b6L5H3LV6f6w/hlGmUfsKI67DW4iu+4E=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

x-amz-id-2
Su1j/o08VGR2ECO/BAhAYHeXB1W+I8VgypURtT6LURV+oxgsBweRgUhJpW7Wtya/TUvi8x9cXMTr2etdeZvKJ2uEB5tsA0w91Vp2ZrKfp+Q=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"4d852428cba0ba1a5108520745060d6e"
age
2240
x-amz-request-id
DTWV0NDGXXAHCZRK
cf-ray
8f6b45720b237d9e-TLV
date
Mon, 23 Dec 2024 20:58:42 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 04 Dec 2024 13:37:28 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.23.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-23-172.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"38c0-5e92054540ea5-gzip"
expires
Mon, 23 Dec 2024 21:13:41 GMT
accept-ranges
bytes
content-length
5252
date
Mon, 23 Dec 2024 20:58:41 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
21076b493c1724fe2057ecefcc5da5375b83f8ee2f203c8c4313c12fee8d08be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:58:35 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
setuid
prebid-stag.setupad.net/
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_c...
  • https://prebid-stag.setupad.net/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1043720355458788004
86 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1043720355458788004
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W8ZEQnzSoPrvROWLZGKIbFT7qFEtWGkAhVfpLKoh%2BjqDgEayNMWqKMBahAaaXQFivO38lu%2FSiDaQ6Gk4pGLHQQQA7psUCxfX2Ktbuc2tQMxWtDwXFUHzt8h173OtZxDtM3MsWm2jdtjr"}],"group":"cf-nel","max_age":604800}
cf-ray
8f6b45742b922c47-FRA
expires
0
server-timing
cfL4;desc="?proto=TCP&rtt=52247&min_rtt=52127&rtt_var=1531&sent=18&recv=24&lost=0&retrans=0&sent_bytes=6291&recv_bytes=6475&delivery_rate=109083&cwnd=255&unsent_bytes=0&cid=2241be70c065a27b&ts=7776&x=0"
content-length
86
date
Mon, 23 Dec 2024 20:58:43 GMT
content-type
image/png
vary
Origin
server
cloudflare

Redirect headers

date
Mon, 23 Dec 2024 20:58:42 GMT
location
https://prebid-stag.setupad.net/setuid?bidder=smartadserver&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1043720355458788004
content-length
0
metric
report2.hb.brainlyads.com/statistics/ 		68 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&groups=1161
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
0464f45b495a5aac8d0e6edd4cc000fef4d3f90187ba1a7b7faf39cf4087085f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

ETag
W/"44-BLfixpdlXhg7c93spq1PGUM+F+4"
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
68
Date
Mon, 23 Dec 2024 20:58:43 GMT
Content-Type
image/png
X-Powered-By
Express
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Headers
*
iu3
aax-eu.amazon-adsystem.com/s/ Frame D7B2
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_ppt_n-vmg_n-...
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_ppt_n-vmg_n-...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&dcc=t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
434
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 23 Dec 2024 20:58:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
NA1QEE0JYE5GPFW552SC

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 23 Dec 2024 20:58:36 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_rx_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-adYouLike_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_ppt_n-vmg_n-baidu_sovrn_n-Rise_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
M9X8NCDSCKXP85TVRDV1
481.json
id5-sync.com/g/v2/ 		638 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
40a16bedbbe07b392979218e2d4b2056b61090500d00ecf265301a1c9a8e6a8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://ezgif.com
p3p
CP="CAO PSA OUR"
date
Mon, 23 Dec 2024 20:58:36 GMT
content-type
application/json
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/ 		117 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=345310670493965&correlator=1822938919033830&eid=31089315%2C95349035%2C31088252&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&gdpr=0&iu_parts=147246189%3A21770999482%2Cezgif.com_728x90_desktop_top%2Cezgif.com_300x600_1%2Cezgif.com_300x600_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%7C460x60%7C320x50%7C468x60%2C300x600%7C300x300%7C300x250%7C160x600%7C120x600%7C240x400%2C300x600%7C300x300%7C300x250%7C160x600%7C120x600%7C240x400&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1734987516791&lmt=1734987516&adxs=762%2C126%2C126&adys=28%2C188%2C209&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fezgif.com%2F&vis=1&psz=728x90%7C300x0%7C300x0&msz=728x90%7C300x0%7C300x0&fws=0%2C0%2C0&ohw=0%2C0%2C0&topics=1&tps=1&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KlJqRlN5ZW91d1pTUlh0Q1hHREJEdTBwa19BU3JjTUdoZ0dmalJIM0ktYkhsLTVRSWNqRGdRZFFmYXU2QXdITndYARI0CgpwdWJjaWQub3JnEiQ1ZGY4OGZkYi1iMGMzLTRhN2EtYmIyNy1iYzVlNmQ3NzVhMWRYARIcCg1jcndkY250cmwubmV0GMWKwqq_MkgAUgIIZBIZCgp1aWRhcGkuY29tGMWKwqq_MkgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjFisKqvzJIAFICCGQSFgoHZXVpZC5ldRjFisKqvzJIAFICCGQSGAoJeWFob28uY29tGMWKwqq_MkgAUgIIZBIUCgVvcGVueBjFisKqvzJIAFICCGQSGwoMMzNhY3Jvc3MuY29tGMWKwqq_MkgAUgIIZBIXCghydGJob3VzZRjFisKqvzJIAFICCGQ.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734987513944&idt=907&ppid=5df88fdbb0c34a7abb27bc5e6d775a1d&prev_scp=pbsd%3D1%26amznbid%3D2%26amznp%3D2%7Cpbsd%3D1%26amznbid%3D2%26amznp%3D2%26hb_env%3Dweb%26hb_adomain%3Dc-up.co.il%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.12%26hb_adid%3D1071cc2debe8ad34%26hb_bidder%3Dcriteo%7Cpbsd%3D1%26amznbid%3D2%26amznp%3D2%26hb_env%3Dweb%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.16%26hb_adid%3D108470fbc5eb415%26hb_bidder%3Dmedianet&cust_params=category%3Dcomputing_graphics%26audience_interest%3Dcomputing%26origin%3Ddirect%26ECT%3D3g%26hb_rf%3D0&adks=3922983428%2C1863772561%2C4242743476&frm=20&eoidce=1&td=1&egid=31438&tan=8bfbbaf0-3206-47d5-8553-91433b2f1dc6%2C8bfbbaf0-3206-47d5-8553-91433b2f1dc7%2C8bfbbaf0-3206-47d5-8553-91433b2f1dc8&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
99213d768d6455dbb83b4001abe2186369222dc8d5b7b2fb05ecf356f7145f2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
content-encoding
dcb
google-lineitem-id
-1,323971949,323972309
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 23 Dec 2024 20:58:37 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1,138303033641,138303033647
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
content-length
14501
x-xss-protection
0
server
cafe
container.html
9a37fdd55ce2aa37122daeaab6087163.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DAAA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9a37fdd55ce2aa37122daeaab6087163.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 20:58:37 GMT
expires
Mon, 23 Dec 2024 20:58:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Tue, 24 Dec 2024 20:58:46 GMT
access-control-allow-origin
*
date
Mon, 23 Dec 2024 20:58:46 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
setuid
prebid-stag.setupad.net/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dmedianet%26gdp...
  • https://prebid-stag.setupad.net/setuid?bidder=medianet&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=3779891196891134000V10
86 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=medianet&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=3779891196891134000V10
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GU3CqpVwW86U%2Fa9OsxSlBu5AND7m0fpYsYPgC5RNA5PmZ2pBcObXVo%2Br94o4eSybpr6wxMk7K8AjYaZm1KdZCKJiD0A2bHyKpqeGsdZ5vOiT66s0H3wxxnO%2BP4jR4re1S9zE6iY4CtqC"}],"group":"cf-nel","max_age":604800}
cf-ray
8f6b45787ece2c47-FRA
expires
0
server-timing
cfL4;desc="?proto=TCP&rtt=52238&min_rtt=52127&rtt_var=877&sent=22&recv=28&lost=0&retrans=0&sent_bytes=7275&recv_bytes=6850&delivery_rate=109083&cwnd=255&unsent_bytes=0&cid=2241be70c065a27b&ts=8471&x=0"
content-length
86
date
Mon, 23 Dec 2024 20:58:43 GMT
content-type
image/png
vary
Origin
server
cloudflare

Redirect headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
cache-control
max-age=0, no-cache, no-store
location
https://prebid-stag.setupad.net/setuid?bidder=medianet&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=3779891196891134000V10
timing-allow-origin
*
pragma
no-cache
expires
Mon, 23 Dec 2024 20:58:43 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
content-length
154
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
date
Mon, 23 Dec 2024 20:58:43 GMT
content-type
text/html
server
Apache
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
age
0
cf-ray
8f6b45817a9ced42-TLV
content-length
3
date
Mon, 23 Dec 2024 20:58:45 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
adagio.js
script.4dex.io/a/latest/ 		62 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/a/latest/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff99f1c735cb544c31b2b7b0d0921dd70888693219749c3105bdd56a9d341f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

Access-Control-Expose-Headers
Content-Encoding
br
CF-Cache-Status
HIT
ETag
W/"3d0b27e2e24dd76a5911852853d2cbad"
Age
446190
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jaOWCTDVKGgcFHhayBvkzdiI35Hb0ErTAfMOGDkre9w5EyuJPlQCn1KdpCv%2FoQ3A%2BtFeA1lnVx37xbc5lNZe%2Fjj2X5tl9OCjOk7v2mR2UoaGV1qS14EvfILNZkbzEJlj"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=52604&min_rtt=52495&rtt_var=19763&sent=5&recv=7&lost=0&retrans=0&sent_bytes=3471&recv_bytes=2288&delivery_rate=73607&cwnd=252&unsent_bytes=0&cid=1e464ab4bc6de5de&ts=140&x=0"
Date
Mon, 23 Dec 2024 20:58:37 GMT
Content-Type
application/javascript
Last-Modified
Wed, 18 Dec 2024 16:59:08 GMT
Vary
Origin, Accept-Encoding
Transfer-Encoding
chunked
Cache-Control
public, max-age=1800
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
CF-RAY
8f6b4551de03db0a-FRA
Access-Control-Allow-Origin
*
Server
cloudflare
fed
ups.analytics.yahoo.com/ups/58813/ 		2 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&gdpr=false&v=1&url=https%3A%2F%2Fezgif.com%2F
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),
Reverse DNS
e2-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000
age
0
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
https://ezgif.com
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Mon, 23 Dec 2024 20:58:40 GMT
content-type
application/json
vary
Origin
server
ATS
b-bde0e05-b5b90430.js
tagan.adlightning.com/setupad/ Frame 896E 		68 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8006523641cfe7752eff7fab6bb5a7f7d0881ac0d494447eb8541e5f645d2edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
etag
"777a63c7bb73394365962e8e0fd2dc01"
x-amz-version-id
tHAtBRpN__u5ySMyvqtc44KVZeaJWugx
age
4582575
x-cache
Hit from cloudfront
x-amz-cf-id
lim2m97is37oNdZaufHwSgdSUEwyKmHio9nTlUHuLkyuIrwCskVdug==
date
Thu, 31 Oct 2024 20:02:22 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 20:01:47 GMT
cache-control
max-age=31536000
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
25896
x-amz-meta-git_commit
bde0e05
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
b-bde0e05-b5b90430.js
tagan.adlightning.com/setupad/ Frame 050A 		68 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8006523641cfe7752eff7fab6bb5a7f7d0881ac0d494447eb8541e5f645d2edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
etag
"777a63c7bb73394365962e8e0fd2dc01"
x-amz-version-id
tHAtBRpN__u5ySMyvqtc44KVZeaJWugx
age
4582575
x-cache
Hit from cloudfront
x-amz-cf-id
lim2m97is37oNdZaufHwSgdSUEwyKmHio9nTlUHuLkyuIrwCskVdug==
date
Thu, 31 Oct 2024 20:02:22 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 20:01:47 GMT
cache-control
max-age=31536000
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
25896
x-amz-meta-git_commit
bde0e05
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 050A 		218 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
437
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:51:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:51:21 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
b-bde0e05-b5b90430.js
tagan.adlightning.com/setupad/ Frame 333A 		68 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8006523641cfe7752eff7fab6bb5a7f7d0881ac0d494447eb8541e5f645d2edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
etag
"777a63c7bb73394365962e8e0fd2dc01"
x-amz-version-id
tHAtBRpN__u5ySMyvqtc44KVZeaJWugx
age
4582575
x-cache
Hit from cloudfront
x-amz-cf-id
lim2m97is37oNdZaufHwSgdSUEwyKmHio9nTlUHuLkyuIrwCskVdug==
date
Thu, 31 Oct 2024 20:02:22 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 20:01:47 GMT
cache-control
max-age=31536000
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
25896
x-amz-meta-git_commit
bde0e05
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 333A 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
437
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:51:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:51:21 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
node.php
node.setupad.com/node/ 		0
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://ezgif.com/

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-methods
GET, POST
access-control-allow-origin
*
date
Mon, 23 Dec 2024 20:58:53 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://ezgif.com/

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-methods
GET, POST
access-control-allow-origin
*
date
Mon, 23 Dec 2024 20:58:53 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://ezgif.com/

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-methods
GET, POST
access-control-allow-origin
*
date
Mon, 23 Dec 2024 20:58:53 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012410292120000/ Frame 896E 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"f2f37e2e78f77a16"
age
370671
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
56191
x-xss-protection
0
server
sffe
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 896E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"981e33f595c3ea40"
age
370676
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
5211
x-xss-protection
0
server
sffe
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 896E 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-analytics-0.1.mjs
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"5e018091947c60fe"
age
370676
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
29021
x-xss-protection
0
server
sffe
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 896E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-fit-text-0.1.mjs
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"deab494dea0d53b6"
age
370676
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
1906
x-xss-protection
0
server
sffe
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 896E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-form-0.1.mjs
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"f2575cb9f4cf0f6e"
age
370676
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
12953
x-xss-protection
0
server
sffe
css
fonts.googleapis.com/ Frame 896E 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f10.1e100.net
Software
ESF /
Resource Hash
7d219cea3316552d5927b5b7528f1192223374dd1b9dd58c48e5de057af6e3f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 20:58:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 23 Dec 2024 20:03:55 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
en_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 896E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en_bl.png
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
3004170791804808702
age
29031
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 12:54:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2980
x-xss-protection
0
date
Mon, 23 Dec 2024 12:54:56 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 896E 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
6766994032117382215
age
62569
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 03:35:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
344
x-xss-protection
0
date
Mon, 23 Dec 2024 03:35:58 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
/
www.googleadservices.com/pagead/ar-adview/ Frame 896E
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CCqWg_M5pZ76GOfm4juwPxfXV4A_o4Kmue5jKvvziEpTVhvG_JhABII3kvSlg-br0g5wQoAHM3pu4AcgBBuACAKgDAcgDCqoEhgJP0DrGzJn__KUdePqrtquZNnc1PnmfNAmGeqzWU8ob...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6514d7782eaef6f00000000000000000%22,%222%22:%220x8bfe544585f6be540000000000000000%22,%223%22:%220xdeb9a9...
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6514d7782eaef6f00000000000000000%22,%222%22:%220x8bfe544585f6be540000000000000000%22,%223%22:%220xdeb9a9dee0d1f00e0000000000000000%22,%224%22:%220x5e80a647d61898a10000000000000000%22,%225%22:%220x2b8e921c52d592a10000000000000000%22},%22debug_key%22:%2214512654000819361660%22,%22debug_reporting%22:true,%22destination%22:%22https://playbook.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22386330444%22],%2222%22:[%22true%22],%224%22:[%2212-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229847308329622052737%22}&andc=true
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:38 GMT
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x6514d7782eaef6f00000000000000000","2":"0x8bfe544585f6be540000000000000000","3":"0xdeb9a9dee0d1f00e0000000000000000","4":"0x5e80a647d61898a10000000000000000","5":"0x2b8e921c52d592a10000000000000000"},"debug_key":"14512654000819361660","debug_reporting":true,"destination":"https://playbook.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["386330444"],"22":["true"],"4":["12-23"],"6":["true"]},"priority":"500","source_event_id":"9847308329622052737"}
content-type
text/css; charset=UTF-8
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x6514d7782eaef6f00000000000000000","2":"0x8bfe544585f6be540000000000000000","3":"0xdeb9a9dee0d1f00e0000000000000000","4":"0x5e80a647d61898a10000000000000000","5":"0x2b8e921c52d592a10000000000000000"},"debug_key":"14512654000819361660","debug_reporting":true,"destination":"https://playbook.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["386330444"],"22":["true"],"4":["12-23"],"6":["true"]},"priority":"500","source_event_id":"9847308329622052737"}&andc=true
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:58:37 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
truncated
/ Frame 896E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca37167d58a2a54e37c1c5a97a2bc2ab7e66a823fc4df6c8afbc0828adb8fcc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 050A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsts3SONB2-iSeOI0cwqnq7rAofW-c5SnubXtZpBCPB-fo1RD1g9jrrLeeZmT05sUqPp4zzcbex-YKI85tUt9jI6phGyQ0cWCv5aU8KG9cRvuynJqMKtZ-h9gEYu1HzOpDkPk8SGt4xcITMD0ci1nzIYXhZIOuLGtFgCy59uVOSoaQaKebaS1knqiIvwh42qjhfeqHeVLD3epr79Fvp7OeH0bZ3tJonYq0OIgs2nwNLpvN2-7OVcwBKV9XWaSj0PmqrFhO6R19RtnhL_c4ZtV0f-WxgJjEfeZdBm8Ia8XM7OlYd2bUWDhgzz-AHneRGBPjNxuraHxKZb9cJpTIfDjnfcOWY9eb08EhcX1U0z3Sunx6xnEbumUN5xCHi5Svkf8eJbYKTm8S23nxEzveYFUdrtP7TYtwYL58S3KhCnyQxCFg&sai=AMfl-YREgNiALInHhPapOeXTzQ_7hsQuMIuaGWSZzGrRyHKfFUhTZk1wWivyH-EbQKgOAHKFl-gHQl5nrD-49tiEad-efH7VcpQLlc7Jxu5GYjKUr-qxqyzJ1OQAK9klrZWyN3w--U3FVkGsO7HZNhZzxluJPEYY8wN7J6aEn8q7ANox&sig=Cg0ArKJSzFOQ4LVZ-B8FEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:38 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:58:38 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 267C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJzDdBDknrPhGBjV4OWlAjAB&v=APEucNX69PGDge-XX9rfQee1vGDUEC0bGBzQ0sDMDzQUUbMdNzEPeiovg9rOZgooNkuag3QTJVUnCkyZYJjHbXaz8fKJ8j-VjO6Q0omkUrXpsu32QYRWHWE
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 20:58:38 GMT
expires
Mon, 23 Dec 2024 20:58:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 050A 		105 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
d22438a908fb754c1bd6e2f368e8f43bcc5092c126b5688d0cc14b0804727585
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
8686496304925888373
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:58:38 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
36916
x-xss-protection
0
server
cafe
tpd
cat.nl3.eu.criteo.com/ Frame 050A 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=uBbGlV9PWktPNm9JclR2T2VqN05mdyUyRlV2cVdlWXA3M2l2RHRNQ1JDalE4eVl4VEl1TjY4YmxRdzY5MkglMkJnS1FTRDFrUVk5UU1jJTJCZVk3bmVhS0xsNE9QUlZuazAwQmtRUm1sZEM1a0dpQ1hFR1lMV2w1ZmF3UDJ1YXNScWNpUVp3c3pUMVNuaGJvOGd6RTNldXBObmplWUdRcUoyM0hsJTJCUWxzOGcwN2NCZ1lpZzMyWTY2WHRnTWg2WXdzVGdkb2E5RmRubXpFSlZTak0lMkI3UEhBejkwNjRFMmlNUnZhQ2FhSlAlMkZRRDl5S254TGVpUXdnOTZrRXptU0UzUkpEckgzaU9BaSUyRmQ2RnA5ajklMkZZYkVpZjQ5d0klMkZ1akx5MUJ5eVNseU5BMDF3TVVnYlhkQTBQTlVWbnE0WVUlMkZvQyUyQkkyYW1BOVUlMkJXNzNVNzU4WG9VQjc4TVVnQU5DTzlrbm02NkExN0hTcCUyRldIcmZMZXFlVU03N2pMNVZDaHdXWnVLJTJGUFVrRG9VM3NCNWFzbG92OHQlMkY2dkFRU2ZKeHZINFQ1RE9oRThzV1hNWXRYeWQ4biUyRk95TTRPaFdTckdqM1hwRlNNSjl3dDN1JTJGVFVnUGsyYlRJUHE4elZVanFENVltTnZmUWg3QyUyRnBnQlRVcXJ6QWFUWE5VT3V1b3glMkJrV0ZEeW1BcjB4RndldXF5YkRmMzFTWHBwamRmSk9MZGlsRTZXSVk2Mmk4dEFJM1I1MklLeXUxUkp0MFR4SVRucXpPRGttYU1JSDU0QTdNaEtBeFFCZHg5NVNHOEUxNjNCQlBrY1VudjRkUlIySUNHaVN2R1I0YjM5eUMxYjlmemxybU5rQ2JzSmh3dFRNNiUyRlNidkZ0NUM2JTJCY2IlMkZ1enE2YkJ0bzd3JTNEJTNE
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
access-control-max-age
1000
cache-control
no-store
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
server-processing-duration-in-ticks
261261
access-control-allow-origin
*
date
Mon, 23 Dec 2024 20:58:37 GMT
content-type
image/gif
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
gen_204
pagead2.googlesyndication.com/pagead/ Frame 050A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BDG-Z7Cmi-tUIimUTdmuEnP0th3tXH7Iq-fJeqk7wmyU0-Vzn11iOyKYWYa-7iccl_KFtYWwyIfcwwi89JuycnDTaobbxCkAoSz6Zd1m3EDu9tzrw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Dec 2024 20:58:43 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sync
x.bidswitch.net/ Frame 050A
Redirect Chain
  • https://gce-nl-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=cbbbb635-edfc-4b36-9545-5925e7d49ec0&google_hm=Y2JiYmI2MzUtZWRmYy00YjM2LTk1NDUtNTkyNWU3ZDQ...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESED-h_E8_eS8k_5fsBQ603-Y&google_cver=1&ssp=themediagrid&bsw_param=cbbbb635-edfc-4b36-9545-5925e7d49ec0&gdpr_consent=&gdpr=
43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESED-h_E8_eS8k_5fsBQ603-Y&google_cver=1&ssp=themediagrid&bsw_param=cbbbb635-edfc-4b36-9545-5925e7d49ec0&gdpr_consent=&gdpr=
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Mon, 23 Dec 2024 20:58:44 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESED-h_E8_eS8k_5fsBQ603-Y&google_cver=1&ssp=themediagrid&bsw_param=cbbbb635-edfc-4b36-9545-5925e7d49ec0&gdpr_consent=&gdpr=
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
393
date
Mon, 23 Dec 2024 20:58:44 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
opdYGT8aJHgb9zC5fQAPEuhNaWtSKyj2K1qY0xgn4vnwrVUd4Mv
media.grid.bidswitch.net/imp/jPN7qLrkX6Zr2FICrqViNfzBdFomdjQe7ft66XD6Ukb7be9U4funLomkCvpLiZdeM86GpqV2we07L_3c9hPJWyEm0AyXyKCGy0MZ7AUKoWk_0e7Tygo8ciWYEvhFjKMugqT-bwgBaWKPUOTqkVRtGSxLmWnft6KOyJrCvszX... Frame 050A 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.grid.bidswitch.net/imp/jPN7qLrkX6Zr2FICrqViNfzBdFomdjQe7ft66XD6Ukb7be9U4funLomkCvpLiZdeM86GpqV2we07L_3c9hPJWyEm0AyXyKCGy0MZ7AUKoWk_0e7Tygo8ciWYEvhFjKMugqT-bwgBaWKPUOTqkVRtGSxLmWnft6KOyJrCvszXMw4x1D53Xgu-zmgYg_Sk-xLtOFXTPTeLeyuqEquTeIrzepTT59b9GGng3Q9T_B6CjlHYigYmdOl0kLdN8uiio6ourykz4wyojK-AsZh2Zjrr9Xx24UUex2hqkzVlsW-fMPoKzjWVzzs-YrsFYeI98sdhzQo0UjZLD8DstjULjihDBAT87H1hhQaNeM2AGuvW21mN5zOSnCOrVemNCsafeQ7rt-4XAJio6KY-VuNk1sWhVntBkg4_WW_eVF1o36w_aKAwWkbc3poAaJYtxKc/https_A_B_Bghent-gce-nl.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCsqhQ-85pZ7ziM4n1x____AP3IWr0Qug66vwe9jexefbE2QQASCD____eYfYPm69IOcEKABvN____1-D3IAQKoAwHIA5kEqgTfAU____QPiJX____tEpXynsXIgazpKsYRFCZajfa26KMLyou4fDs1vVpSwWAOmyRyAh56daEjKlNq77UTEt9uykYQk2l7VpqGkDzpzt1oCs80klb6Flci1Cs3QWTa____PiXzUyJM3DuEb____rRL18kGt24PsiZzv6HKJctuLe1CRne9sM3UFLjPj90wi47Nw-weaws7btoymSr____kjvBdr1FAHPh30PpWhSdyVaxUaUfTeoEVITMjwf____mXil5H2PDNmBMtCdbx0ks3ZpKMhV9jqoMQEHnqsv6F2gMnLMWmNQtgGFJqvEXNHABJSZp____7oBOAEA4gF86aM50-SBQsIIhABGAFIjtG0ApIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGAoAHvJfG2BioB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcKEPXTDBjV4OWlAtIIJgiAYRABGF8yAooCOguAQIDAgICAoKiAAki9____cE6WIGlyZTkvooD8ggaYmlkZGVyLXRoZW1lZGlhZ3JpZF9hYmU0MTCACgTICwHaDBEKCxDAjZzOvuOKs94BEgIBA7ATmpfRGsgTwcqK5QPQEwDYEwrYFAHQFQGAFwGyFwoKBggAEgAYABgC6BcBshgJEgKtURgCIgEA__Jsigh__R9Vkk-98vWAo__Juach____m__R__U5BUACH__U5D__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSSQCa7L7dD8BCECpmYVvHOnh4SkWGDXl7jLwxlr5n3B5UXYucQs6h8lswZTPlxdMgFKp1QdzXlTHXyh8djKvHygr6ezbfOOTVEsUYAQ_B7pJs7hz4b3qxPZ4rH-0DeLpPVMdY7rbd8xmKAHCeHJsMQpLcBU44__HaELvCTOMNsHR9NPh6ej0X9UoW7qHTw6ENOB1__eer4K3zuEm4kVEtfvGpT__Wb__JP7KkWz6UkoASpl9Cpj6vywaJEgXZo-lbWpRHnzqbiAK0BH9i5mmXyJjTFc3kypmT0p-OdeMAj5gGclItG0mbEGOrr__scnEU7__nqWd-rCjday5BRmBT6RXhC__uPSvfE9KMXrxOazKSK6HQMMHv4EVHPwaJwqb9im8lTDITkKCnAESDqEDiMxIx2J5QXvFjS5NqTwqMZ4WoktUHfJPseCNZnglOhFsaDIXsgBiFhcVfbrqWzWiOFJGBXBuGe-IdeJH__Z2R2KtKq-mL30oNWx0yrhnHh9EsuSej8K-2MvcBBxmVU7tPFppFPxNCCtYyfWsYJuQhfWTbEyc1tLPuG08NFwh3cyzfwHHBFYZ5bb__reqiPFESlsTz1GS6qvqOX809xkLg129__clpofjkh__TwGLyncl5dP5HqjnMLZ4uTR6RDS9JpTRj9sHZYnQ2W8b5P5sCwNvoaDN2-kFdDD-0USc3cd7WiF16Qeh2SWoxPpK7fCKUDNvG-uGYMzoQ8chaI2CQFAQAfoggps03UBAaCd6Fgo7z5EjHLXRP-PGOXPFjjZQPO7uEfpvp0SKlFhmpKDQlXYxCMR0wnR5D9CW0pSbqfukYNlPqlFrCzL4zjjmPzDb9a__5r__66m7fHDtsst4OPVzzWIm-AbpQKVnGsTjHIGGM9XFU3ItdBztbz7omFnaWsDU-JivN1MvXts2VZSQS8sZiuYAS63l6klyX68EE3wMvh5QfTVmmz5R00__lNBfFDLPuNEP0ipYuCoxPPhla__f4aK0BLpEEpEPSQv2oKA9L3x6V1lo4XrhWOSiUPamPDAX2UYIVFJiatzyzWLBcDIOQ2ZChSb5vtnRkn5lo7bk8PSCbFEvb0Z9PlPtxeYbPEhGrmLNKXX4BvKafFPMo8VaQNXHZRpIWpJ7gF2erc__B7C8h0EhKjGXHUteowzoF5EE5ZF4NkVmIIuFpTMs2qk0-WzVRHRKpRxM08jFwevYVSrGs4x867__2nFlRMUYfUOJf6PshKAeXu9My8vAPbJUvJa8KEqMKvmEZscONhKJRwL7Y32Z4E9oKsDtScvAGwUkut4cbby80BVWUBntMC8vQ__tVIE2SgsZmvnrjqI9Q1JFvXwykFW9yN__YB1-9ZcdaTvio3C128YYw55PInSImAV-Xg_B/opdYGT8aJHgb9zC5fQAPEuhNaWtSKyj2K1qY0xgn4vnwrVUd4Mv
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.214.200.194 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
194.200.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
43
Date
Mon, 23 Dec 2024 20:58:49 GMT
Content-Type
image/gif
Server
nginx
Connection
keep-alive
cookie-overlap
grid-mercury.criteo.com/notifications/ Frame 050A 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=ezgif.com&bid_id=2-18aa3a78-b108-4b33-98e8-fd51a2106adb&ads_txt_id=A6ODQF&has_bsw_id=0&bid_price_usd=0.130599
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.59 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
date
Mon, 23 Dec 2024 20:58:44 GMT
server
Kestrel
cross-origin-resource-policy
cross-origin
view
securepubads.g.doubleclick.net/pcs/ Frame 333A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxt_Z3NyC69rrPh19XDIcLF9GX0f1AkUt8zDkY5G9i9zGaqhePIC9epyUyEDlUu5zmF2u9WDQRFpNG8u67SpWyyow28jaVQaAG6FdmFiWcAqWbErls14WW3d1S0ZCe_RE2Klli_3twSFLbmzJpizSNoY3u0wqwwjXxK2numxFNAvz1xlV0ASOJWihatNvDw_TJxS5k10hZ9pgKmtvbS0ivuwjTDCK1sKz2lxh31Q2Z9ulZ3n6RX4qQ4wOsOG1fiG_vxQnI_6WDjOpmsvOzf__siSY1jg4FXXRd_n85jQdaHXa3QHsK6s24aOr5ODTydY3cIyDmmz5zdk4wzWqZrYvdYOuEkthLnYGI0C8BxNwsV7n3fHzzhp1cmJ21yU70dxRA0N5iuxwrpTaClAIE8XP7XuMejuAHSvthXEuION79ACg&sai=AMfl-YQJau2s4v2tkYXZGEeTlN42tqp_GVNEEd_66KsgRMtm8NhSRsGkSt7_1pWH6_2UWI99xgHN5rW-8zOAoVsRyyzeKQGAiBuMb4_NV8UsBHapxkaYJFNYJT8d2ktdbEu-8vb2GyGiO7s7StTmLT2J6GsdtKClTHz5aWiql2htcsiy&sig=Cg0ArKJSzGYgzWFUzdz_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:38 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:58:38 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 17E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJzDdBDknrPhGBifxeWlAjAB&v=APEucNWQdQlJJCXPVBb8oyIRfq9knxAeFdnB5Qvzetr2sPjHoJbQpCxXc2qukbvEGI1fk-O3MYFsUl-kM-niOhi-KuorPNIfd5suZlJKymJtJgo-midqPpk
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 20:58:38 GMT
expires
Mon, 23 Dec 2024 20:58:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 492C 		105 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
d22438a908fb754c1bd6e2f368e8f43bcc5092c126b5688d0cc14b0804727585
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
8686496304925888373
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:58:38 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
36916
x-xss-protection
0
server
cafe
adview
adx.g.doubleclick.net/pagead/ Frame 492C
Redirect Chain
  • https://ghent-gce-nl.bidswitch.net/imp/0.208/BSWhttps_A_B_Badx.g.doubleclick.net_Bpagead_Badview_Cai_RC0Y7X-85pZ8GEM62RjuwPo__KbMaDrq__B74OfF59sTZBABIIP95h9g-br0g5wQoAG83__X4PcgBAqgDAcgDmQSqBN8BT9B...
  • https://adx.g.doubleclick.net/pagead/adview?ai=C0Y7X-85pZ8GEM62RjuwPo_KbMaDrq_B74OfF59sTZBABIIP95h9g-br0g5wQoAG83_X4PcgBAqgDAcgDmQSqBN8BT9Bp9ZKUpZasQizEqDfMfmFMUynWKMf6fAaGoqcJfFQLV13EZ52kFqs7evONk...
0
0
sync
gce-nl-sync.bidswitch.net/ Frame 492C 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gce-nl-sync.bidswitch.net/sync?ssp=medianet&dsp_id=16&imp=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Mon, 23 Dec 2024 20:58:41 GMT
content-type
image/gif
medianet_bid
ghent-gce-nl.bidswitch.net/win_notice/ Frame 492C 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ghent-gce-nl.bidswitch.net/win_notice/medianet_bid?rid=wI41R6DUfadA3Fe3cWkeeQd3Y9PYMes3QgW5o0CTR52G7iMXZqglTkBsAYeULQDvoHvKDXtrxKKImUX2fyDgonhR_fK32bj3AIMOKddfT5_ug_Nu-1ssGXtkx9sGSc79MFk_liU383COsPV3-zalEIxb3qj8y_YmNHwEmhhcuczavQMqW4i7We21E0IlxceZvRWTlvFJl7jsf7_JEt7ge3i1d0mTiLQ8BiZwEMfY4GjCtwb356DjZeW5qTEQXMcm95MrfOLZ0FU2EaTj0x0aZXHPbY7aVOkSnub7dyV4c9yVOEo0Zxxi5xbucFASGSjt96d7OLIsrOgEqmtzEwDL2fXu4p1iEYkGXTafnps6OHvKvjYK8-ngyWabLcPT5kkraQB0djI7rO2JVhvqeb22WMKLqo6PTK2uIF6gtEMs3zhtAibjbACBG7WniBadhzsjbxJMjQJT12QYIcI2y6UTDAtsfJGRwQL5MQSS5dpYbuiJPDSz1YB5X_x8D00xvUQ-sToffBR8KBgJ7r-8UGXZUlLWYgjDxu_8n9YILSigD3wc0ZmE4Bg6NMqYOCEP4Gga6qGg3giMfWiJODRDPdEGRUkKRIlJuf8WRxtOGLM0cvTrQsPZoAoCSsEedKakZkeWWPT_Fl4PBPa3Mrc9w_m04B_Gl0kI0M0YNBCOJHHRpJCYzdh3BdQbElBSZRUYT4m3J6M4tVR_2EA_JaiGW4gJTl4zJpZrSXjLejk_9xUgs_bL2ppiVRMWoM4-eL5y9UOooju4pMZzl8EP1oQWsYlGYx0xMKt4xzIUO-3IOVr1BCyQd3mfH__dlYR-9EtPHgFp48lBvewmLtRR6mL8Ep9mGtls_i1m7B1YulsZL50c9cmtqH8qImBG4jl0COldIbKWCOL7gTtucHHE_vnL1A3fsBIvJv9TeQmcubaBPMG9a2VqLq3Chb8-ezsGIIruXIfUZ_eXvgdKeS1f3hpYzToPBz6ivFoVc5mqjYppMtwxkq6xVVLatteSsW9-PLER2deu93H0w-phqKulPw-Cb2BQ-7zIg_qMaH6y3w9vL4Tz_chkfRBy_0sMx4kjamEt8KFzcaxgT9wtM0lvL_uZaBqgIgC5ZCZ_qICydR_yQwMr0NiIyN9YXKHtqUDan2eoZXPEepJRaqr208jUVJEZsdFFeupfEFLSsBjiWLTUSvC5jennYbUz5mjfa-zbZN9JwYLQ7j0K-ovbb7ulY6cvwsgkyhSjEUoQgF_Q3FY_PjPt9we6ytR5vEq7FlMW36g4oftfx3oAgQM35-kZYcUmcgQHaxqE57iTCKzr--frmJsgvvTVss0FcV4C0ucug7JNZtHH5Gr1fl4zGXJOkWQskrHj0vfMQPW9qLMnbGkxGvUIhtfsroMOzdgM9jTJuwA86BXV3C8Kz8z0tsglj2RC9cXSjvVkPmFosCJr9pWlolfyT_MJxJHGp5kp8OJoxa__NjjlM1xZyv2GLlXdeDQco-oeuVvw93Paa6DbLBQhy90fP4c9zprDQ53lL89d69QB1ckvXVGkvVgweplG2qQMYQF3GzPDAdnDcQn4aeuwWloBzfFkfz9miuOvqcEQVx92cjGDxhmmPDEyuq7HfyKm9tqtaUVfHRr0yJMLEpW6LXivBJKTZ4ue0sn3iJ_QuY6bCNABKhvtPYzaMJjD_S4WZA2-HwTSYLZ2sv5pl6ESUyi33jZ_4uI74pVhUDxxex9O67-hqwqOijcs-cPs4D8HTQ1HaFB-o-nLtgwd2-2NbypwScnYNpnhp7eHFjY-Dr3Xzz1yjoCnYxBzBr_xVeUMPcqUg4nYD9VC30PZhrRMNOXq4dWbmu7U_BHcrfOtTD74TZ88GiVrECY4rjTTqIM8olV0PvOUi2C7WCgcqqp7GUI3Wx2bC8u18FemBp3fDeN50knRYTUGHF49HQ_COwYxn1VH_vJ06xk6FehbSm52Ksrk4jwreUAz91jt56n8N-o9Gn-NRrUNMUStZXbkz0vSS6DECI9B2mioHLGJNBRoM-_r9ycJYU44aqQVJpajo05T8EezwaDUuY9oiH107Q-Edj-42IjJsZkeaiWPd5I6wcWz93m65rmhtoTtaNXmlQKLZSjCleaknn55AYXEPbAswJoq_LKEPPyDBZ6ssFg8cWDQaSn0MydLqo7kiJDP1DR1ERpgj8TkASU4WFbbEpfQtIJ1mnDIUOEd_IKNaXPpDf35pFOJF2uG_QqHll375Y6FRX_Fpx074VmVFzJRaK-pKx94wJ1aUouXrZuWPIehGRtVDdC5nyBKQE6kQ2scD7gcLhfOvZfnEknvJHj7i5voOzPZkt-b5PfPlDFz5gttQMOErJmSfEHzcaGDab0CWFvVwVxKdoBSy96S0UJWGlI366cyr4J9mPYdOBHCOSOHka59coQSbX99bqu4yQUZ75fN0FPdmwqXYVQuCu3Gn90JHpssO9nE4a2MLnaJsmvEFDbqgmpdRg4olpsnCXRYBGh9qwEo3xNe93D4JHDNxylQo1aFl0btE0lvzpKD82AOgnVLCu1kPHxmQP9EXsCVd-fgD-I5PrF4Wl_qGxGKeubov0vhmD3RcEHjqCwsgzMTaQ-PDqX-Bp7viQIPZE5FB5nNIImvrg5VWaljSWGPHykuBbopH7RgFigEv6dJcqwlRMwbpXY_3Yh_11RQ1S1AYHwTQv3xMvppXJg3kgnfoM2Kft8_CAFm1IRA7pCKdX9lgeGCVMCFmoWOn0OA3aws5xIcb4Lp5St6l3UQdYzr0echksjPj3elYH2H4K3QraGZYtyGGIdnRr39UvprZHI9wnojdIX1QYv72TsMOEEmM7ONKCV_BTydQP3JpkBdZr80J61K8cyGBB8VQ7G7fogldCrcR25_VnIgR3D6_5gAWt3NxeXky2wyTY69IweS9ZIdWVU6AR8Dmx6QLP5k7irJ2DqwtEl_u8GdfgPqIb8gHxC2SE-EhlO-vfFEC9iuAKnX26Coxk_Y351QjDSm2ijfDRqk5DsPmEUugRvjvtHBgyLtZIZwbxXAFu3rh7t758MQouSBSgeetyFCY2IomH5oQ4_vvdIaIR1wc6LM4ieCbKnFWi2KJlGmmV8bw081BO_kVHu4b7Lmf5zHAR43jol15qcFbhCtdzDS-YpbptTmRmDlCPjAB7LLBnjKWRKcvs9OzNJeh71fsf6QQ-Yu38JI2kxGS6bl0EaIS0Ktm03LHcoS9_dCCEOXV0WX9ie3ZQbgpKk1fMSNLLMK2tMG9geMatcgsWamT1lu-02jGz2pg-yEh6cbiVrx596FUIMYRo-hlcYlGxHlPfi3cyId1qihj7o5PodNGGKDr-kQfgtBjevLA-MOieYJfYXb9s9KRgH_D8jpeLx5GISy9xuIpE_f-qzixcTApZ2J_owlMXMvjHBEIbuxUaKcjiltpFTg4u9iJSbZEgPTNPbh6gwqFTrP1AmOFvh4tYDF08L7bzzwFys5KRSINevB8KXvTZOMyx5lz-yM5yu_tL6Xy-PQF5OxqXUpX4QC7yFFIFaXbJuHYCH5O0ATY1UkQSrmzs2nqLLqofTMsqSLeSpR2ya7BswEPbCBYHUqAphLquLnjqB-DmdYZsfCr5dWvOUk2YpQw_NXtQHW0GrNCZQkSgKS9JR7eu0bohZcrGzKx5IFUPZGxwEBC90eU6skT8UUz7M5VJCsov73Be8Zzneg3iRZXKOeV7OAqN7cxIirp7Z2qxmgcw8mWl-cYxuWebL9bMc-4uMAJWVgHnfy_GBzdVRqZNe36-xiRW-Y0HZdmMCGVk_jsflVzOXg4S3eajsbfQHePkByiEqLgChmEQajW5pov73upVf-m6RDfiZJuNS6LCvPnDRjDsLF_peL7VEHIScrOaEiR3rggCBr80Gx78aJJbpDs1EVkBmQ4rngj5lU-seB3hmxqfMumjboKVW5HTr0s6dUBMpAHd-_N1rqnpSxov9S0vuw_V18ClXG_9D9PezTXmYcpqk6EQOUhxEOAlZZn8bOLOxF-KXWnbU2YikIXzeAs2iPPcIh8pTCAARZU1b29htyL4ULRgGxsCybb36sgnmduWDStHgtoVBTtHDnc6GAzQr-IDfxVG5C8ABBb98AihmF8u7qYm5wYawjmA82ehWfl82AjCBc0JUBTgnT6SlrYvsOJnHpOTi-wQZVIcNydKftNttLnKBHoqSR_PZPN9HEmwsuXZ5g_MUtJ0FjoRmRgMDhgMjGBOJih3Qg0iqpgoOui7SbsG60RpitE8v-9jsU4ANxnnIR8LB5zQ2Kx6hk_zB7cbVWxvlBSlq3CgAMBreXuTyO9Ptqh3jDku58UBHxn4T1qSiz5w1eu2TrDPZO_fHGUGnB3Mt07FqBCRnXabjk-FJtIPxHLJROHx_GXMkcap9rvRxjN3V-wULgcGcoTx5nVxxJMzgjbxevsyL1Go84ecd-405VTP4JNO8L_mav5_mJJy1RapuHcJfLoUwuaa-6pjtKprFGK8UJEMqHNnOK--9yAes0BAEgHSEb4GIv-k_C_ef6qCN5kf74scAgqw5Ntu5Keeb1L2TfgWGRf4bNHRPVgag4tnD5ROuhh-n-9bunc0kqP6JSpEUUnZIG41bl4ZJ7S-r2YIbcnSidcVwzBJ8WgW3sbHBwiVaM1kPRZZmSmjWQWiE3x4NsiYsCRTZIMiMDFGpfpI81jjJUXyz66JeHyWBRbjKt5uqPf3ruoC0th6qO_6OJWCnAERcUZ9EXKnwcdTTB9lJw3s5v8C4l7ciHRnBKPdebn5YaUdvvGs6iuvGymfjGCDwkvhxj6mfmIbwZCpoovg-m-qgTKmkN5fSbNKy_C4Kq_uPd8hgEEjTdqe3UIEIkpHj_odoU0T0pGCFKr6nwMEWh13ioDf_JFZ_B&p=0.208&aid=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.214.230.116 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
116.230.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

Content-Length
43
Date
Mon, 23 Dec 2024 20:58:44 GMT
Content-Type
image/gif
Server
nginx
Connection
keep-alive
log
qsearch-a.akamaihd.net/ Frame 492C 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=e8e09aa8ab1c36bf9e4936451cdb0575&algo=unicorn2&bdp=0.1851&bidfp=0.0000&capd=0&cc=IL&cid=8CUAMBU35&crid=972237679&ct=tel%20aviv&dc=eu_be&dfpbd=0.170310&dn=ezgif.com&iwb=1&ogcbdp=0.166608&other_bids=0.166608&other_prv=203&pbshr=90.0000&prdp=0.1703&requrl=ezgif.com%2F&sat=0&sc=TA&sc_pvid=203&server=1&size=300x600&strg=unicorn2_b&totalTime=4610469&ugd=4&ver=10.0.3&cliIP=532368911&time_stamp=2024-12-23%2020%3A58%3A35&seat=16&itype=prebid&req_id=e9e8114c-9f86-4c7f-b76f-6662dc9032ab&dim4=exploration&dfp_bucket=0.1&level_base=0&bdp_bucket=0.2&app_type=prod&br_id=265&o_id=25&ua=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F131.0.0.0%20Safari%2F537.36&br_ver=131.0.0.0&second_bid=0.0&second_bidder=%2A&model_key=3_pbd_rest_pvid_203_cbm&ogerpm=0.000000&rawbid=0.2080&totalTimeBucket=4&as_cache=0&current_day=1&current_hour=20&cut=8&floor_bucket=0.00&model_version=202412230837_3_pbd_rest_pvid_203_cbm&erpm_bucket=0.00&mul_ratio=0.0000&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.7000&stid=ezgif_com_300x600_2&pvid_seat=203_16&ckfl=0&mnckfl=0&sd=-1&predicted_wr=22.79&bdp_wider_bucket=1&splid=ezgif_com_300x600_2&dim9=dmm-n2-8-7df7b6f584-nmlmv&dim10=false&dmm_m9=0.0000&dmm_m10=2430405&log_less=false&cut_bkt=10&advurl=c-up.co.il%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=3&clisp=rtb-common-7fd6984b7-jq6nv.BE&dmm_m1=2024-12-23%2020%3A58%3A35.924147393&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=1600x1200&ss_d1=1600&ss_d2=1200&dmm_m22=0.0000&adtyp=0&gpid_sent=false&pst=EMS&bcrid=16243_16_616129183&buyer_id=21422609267&pvag_id=1909148&erpm_mult=1.000000&zone=b&rc=0&sfm_key=3_203&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=3&wsip=mowx-7bfbb999c6-6pkkm&rel_cut_bkt=10&optimal_cut=0.0&cut_cluster=0.0&bro_isapp=false&bro_iswebview=false&bro_cookie_support=false&devmodel=Chrome%20-%20Linux&zip=65787%2005&szs=300x600%7C300x300%7C300x250%7C160x600%7C120x600%7C240x400%7C300x600%7C300x300%7C300x250%7C160x600%7C120x600%7C240x400&win_rate_wt=1.0&margin_wt=0.5&dmm_co=def&ecp_dn_group=v2_v2&bid_uuid=beeb51364f9a53f968fa58af9b91cd88&fleet=common&commit_id=2d6f2d99&itype_override=PREBID&ip_src=1&trace_id=8b18477f27d24d15d23aac328b124494&trace_sampled=false&pcrid=16_16_616129183&pv_adtype=0&usp_enf=1&isapp=0&act=headerBid&mnvw=1.0&ushr=-1.0&shr=0.1&uhr=-1.0&twr=0.0&pxtype=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.20.245.134 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-134.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Mon, 23 Dec 2024 20:58:46 GMT
Access-Control-Allow-Origin
*
Content-Length
35
Date
Mon, 23 Dec 2024 20:58:46 GMT
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 492C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dwhp4t6JQjsxyvtYSUW3PQ0rAODjhSAfPLokgUpHOh8Zu12PPpP3tdR-Ic5KPEG_gP0IfKHSybQ88sAQMG4uQcmcDsWHJYIFPtj0UDGXeK5KHJMPY
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Dec 2024 20:58:44 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
release-20241026-168-adperformance.js
warp.media.net/rtb/resources/ Frame 333A 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20241026-168-adperformance.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

x-goog-metageneration
1
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-encoding
gzip
etag
"821663833b8f83b3092ebbca9ed4a6f2"
x-goog-stored-content-encoding
identity
expires
Mon, 23 Dec 2024 21:58:39 GMT
x-goog-stored-content-length
73074
date
Mon, 23 Dec 2024 20:58:39 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3rd7AvXGFRBASnYfU_daW7dnRswW_lHP4y2XOFWLnQUiWEG6zIJ4QjWQHoX9SWnRuKolc
strict-transport-security
max-age=604800
cache-control
max-age=3600
x-goog-storage-class
STANDARD
x-goog-generation
1729939849468787
content-length
25080
server
UploadServer
log
hblg.media.net/ Frame 333A 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AbQEOwKELAQCEAABAIAAAgAAAAAAAAEABgAAQIABAAgAINCYCXACUDU4MTM2MDg5Nzc2ODI2XzI4MzA2NjEwNF85NzIyMzc2NzkyMDMxXzBAZThlMDlhYThhYjFjMzZiZjllNDkzNjQ1MWNkYjA1NzUA3q2ZnweWAzm0yHa-n8o_Imh0dHBzOi8vZXpnaWYuY29tBElMEmV6Z2lmLmNvbRI4Q1VBTUJVMzUIDjMwMHg2MDAQMC4xNzAzMTAUYy11cC5jby5pbApldV9iZR4xNl8xNl82MTYxMjkxODMMUFJFQklEBmFkbQAAAAAAAIBRQISghNX-ZAIxAAAAAAAA8L86cnRiLWNvbW1vbi03ZmQ2OTg0YjctanE2bnYuQkUCEDJkNmYyZDk5AmICDGNvbW1vbiQxNjI0M18xNl82MTYxMjkxODNAYmVlYjUxMzY0ZjlhNTNmOTY4ZmE1OGFmOWI5MWNkODgCAgACAQACMQQxNg&cpr=0.6389528306556689
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
expires
Mon, 23 Dec 2024 20:58:45 GMT
access-control-allow-origin
*
content-length
35
date
Mon, 23 Dec 2024 20:58:45 GMT
content-type
image/gif
clog
hblg.media.net/ Frame 492C 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awelog&pixel_len_bucket=3763&__q=AcgO_wOP_AycsAi5CbBBwSUIw7EITKFEEAt8lCDA44EEAHgsGJwIkAEgAQA0_IAgmF2ASSoAeGO1wGYQgmrQeAcADBIAmAHCAk8CAKgCAAAAAAAAIOACgQCAAdigDpGBIBxwAIAkFgMM6kcGymAPOEu3DupoInkEUDU4MTM2MDg5Nzc2ODI2XzI4MzA2NjEwNF85NzIyMzc2NzkyMDMxXzBAZThlMDlhYThhYjFjMzZiZjllNDkzNjQ1MWNkYjA1NzVIZTllODExNGMtOWY4Ni00YzdmLWI3NmYtNjY2MmRjOTAzMmFiAN6tmZ8HlgNS8uocA7LHPwAAAAAAACZAAAAAAAAAJEA5tMh2vp_KP8P1KFyPwsU_4AEiaHR0cHM6Ly9lemdpZi5jb20ABElMEmV6Z2lmLmNvbRI4Q1VBTUJVMzUSaGVhZGVyQmlkCAEmZXpnaWZfY29tXzMwMHg2MDBfMg4zMDB4NjAwBDE2EjhDVUFNQlUzNQISaGVhZGVyQmlkEDAuMTcwMzEwAk8SOTcyMjM3Njc5FjIxNDIyNjA5MjY3FGMtdXAuY28uaWwIOTUuMAAAAAAAAACAVEAKZXVfYmUKSUFCMTcAAAAAAAAAABR1bmljb3JuMl9iHDB8MHxueGJsb2NrPS0xhAJodHRwOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L2RibS9hZD9kYm1fcD1BS0FtZi1DQXJ1ek5fWUl2ekdBcF9RUlVCN1ROeW5jdVdQZVhZdWQ5VkZOeDhPLXQ3dkVtLUR5U0pUd1JqTU1YMEd2MG5iX3Y5em1rJmNyeT0xKm1vd3gtN2JmYmI5OTljNi02cGtrbR4xNl8xNl82MTYxMjkxODMCMAQ0MwQyMwxQUkVCSUQAJjIwMjQtMTItMjMgMjA6NTg6MzUABFRBEHRlbCBhdml2GjE3MzQ5OTExMTYxNzkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABhI4UFJMNEU3TjMmZXpnaWZfY29tXzMwMHg2MDBfMvQBYmxvY2tfdmVuZG9yX21ldHJpYz0xfHNzUHJvZmlsZT0wfHNmbD1mYWxzZXxlYnY9MXxzc0J1Y2tldD0wfGJmbD0tMTAwfHNjaD0xfGJzd19jd19zbXBsPTF8Zmxfcmw9MXxkYnI9MXxzZmw9ZmFsc2V8YmZsPS0xMDAABjEwMwIxBmFkbQQxNgIAAAAAAAAAgFFAAAIwAjACMAIwAB45OTRlN2RhYzBiZGVlYTkAEjE2MDB4MTIwMISghNX-ZAIxAAAAAAAA8L8QMC4xNjY2MDgmZXpnaWZfY29tXzMwMHg2MDBfMgwxMzY3ODcAAjACMAIwOnJ0Yi1jb21tb24tN2ZkNjk4NGI3LWpxNm52LkJFBgAGAAAUdW5pY29ybjJfYiQxNjI0M18xNl82MTYxMjkxODNIZThlMDlhYThhYjFjMzZiZjllNDkzNjQ1MWNkYjA1NzVfMS0zAAIxAjACMQAEdjQAAjACMQACABJlemdpZi5jb200____A1iuAvQDkgauB7IHxAXeBowH9AX2BeQGlgKUAZgBIMQCygLwBr4EkAPcBd4F3gTkBNoGAAAADjE5MDkxNDgAMkxvZ2ljU2VydmUgSW5kaWEgSU5SIERDTVAAGnB1Yi04Q1VBTUJVMzXYBwAgUFJFQklELThDVUFNQlUzNRpwdWItOENVQU1CVTM1Ck4xMjB4NjAwfDE2MHg2MDB8MzAweDI1MHwzMDB4MzAwfDMwMHg2MDACAAJOAk4AAAAAABpUZWwgQXZpdi1ZYWZv-gG4F8wIvgEzMDB4NjAwfDMwMHgzMDB8MzAweDI1MHwxNjB4NjAwfDEyMHg2MDB8MjQweDQwMHwzMDB4NjAwfDMwMHgzMDB8MzAweDI1MHwxNjB4NjAwfDEyMHg2MDB8MjQweDQwMAACAQxwdWJjaWQCAQxwdWJjaWQBBlVTRAAAAAAAAPA_AAxwdWJjaWQEAAAAAAAA8L8ABkFQSRAyZDZmMmQ5OSYyMDI0LTEyLTIzIDAwOjAwOjAwAkhlOWU4MTE0Yy05Zjg2LTRjN2YtYjc2Zi02NjYyZGM5MDMyYWIAJmV6Z2lmX2NvbV8zMDB4NjAwXzISOENVQU1CVTM1ABI4Q1VBTUJVMzUCTgIBAAAAMGdlbi12Ymx0X3ByZWJpZF90ZXN0XzJfMEYyMDI0MDkyNTA4NDBfZ2VuLXZibHRfcHJlYmlkX3Rlc3RfMiZnZW4tdmJsdF9wcmViaWRfYWxsjAEkTUVESUEuTkVUIEVYQ0hBTkdFAQIAAjIMY29tbW9uAEgwZjIxNjFlMy1mZDgwLTRlMDUtYWZlMS0yYWMyNWEzNDEzZTcAAAAAAAAAAAAOMDAwMTAwMAJiABQ5MjEwNmQ1ODJhBDE2Ejk3MjIzNzY3OQRJTAAEMjMABjEuMQIAAgAAAAAAAAAAAAEBAgEWcHViY2lkI0VJRFMAATRnLWV1dzFiLWVudm95LXJ0Yi1jb21tb24tOQAELTIKWzIwM11S8uocA7LHP-lDF9S3zMU_AAAs__8_LE5lZENrZmxXaXRoRGF0YTpMZXNCbGs0bG9zc19ub3RpZmljYXRpb25fZXhwOnRydWUYQkZfc3RvcmU6R0NTSlByb2ZpbGVVcGdyYWRhdGlvbk5ldzpDVVJSRU5UX1BST0ZJTEUgVmlkVGhydGw6REVGQVVMVBBxcHNCa3Q6MRptdWx0aS1zYzpjdHJsDmJzVEU6YzEOc3NjRE46MApzY3Q6MBpwcmVfZmx0cjp0cnVlFG9wUHJvZmw6LTE-VFREVW5jb29raWVkVHJhZmZpYzpyZXFfcGVyX3RhZxxhdmdxcHM6REVGQVVMVApQUkQ6MU5EViAzNjAgVmlkZW8gVGhyb3R0bGluZyBtYXJraW5nOnBhc3Nfb24QcHZfZ3JwOjAkY3JpdGVvX2R1cDppbnZfZHVwEnB2X2dycDI6MQphaXI6MTZBc3NldFVybFRpbWVvdXRUZXN0OmNvbnRyb2wyQWRDb2RlQXBpVGltZW91dFRlc3Q6dGVzdEBiZWViNTEzNjRmOWE1M2Y5NjhmYTU4YWY5YjkxY2Q4OAIwEmV6Z2lmLmNvbQhodHRwAAgAAARWMRJOT1RfQkxPQ0ssRVhUUkVNRUxZX0NPTlNFUlZBVElWRQMaTk9UX0RVUExJQ0FURTBJTlZFTlRPUllfQ0xBU1NJRklDQVRJT04MUFJFQklEBAAAAAAAAAAACAAEAAIGBgACEHNjX2JpZG1sJ_dr59FOLEAIc2NfMw5BVkdfQ1BNAAAAAAAAAAAAAAAAAAAAAKA4AAECBDM1AgIAHm1hcmtlZF9zdHJhdGVneQABEDY1Nzg3IDA1AQAAHE5PVF9BUFBMSUNBQkxFAEA4YjE4NDc3ZjI3ZDI0ZDE1ZDIzYWFjMzI4YjEyNDQ5NAAWc2V0dXBhZC5jb23MCAIAAAAACA8IZ3ppcA5kZWZsYXRlBGJyCHpzdGQKZXVfYmUAAiZTU1Q6Q3BtOjI6c2NfbW46TU5CAAAAAAAA8D8AIk1BUktfTk9UX1JFRElSRUNUAgIBDHNzdDplYwAADmRlZmF1bHQWZHVwbGljYXRpb24GMTU4CHNjXzMIc2NfMwAA&utime=2059&sf=0&cpr=0.10831396125293691&audit_scanning=0.17&audit_cur=${AUCTION_CURRENCY}
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
expires
Mon, 23 Dec 2024 20:58:45 GMT
access-control-allow-origin
*
content-length
35
date
Mon, 23 Dec 2024 20:58:45 GMT
content-type
image/gif
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=e9e8114c-9f86-4c7f-b76f-6662dc9032ab&cid=8CUAMBU35&crid=972237679&adunit_count=1&dn=ezgif.com&requrl=https://ezgif.com/&istop=true&event=client_bid_won&value=0.1636&rd=
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.20.245.134 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-134.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Mon, 23 Dec 2024 20:58:46 GMT
Access-Control-Allow-Origin
*
Content-Length
35
Date
Mon, 23 Dec 2024 20:58:46 GMT
Content-Type
image/gif
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F26521%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D985fdec6-87f4-4ae8-835e-a8062876f96c%26bidder...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F26521%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D0%2526gpp_sid%253D%2526us_privacy%253D%2526A%2...
  • https://prebid.a-mo.net/cchain/0/26521?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=985fdec6-87f4-4ae8-835e-a8062876f96c&bidder=appnexus&cbx=aHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ_...
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F26521%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D985fdec6-87f4-4a...
  • https://prebid.a-mo.net/cchain/1/26521?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=985fdec6-87f4-4ae8-835e-a8062876f96c&bidder=sovrn&cbx=aHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ_Yml...
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F26521%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D985fdec6-87f4-4ae8-835e-...
  • https://prebid.a-mo.net/cchain/2/26521?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=985fdec6-87f4-4ae8-835e-a8062876f96c&bidder=amx_com&cbx=aHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ_Y...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F26521%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%...
  • https://prebid.a-mo.net/cchain/4/26521?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=985fdec6-87f4-4ae8-835e-a8062876f96c&bidder=index_rtb&cbx=aHR0cHM6Ly9wcmViaWQtc3RhZy5zZXR1cGFkLm5ldC9zZXR1aWQ...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzEyNjU4NDAtMDYyNy00QzQyLTgyNTItRTgxMThFOTJGQ0RC&gdpr=0&gdpr_consent=&google_cm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOYWR8pH84NCPMiYD5e1bUY&google_cver=1
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOYWR8pH84NCPMiYD5e1bUY&google_cver=1
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding
gzip
date
Mon, 23 Dec 2024 20:58:44 GMT
content-type
text/html; charset=utf-8
server
nginx

Redirect headers

cache-control
no-cache, must-revalidate
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOYWR8pH84NCPMiYD5e1bUY&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
379
date
Mon, 23 Dec 2024 20:58:44 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
gen_204
pagead2.googlesyndication.com/pagead/ Frame 050A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6302924124919&version=m202411180101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:38 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 050A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6302924124919&version=m202411180101&ct=2&x=38&cor=17358347032120576000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:38 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ad
googleads.g.doubleclick.net/dbm/ Frame 050A 		84 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Byo5N2Dht_XtQ3mW3DqzrvNqSVkTy62TPtbK0u2jEQz8V-zpW92dbyePMdkKlta-BQUOfhJweTdOUQDXd3jaJ2UH6yEgu3b9vZLaQYyou3OC8zZdoFqnZZZHZKOou63PhHvVfJZCh2jD3b-lyYFKVsguuRaCQLyt7Huet5NWjrzJrh-ujphRaQ3FhkFJVwckae0LHTnqAX2Nv7Gdsg2SopGwZt_2jyTMToDiWED_nnfOTRoX8&cry=1&dbm_d=AKAmf-A7LcD9Zt36y79MXmxdGTvMlF7TbBSNimn9P5qyuMXOhncCRuWookUtwtMXp0dnvAhJGACHDlVAiZ_jfhbh_MOhS0VD_H3DZiW3XqFp_Y4qYLacJ0TRhi34KCpu52WANa0RUl0MD-MhVaP5eMOMrYFYBuSbYCjM6m0VFl0SCI-F_WtJvPqfJIlOJRItehzGiSz1Y68zX2b3Df0L4aWEPHMZonVniyO4KxsmNKZG_CLuD76P873fqe3ETmdXmx2rQys6vTkcf9z3RFE-RBH5ZIPvvRqvs5odN9J7tE6W7JjOCnRV7bVcq_akHSwNslQjr8w2btlweucdAm749e3L66ZFcoZU_KI6MUrq75uaEKvs08rsxVvjUE-pizN780cUnz2yuIBr-POS-3Qf4HkIcACs0PF7mDiMU4q9g6BBXacx3jzZREBx9Of48ILLLFsudvKCzuJr1gp9FIsxTkQ_TOlpWY9NGE6W_6ZjIrvlxM4OURZT0Gm_fsukWSwaXE_M7fPoDF9DF91Y33LsRqwrWcFrlN6D-9JylDzMjoemuN6Ld-rprTe7iRW7Cl4Ke6CUBH2c-gLD2M6Y0PJnR3DlIHC7o6qGg92P29p_zAEGvimsPC-6-yF5yvc_AedvQ3p-ftlQpH1iZ1heTwHdlo9gMp1zDdX8HFv8PRhEOJGSYipVXs3OfVpBukgZ5Om8Nh9ESlHcP1ULMdUR2TRdtyQ-4Eb0cROqkgMl-pufDXoGDzma68O9HHGvqA8gZ4FXjpYmgjtD_NNWlkNCaGvxJPPO204Z3I28vi1XCfQOsVFVHc2AZ9pvdni-z6lGpuKMMSqDS4mBjok52ItLnYhMU6UGn99RgniD_nuTBvo-7FxciUwWZ30Si9ggav4ERiCFBLlWt67I6xXB42RH9QtQY002D_EcxisGVhgr9x5l72PD-pHTAXTcUsdGrbU8i5Cz5LvbeaQiy0Ru7WUzPsRGOcHowwgd6hZvYC1-h7jc6uOAJzboqGLAQOJzbs_tUvU-8rQJYxCUnfne13yCB9a_2vO6A0nERoawAu5j00dyccwqWJa6Bnpjx1htiP6_T-L_evGv6OTugzFGJkVyMobxlP-xjP8MRLKbys9TKeG4pJOjoI8cZJEa5nzCBcyompJ-5BQWdNSQ4BWjbKiA3KtmUwwdgOWEnt79tQfiS42ExrHTNpAerAUmvjdUstUL0UpaYFIWj1jR2hj0KyR9QEfobTTIGOolc5cbO-Zglx2dci-6fDxunJrul0TnmePaDECKLRASUQ1K1Y9FVZ5vo3bl0R94HWQlH5WWMm6Boqz-7R6vmiVAHYMnOW_M1q_VMbYwws0d-oV_cUC69bXAgN-bbrBdkVK3MOgsDVtOtR_BSACpAnxDIZbTqNRj2nbeMlQv4JO6VSmMmRmpaLryobHS7fLbAS4AVxS6fyRu0svqL1rSfpjxYPGbGzGedGB19_21fmPHbw7Rsb2BHW7HQX9uAelGgLf6swdIKp7GVZWe8gTdMtPl806blbsSY4q_bC4P01NXCKTvsxgjQlKn-wiBxJwm7bfIJzUBWOmiehfo-s-OuaCucufFL2Dt8C-W14tqzL99f-qqcBmArw9BBXZ9e5Ed3o_g49KGhnbm8CX0FLens9sNlnM_R1dYFli5OQQUeK0ZHy_J2UlHmBtN9DhTkrYsf0orQj5pJ9dg7Dqw2RHP9jQNBph8vwd_3Hq_hIwLbiB208ThfyaQuUpJ9hj7e2V0CyQMKzd1P2cuGY81PsJZKit-Mkv62qgD1vPXuKGruVtisyUKw4NUf7q3nvAKQK3Y68z0RIwoFLE_IQiaGNICZX6dFBXtXIdYR1nQ6p4J1xtaev-NwSMvTaaEB6lwxVS_fUHA4n7NShqtLR-YfYIjjTmjSVRW86j5WmNYQtQkGtaGVuMfYP0eQieFCSg7VWi0-uc66Twp_h8UCrgciZ4bTM4T2cluj4ftzyMUvn9pCiCGdnXblPWJFuLR4h-k6QHLE7rcioz_P8thSeMPqEoGBoxOzARrA_NouPhn7nEXypFzkrrAGvr1rRuO6asbZMvgGTcUzGvavMeMeuW9dZfl7Ox3nK2ZfQO1j2qodOjqM25zGRsZzhImVe1Zv-xGI_cxjiyukvAyMHvTMrEwtOLnsgMqTKoM4n1xFXbM4l0N9M0GU2AqpQ3BAmDGaYEjoxMWhln3K2BQkX1SDOAen1r3leY8h_xTMATy14nPPRaYl_hiGGO16deNH0hRrmTewDh6m6icsS75Y5_U7ZkpGwQ_F0YvNn0BPlB3YqRUPhauVLtM21xq1JpwoyIpS7SYyItpnJy-IaYp-Gp4aog1hXTzkAqohAkcBwMNlJxMIuN4ITEE40IEfdbkglnYlu_v3Re8if5DodQXr1qkGySmF3JeS_hYZiSfLVwBS-mohgF98F8zC5tP3TDSncTwNuaHW44GomE3SAQvYgazejHdWTEKuXe2ZxcuxNN7ZYi0MCi9OjS3ptB1qup94YFke8CjbPMCIfSVCK09eHhscEUFHLGO1AO8aiAxVZLTJ9N4owQZqIvhjR6ZErTcEJYyjhGAhpYj18HJZu3lYaQkr_Dh8hog1ZZ9WSW0vHDrJt-xwDIbzB-JNgr3w9yw5XLNLvBVtAYx0naleONwPpEhaM6jBiKTlrdQz7bbIfNt4U3D7-1raFywRvsa7i1BZK8SjWgcxYeb1aXKl-foRj6PZxjRlPNkr-cedmrEu6CJuyrvNKZpnIpH2gmDbtQpgwNJdqbRuJzgF6v-hg69a5umZt7_OjTnmU8-EDktUnAYCxGZ2ZKRhXLIaW6iFCQe6ECP1hwsP1ZLXYJGx-n2OMyyWAQaZXM6sMJLpXWquFA_Wn4YEAf3q1AiFx2q4yXhV3cxODicVsP_0ov_2LXsoSkkk029AQvD0q7kBAxBRNUzY4Bo3MHi86XUNc4FJljXdDCpysS_Axd1Lp0UM_4IDJM2eS3UuHCvPlVJw9fBIp8MaeyQxySw6jaHtqsAbBH1qK5OMetGJUTtyMX6ev624GkjHWTxdYg9_kAia9kU_N09bITCThP4tMnNf632HWJVF-lDYfq98V8g87mc7-K3RwYcUkgBkFh8bL9Gl2H3rixJsRycWZBPc_WmBfpAxrSX3SBh52vqrRFN0HqrqgzD_rYimKQgp4U3NiAVukhAxWDsa7bFEz18Fl2KLq1LlhYgL8zoGntKH3TUqiSiWLQU_xaOn8swyLUOxztOLn0wkmhXHNUujB8rmbaUCBn7YCPDt9i1lsN0nAYmX2aylJMyqKVE1wBGaQPhG10XMQu6W0KQysbJZa66MF61u0JuPP1l3h_hcC-mLrwiIaAUZzizoqw94E7li5f4WUHeyeaWdj96cNJed0Dj7Y3nqzL3WofqNIjYRtcAf2DI8JrXCOnbL3gsrUPFz2jL2jnwR4WedtTJtR77bk5vqiD0fgs8ZlOwojdHyvMOXcESWBNphSq_gSNef5WqGQRR-TtXvZI-IDit3_4AREwNECsMbpWgkKZ4Q8TTINRpIQurd1n4icRRE75VZ9Go0CByhKebldgFRxTFLZBNfUSwmZbY1cHALzbQWjqfXcAvoFD--O6L1MI4-03MBTrf4duRkpzI_pxYkPJDpXe6jdZXPHp-Njqx8yG_L081HgzFKsw3Nm9ZINZUS2k4-7Vogsk3bT0cDFjGKQvY_CQgEWLLYFE1_KxotcBp7NfZhLrbn9t-Y0W0ohMqxBOVwdHrh-HPiHKFCswp0W16J6I65mt0Bgodp963vmQonO6gvLnYqq6_LSUpIeZOau3wByKQAp2RXXtLBptaD23uQoIEzgEiTlL-psQA_i_zxFCz9qp7vaHHTTu3zCxKBj5jg9V2oIuQYLZl3JtAghJX1l0eHhpI4w9S6B1yiP-0OosSSuuaAg_pruit8OljEc5Ge04GQiy-V2QNVknda8C0AW8RIGFSZMB7oYuyxEf9mC5WQ1Dy97suEecmWmTEfnhFXABXnA9ifknjIIlcYIQZv1t5sLf2V2_8xQ5Iz0lgFJZdkP7xm2uybQ3Ct46AMhy0QjPf4q4fU0SSGfBrGBhzM3pGbzcahJxoI9WQ05xaTLgA4gGC8TmgScF2yZBtGSirJGaLvskrvg3jqWnzehs&cid=CAQSSQCa7L7dD8BCECpmYVvHOnh4SkWGDXl7jLwxlr5n3B5UXYucQs6h8lswZTPlxdMgFKp1QdzXlTHXyh8djKvHygr6ezbfOOTVEsUYAQ&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202411180101&nel=1&rfl=https%3A%2F%2Fezgif.com%2F&ds=l&xdt=0&iif=1&cor=17358347032120576000&adk=424501397&idt=537&cac=0&dtd=44
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
1cd4b624e1efa8e43c4b661c3c4c77ec818403e8d4cfdb82941ea81be9f4cc3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
39371
date
Mon, 23 Dec 2024 20:58:38 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 492C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6352432722638&version=m202411180101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:38 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 492C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6352432722638&version=m202411180101&ct=2&x=38&cor=17313691117072286000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:38 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ad
googleads.g.doubleclick.net/dbm/ Frame 492C 		84 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMBQQvnGkQs_PP7iYBOFQwIKpF5c7psko9H-MjiLsMeDYiLnIP9beOHeH2aaS9revSi6KtS00Q_HioRUhxnm6C4K96AvcVVHt9kL1zzorIZn-Xvz6QnEpZmCv0y96Z7QsQWbudaQ2vfnmEVSq1TeR7kvwpIRrPwKTooTdoE8wHtmvvq2rr_Jh6EXnf0MfG0i-96sXCR4rPsinc9xBhTuHffjgfrFFC5y84--UAiqV8hSQ4rfQ&cry=1&dbm_d=AKAmf-BjmpzKcY5Kc6v620E758xDoQyWKmG7DxV4Yurepr0joOnbsIKw92Y3iTAYBa1enw0mvhV7KsmRS-oXNjiUsxwRKnhXAqF3D8BsYrRtsc6L0qwcohF37nKC4KBLJacljHMeRxwSTVKE4l2zBnTsQQqUzsfHmw16S1tJbmt8X5SExbxKImm8TrRBfbZJlFmACIysFmmg6xv1kr0dzjNs1m6WtMuxbeShIcnDs4es5VnPPBtagfG4dFs_EfRGkh-CXm5IQWiJD2puSrxwrkZlAIXE_VsL7dm_YC3vIQMGwR-QrTtfLRkhk6Bg7ZyBxp9131tys1fiRSle68ag0hRTennwEDhJkMA01AKf2ikqjnv7Jk-a1NFvTRxNV7QrjTw7UgRzrdKOI21YeWR0biiuV-URn1lpDpShy1uAYC6y-6ju9syOaPPAi5LiUcyoYMZXVZ6qb9SADB5XEuUT3VWwgaqOC2JRYmmtqCL9yqCUoNSNNuz8yF-6erH1DY5RwotEXsRCtCzBiCYLxL15LouMLKHKlHOVjUKEd-CrfSPjOKjNMdpqlQ-8neW0OfAfedebdj5YEvG0j0XOUoKx0E98N7HKRpFdxWW87p1YXO6zcrOzDw5fqKdEojrWTugJEnfaAMjZwqg1QFRd5eAV5jzwNYs-AHbsVniXMnZmTBgb_C6ouDCoH9u5RGzvLf4RUaVsHviNPsOFNLeY8Ym-3R9gyD7OsMI4AZ8gM6ICf3PUfV3uaJBBxfrT2FqcMsMSl8CAZGSmLkzoT3A8nml2ogT2rWypd4ya-KxKICt8O0NePTzWJylCdGispjmqvL2ZjP4nlOVyREWK2FRi8r_0m4t7jQ-1pOSUFddy3dz4Ilq6EpBEN9csy_o6NA-Qd6eut1Tve1lVuvFgSrKg-dcHHCVdXEVXVnlbNCkmAXuGSK6yjBwvQgQzY8DTnb195H9uzWfUim_wCofFd4nkuELXfHU2pkEC38ZF78Qk7g3wTSMY77TKIiX5_l3hT4qy7BFrVVN81ZjynX02bXJ6T1wtlaQTVblSdnPFU_dHPUBakUpAbSpyQSPCGsYI3crZa6ga4H5Jh2Jahu7IO_BeMmVGGKh5R9oFZXl-UQ2sC8Y3A9FlaANHoZNyePXlgoi2wstob8jvD-l4cVoFQPApDZfvSgc3Jfft-v95IdCHwXcvjzdthrd3Yx8gCnt9jpqohLHE11wLZh5PlHen-c7YidRCImAQo48NgemMZYVgz_FoTQnGaXeJUMOQKzCctqvYpBQZ8akET3AdhFxPTQtTEcakurqRmSOqYjW4g9UtfuLg_u_3x81i5lbBNy4WmQqgqnErgz6bWqyy0f-5DkJZLJWXtlvTeW2EF4HkVz1KqEW6mcmjOn_itGzjzYvA2SsUXms37SWunNlVFV88RudsV9QKdM2O5MhYhGH77sh0rKKKqLmWcCx3bBudgc5Lkn8sSnRBLoWhT2BQe_pWnHqsPlHpWG2V6jp43jPqHevQRNxWPRHoBHkY-GGslEhGUVAArIufNh7NJohFFJcgRDTkqyCIAnTorn0xFzk9fbiLLbEOB6-RLHaaPjK5L9YgggMctaxgru8fuxO7Wo7tFFXK8pxZs_eYkTzhi26nQIqUiq588x3Ckl7pi6qipdnPx8NdpBICkTm4uFglVcmCqbYFsQ1erK_Q9yqG3BZc8jfNSR8OVQ3uLwlWIqq1ATY-0ahu6JI3Xf4B39uucRgv1YnFaQ_HpFQwftbl5TPvRuYJW7Ks4GlhmwTOjluYyPidbqp24CUsQJFe2mSnDod5YKoAY5E5rsCRcf5Hsa8njTblpVPQP21gtHNg3HLe5AQNGDDxMAIbmXLmY-WVJoIwrvbhVGEnfsQ6gxL-flMhlqO6U5M0oTvLhklhPnuOmmWft58TqKnJyur7Wo-S8mYbHK_Z7IW7oEDRQncn8FW5fArCqUIBQGQDAa9UYPzv8YX3dP15Fu26K4b6-KuVtaBGpPGD0jKT6eLeOPAGhbCVVk0OHnN-_m88Idsgb87iYNJ9BoPU9QeGtNxL3l1YnrDWnnRXyKacHde4VQ-hidf0rks6VseU-hJHmfW9YfFmwtz-a5Aqrt6vgYuAeMPD0tuFalQMEs2wWcMebXDHDHsmMRJ4WUpE73z8gbUtZJufrwJz8wvRXyDODsCG0PW1z_FsC2CFwEWwQe1zK6_rUhwSVOzrUhAbs9JkdGqJ7xq397YjwfRWD5whHroBSqb4j-kszCEbyB761kj9Nu0GjyhvClfCt8NMcQk0sO1hBd31GG2m4ToUOsMbA_tsDJQt6TJOu8ivhw5K6veWdWkaAdFiR49t3nixtTPZYGUvEL-JVXRX0PIWGETRsYymqpt1S4C4-JEklcS5w-ZeDI68w9NpcScSo-MmYpJcYgu18mny2ftkc0OdZf2Gm30xfM0M8Ce42EUtNCQNqL9_gS8ygBYjjawAz8U96WI-ugsal3w6StGubPXa1zuPTOaSDj40fg-49NnKoKTcviQwXe_ptdkaCXXB6avx09JHApAD6kWfoVeGnkUotwII1-ogTevrA25LdYThvEue6JY97yoDSDPSJ3P06Kv7Sxu69E88xiq8WAb88LmKVtAIGfRUKs47KmES13t0z9JYRahl0T2khpG5ZQ-Wyz-Bc6ac8d7Yn_DXXgxr4lLOQK63mHJnVXaAwBGRDfI-BJYSqloATlgRR_FRKFvCdElEMAv_5YmRr3e_UtOchyZAT-BgkTIHhmXY4ZfCm5Yx-ZyXd5oBUgiQX_GkuEs50U0d_pwxRXHCBSvOwX-i2NayGU4YcsSbyzPOWsOydOleOeUKYmMg2KLippVtfcEHhSWJZ8iNgUm8uoxVAjGsQbe5rQX9DdBBgB6-V6lf4GF6_AWC5uVrwfrvL8gp23oBxzvj844VOLfsV6bMoj3jCoUEYXeJ16crRPti64Bk9cinF8D7d4yRvyECsv5NtsYtjLGZUadQxRcAujFvKqUm4ByDzEUfYq70XYWG1FugttVn0nM5QFxpe3JLqa_h9e3H_JUV629VcLvhBqev2qI0t3yrUtm3_gvmHdz9_sx3K5Q2RRqgJliyuxFBZ47ZnzttqcPnQis0ZsOn9L1Iij-UH93sp_0Vu3-eIG0GDDAfJquvxvyFwZyVMvNInGpnWrEtNg3V76VSPRYXD9I2oeYhw-vARz4btM9GrHAa32LMXUMaEJfAAGWuzumAVXXTVjxzMMZ6wFOSYO7uFGlCwYndR7P3Fab-AOZOVrzzg5ewCQOdZQRHj31m4q_1kcjQww3E5NuHcaLYrcBpzt-7DlUH6w2bxu-F2mVBYybwGA_DKW5F7aWepdfjTWS5M1l0nxS29yYFNVZioP088YgGCAd1YlOawHWP2tStQtmzLjVh7W8KQqnuUgOKGJsdWIgPN7vVP0kprVsyw1Nc2apu87eUmSoCcSD8Obwwx3bx8L8s9pOJA1LSv07fH28tfZDm0yrVl7w3l8U1zli1oKauSnug8zhMDu2rxSjB2eeV3XNojSZefi7SKwZuVh6SgGlMCUNYUkFzWjJPB50cMj1I0rHTOROR1Ag5qzE-puZYI27D6xn_0ZQM0pD8Qj11A-jHAMsn8AI-o0mf6SwP5XWMlF7PHHDiNebDUqmr4oo6MgKuuyAxpuSQanGWdGicaBDPeUhyJY281yggJcW5xbbq0ZKFgjkrauEqY2XxC9y6NE6_aNhR7Pk10blEc8C895HrMr9-HMf3aw831mvUg6bBzmrVoJPS_8CWvKAfMIK673JMag791naFerY2Ny01H2Ta293KZvlEs0Hl2lFQkxq92Qs9aqUmpH5IHkfZqlbNyc1bgNTmm6trMSO-wL1YTUwJwc_6LFWxEAVLElowQ2WBM28tKasUmfGhBDNzhNPIsLNYNOR4NMd0UrP1YtJeTUYxArW6Y3wLYHXbDFAnfcU6AIoQxe93-RYKttkvla5E25MUWngNRS57ulIuHTSOCopN5veWcDM-cWHNJk9XfcPjlqA-YoiZBGlrpTFtUbBjjCY4Gf-jGBlYuSdSfdyMKVU_y8RL010JpYae4H2KJZ8bRuLkcIkK5obdh1I1yz_ZoxIV&cid=CAQSSQCa7L7dY2RYjcYa2wLfmnTQ-wBx3yf3Cq-AWkHoJIl0lyXOMahQcStKO8zAJEVegXUyiZvPtPmzxEGBWSKctWvCIekQMR4-dCwYAQ&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202411180101&nel=1&rfl=https%3A%2F%2Fezgif.com%2F&ds=l&xdt=0&iif=1&cor=17313691117072286000&adk=2751007027&idt=489&cac=1&dtd=33
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
1f401a0aa1a29dfb0aa99b9ef4bcbe8fc0e1fd923fea6108a609c7e3bf34f706
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
39329
date
Mon, 23 Dec 2024 20:58:38 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/ Frame 050A 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
39eccff87303e4def8d131109b031c3a973ed7163d9739eabdbdb1f5b710ec73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
1851978643320982193
age
15051
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 16:47:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 16:47:47 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
11583
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 050A 		218 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
216
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:55:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:55:02 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/elements/html/ Frame 050A 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
39761e2a7cb0e42a8b09fbbf0d2c4cd9fb0c1568c045b1c5e387177dda8ff064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
5098607549323971572
age
15544
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 16:39:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 16:39:34 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
4393
x-xss-protection
0
server
cafe
view
ad.doubleclick.net/pcs/ Frame 050A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvBe74a_ANd0Nw_hPwXYH2eqYXHk0HqF9HmVWnfEFid-0epYjeyBJeB125D5jVTysZzWCVkfVhnElfnk4yFqJ2cwAN0SbP4WNl-V65w3yiMftT4KDQX2iMm67Md0ceV4t3ecTdlG25NeJgSlvW-OUyuN8EPIYD70Rs6e9o2YAZmQu4CP-aIZBAH8FZ2m2ReE2jpGmZ72YbY4INwD33LSliOHA&sai=AMfl-YSW6Or4mQuUHPEN3NZwq_foFfEyrn8PZMLXYlr3SSKX6xqBJxnFitAnVXIJtFGYEpJi_rhzuiZ6uazxzaiE2i6dAQJ6njy718YEIi7sPEroJorpP3QY6mW_pqXhCQ11rHYCsUbX2YxdPIAk85GlugRa8i93tSj50PuBFc6qkyopgomGYvw&sig=Cg0ArKJSzMUQhcvJNW-vEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9taWxlZ2EuY28uaWw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20241212.35174&arae=1&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:38 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:58:38 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"27783644":"0x4d37a4adccc813c60000000000000000","27783645":"0xbd5985b9ccf811d60000000000000000","27783646":"0xba1268d1630a4ec80000000000000000","27783647":"0x6286a0edb7652d150000000000000000"},"debug_key":"5965462281783256057","debug_reporting":true,"destination":["https://weshoes.co.il","https://royalty.me","https://milega.co.il"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["105835932","105835941"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["14674086"]},"max_event_level_reports":2,"priority":"0","source_event_id":"1894106194117314196"}
server
cafe
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 050A 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
age
1282
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:27:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 20:37:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
13937
x-xss-protection
0
server
sffe
15135654432974524970
s0.2mdn.net/simgad/ Frame 050A 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15135654432974524970
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f6.1e100.net
Software
sffe /
Resource Hash
95d7a628dccc8580bb87e11944d5ddfc905e689cb2aaeaba2411caf9a3dbac18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

age
461137
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 12:53:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 18 Dec 2024 12:53:05 GMT
last-modified
Sun, 08 Dec 2024 19:46:56 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
31498
x-xss-protection
0
server
sffe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 050A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:38 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 050A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:38 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 050A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a630283e4ddd0138e64af0f31c3fe0bcda33f91bb9289519d0d9d5d273e6765d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 050A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:38 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 050A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/ Frame 492C 		30 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
39eccff87303e4def8d131109b031c3a973ed7163d9739eabdbdb1f5b710ec73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
1851978643320982193
age
15051
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 16:47:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 16:47:47 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
11583
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 492C 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
216
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:55:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:55:02 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/elements/html/ Frame 492C 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
39761e2a7cb0e42a8b09fbbf0d2c4cd9fb0c1568c045b1c5e387177dda8ff064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
5098607549323971572
age
15544
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 16:39:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 16:39:34 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
4393
x-xss-protection
0
server
cafe
view
ad.doubleclick.net/pcs/ Frame 492C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstA6hPVUs8HoNjUNsBbn7SLKml3d1DfnreXucvjhBva1BqTAyATN7KNYyGPdUVix0qDskh5b4-TNu1RmEuctmpisCRZl1mlXQLqmTc7wivqoIoFTVlK3OH5Q6aqEylBQodMtfRUnGugYANxTy2kHn8YfdSaXN18VHmT06pRWTkhqDIhEgXzj42dAFkTzZg7QZGOJhfsIZVQQikjnmamkBHPcw&sai=AMfl-YRsuWbD01gfSi_0JpajzlX3laM8VPTH4lDNMZ8HO0QsbNP143qXtGOVEH99FMwcLMibGy1k8NMvMdM4YZq05fYj21xHnL-dDaQ2DrhHOsvr1yp4zaxRoZg8ztUFu44IYHcFJl9OgWxWygBXENuX3uh6h3EqHUFajh1D477CUiXuFHbM2I0&sig=Cg0ArKJSzHTxH5kTRZWAEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9taWxlZ2EuY28uaWw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20241212.34176&arae=1&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:38 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:58:38 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"27783644":"0x4d37a4adccc813c60000000000000000","27783645":"0xbd5985b9ccf811d60000000000000000","27783646":"0xba1268d1630a4ec80000000000000000","27783647":"0xcc73f5617d6201f0000000000000000"},"debug_key":"13833237855926573479","debug_reporting":true,"destination":["https://weshoes.co.il","https://royalty.me","https://milega.co.il"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["105835932","105835941"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["14674086"]},"max_event_level_reports":2,"priority":"0","source_event_id":"10751491642058388143"}
server
cafe
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 492C 		41 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
age
1282
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:27:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 20:37:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
13937
x-xss-protection
0
server
sffe
5954267330940173849
s0.2mdn.net/simgad/ Frame 492C 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5954267330940173849
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f6.1e100.net
Software
sffe /
Resource Hash
9f8b434d07c98cc197e8bfd78b8856621b78c7688f212187b63aeaf3a5ea5eb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

age
461055
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 12:54:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 18 Dec 2024 12:54:27 GMT
last-modified
Sun, 08 Dec 2024 19:45:14 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
31473
x-xss-protection
0
server
sffe
checksync.php
contextual.media.net/ Frame 498E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUAMBU35&prvid=2034%2C2033%2C2030%2C590%2C2073%2C273%2C233%2C2028%2C2027%2C236%2C313%2C2025%2C237%2C117%2C636%2C319%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C122%2C201%2C2039%2C3007%2C246%2C203%2C446%2C404%2C408%2C2011%2C2055%2C3022%2C3020%2C251%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C413%2C3014%2C77%2C20000%2C38%2C182%2C261%2C141%2C460%2C462%2C222%2C542%2C301%2C345%2C225%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
12712
content-type
text/html; charset=UTF-8
date
Mon, 23 Dec 2024 20:58:39 GMT
expires
Wed, 25 Dec 2024 20:58:39 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-mnet-hl2
E
si
googleads.g.doubleclick.net/pagead/drt/ Frame 896E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 492C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 492C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sync
eb2.3lift.com/ Frame 629F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1096
content-type
text/html; charset=utf-8
date
Mon, 23 Dec 2024 20:58:40 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 333A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v62/ Frame 896E 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v62/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ezgif.com
Referer
https://fonts.googleapis.com/

Response headers

age
366425
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 15:11:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:11:34 GMT
last-modified
Tue, 29 Oct 2024 18:37:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
36216
x-xss-protection
0
server
sffe
truncated
/ Frame 333A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83a43074cbfc09a8e880a0ea1ba4a5ec68c6ea056a64fca64376801deb9c3b47

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 333A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
isyn
prebid.a-mo.net/ Frame AFD5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.35 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
608
content-type
text/html; charset=utf-8
date
Mon, 23 Dec 2024 20:58:39 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
0
sync
eb2.3lift.com/ Frame 1961 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1096
content-type
text/html; charset=utf-8
date
Mon, 23 Dec 2024 20:58:40 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
isyn
sync.a-mo.net/ Frame 21A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=CtUBSgllemdpZi5jb21SC2Fhcy03NmU1ODJiWghwYmExLjMuM2oJZXpnaWYuY29t-gEGOC4yNy4w6AIBiAP7nae7BqgDC-oDJDdmM2I4NGIwLTgxNjctNDFmZi1iYmNhLTM1OTUwOTdjNzY1YaIEEmh0dHBzOi8vZXpnaWYuY29tL6oEA0RDSLIFA1VTROoFB2Rlc2t0b3D6BQNubGTABgDIBgGqBwN3ZWLKBwllemdpZi5jb23gBwGCCAllemdpZi5jb22KCAZjaHJvbWWZCAAAAAAACAAA
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.35 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
591
content-type
text/html; charset=utf-8
date
Mon, 23 Dec 2024 20:58:42 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
sync
cookies.nextmillmedia.com/ Frame B5B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&type=iframe
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.46.102 Hillsboro, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns1021989.ip-15-204-46.us
Software
fasthttp /
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length
3087
content-type
text/html
date
Mon, 23 Dec 2024 20:58:43 GMT
server
fasthttp
connectmyusers.php
cdn.connectad.io/ Frame 1F03 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.55.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
693
alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
8f6b45632bbb3a5c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 23 Dec 2024 20:58:40 GMT
last-modified
Mon, 23 Dec 2024 20:47:07 GMT
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 1CE1
Redirect Chain
  • https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
  • https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
484
content-type
text/html
date
Mon, 23 Dec 2024 20:58:40 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 23 Dec 2024 20:58:39 GMT
location
https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
pd
setupad-d.openx.net/w/1.0/ Frame CBF6
Redirect Chain
  • https://setupad-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
  • https://setupad-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
446
content-type
text/html
date
Mon, 23 Dec 2024 20:58:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 23 Dec 2024 20:58:54 GMT
location
https://setupad-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
sync
eb2.3lift.com/ Frame 13C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1096
content-type
text/html; charset=utf-8
date
Mon, 23 Dec 2024 20:58:40 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame B11F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.168.108 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-168-108.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 23 Dec 2024 20:58:41 GMT
ETag
"623de86a-cf34"
Expires
Tue, 24 Dec 2024 20:58:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 445B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1734987515968&gdpr=0
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
sync.cootlogix.com/api/sync/iframe/ Frame A8B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
24.144.114.245 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
109
content-type
text/html
date
Mon, 23 Dec 2024 20:58:43 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
checksync.php
contextual.media.net/ Frame 9071 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUAMBU35&prvid=2034%2C2033%2C2030%2C590%2C2073%2C273%2C233%2C2028%2C2027%2C236%2C313%2C2025%2C237%2C117%2C636%2C319%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C122%2C201%2C2039%2C3007%2C246%2C203%2C446%2C404%2C408%2C2011%2C2055%2C3022%2C3020%2C251%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C413%2C3014%2C77%2C20000%2C38%2C182%2C261%2C141%2C460%2C462%2C222%2C542%2C301%2C345%2C225%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
12710
content-type
text/html; charset=UTF-8
date
Mon, 23 Dec 2024 20:58:39 GMT
expires
Wed, 25 Dec 2024 20:58:39 GMT
server
Apache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-mnet-hl2
E
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=c0e91bef0c
43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=c0e91bef0c
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Server
51.178.195.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip216.ip-51-178-195.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 23 Dec 2024 20:58:48 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=c0e91bef0c
age
30
via
1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
0
x-amz-cf-id
M6RhCwM2llaDELsQ2cz81Dvk7hMzmdd6VQkSUpk_zpqqJ9gF_j38tw==
date
Mon, 23 Dec 2024 20:58:17 GMT
x-amz-cf-pop
FRA56-C2
server
CloudFront
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://equativ-match.dotomi.com/match/bounce/current?networkId=9252325&version=1&nuid=SMART_USER_ID&gdpr=0&gdpr_consent=
  • https://equativ-match.dotomi.com/match/bounce/current?DotomiTest=3f881d1a8c5016c0&is_secure=true&networkId=9252325&version=1&nuid=SMART_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=155&partneruserid=AQAJFCHlZh2MCQJW4_VoAQEBAQEBAQCS9FHSnAEBAJL0UdKc&expiration=1735073935&nuid=SMART_USER_ID&is_secure=true&gdpr_consent=&...
43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=155&partneruserid=AQAJFCHlZh2MCQJW4_VoAQEBAQEBAQCS9FHSnAEBAJL0UdKc&expiration=1735073935&nuid=SMART_USER_ID&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Server
51.178.195.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip216.ip-51-178-195.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 23 Dec 2024 20:58:54 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

expires
0
cache-control
no-cache, private, max-age=0, no-store
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=155&partneruserid=AQAJFCHlZh2MCQJW4_VoAQEBAQEBAQCS9FHSnAEBAJL0UdKc&expiration=1735073935&nuid=SMART_USER_ID&is_secure=true&gdpr_consent=&gdpr=0
content-length
0
date
Mon, 23 Dec 2024 20:58:55 GMT
pragma
no-cache
server
nginx
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=s3wJH-YtDxOoeFpDtS8SF-MpXhGoeA9HtHIJbPho
43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=s3wJH-YtDxOoeFpDtS8SF-MpXhGoeA9HtHIJbPho
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Server
51.178.195.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip216.ip-51-178-195.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 23 Dec 2024 20:58:48 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

strict-transport-security
max-age=86400
cache-control
private, no-store, proxy-revalidate
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=s3wJH-YtDxOoeFpDtS8SF-MpXhGoeA9HtHIJbPho
content-length
0
date
Mon, 23 Dec 2024 20:58:48 GMT
usermatch
ssum-sec.casalemedia.com/ 		0
0
gjIEMT18
sync-tm.everesttech.net/ct/upi/pid/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
85 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Z2nPCQANjjif1ABR
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Server
151.101.194.49 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

x-robots-tag
noindex
cache-control
no-cache
x-timer
S1734987529.368814,VS0,VE0
age
2421
pragma
no-cache
via
1.1 varnish
accept-ranges
bytes
x-cache
HIT
content-length
85
date
Mon, 23 Dec 2024 20:58:49 GMT
content-type
image/png
x-served-by
cache-lon4242-LON
server
Jetty(9.4.35.v20201120)
x-cache-hits
3642

Redirect headers

x-robots-tag
noindex
cache-control
no-cache
location
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Z2nPCQANjjif1ABR
x-timer
S1734987529.165192,VS0,VE77
pragma
no-cache
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
content-length
0
date
Mon, 23 Dec 2024 20:58:49 GMT
x-served-by
cache-lon4242-LON
server
Jetty(9.4.35.v20201120)
x-cache-hits
0
pbs-iframe
pbs-cs.yellowblue.io/ Frame 1B6F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.76.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-76-113.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ezgif.com/
content-length
192
content-type
text/html
date
Mon, 23 Dec 2024 20:58:40 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
log
hblg.media.net/ Frame 333A 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AYQGcgCAjASAAAiAAABAgAEAAAAIAAAEAAEAAAAAAgEEAAAIAAAAAAEAAAAAAAxQ_AQEAEBlOGUwOWFhOGFiMWMzNmJmOWU0OTM2NDUxY2RiMDU3Nd6tmZ8HlgNS8uocA7LHPwRJTBJlemdpZi5jb20SOENVQU1CVTM1JmV6Z2lmX2NvbV8zMDB4NjAwXzIOMzAweDYwMBAwLjE3MDMxMBRjLXVwLmNvLmlsCmV1X2JlHjE2XzE2XzYxNjEyOTE4MwQyMwxQUkVCSUQSOFBSTDRFN04zBDE2ACZlemdpZl9jb21fMzAweDYwMF8yAjA6cnRiLWNvbW1vbi03ZmQ2OTg0YjctanE2bnYuQkUUdW5pY29ybjJfYgIxAjAABgAwZ2VuLXZibHRfcHJlYmlkX3Rlc3RfMl8wRjIwMjQwOTI1MDg0MF9nZW4tdmJsdF9wcmViaWRfdGVzdF8yJmdlbi12Ymx0X3ByZWJpZF9hbGyMASRNRURJQS5ORVQgRVhDSEFOR0UCAmJAYmVlYjUxMzY0ZjlhNTNmOTY4ZmE1OGFmOWI5MWNkODg&evttyp=1
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
expires
Mon, 23 Dec 2024 20:58:50 GMT
access-control-allow-origin
*
content-length
35
date
Mon, 23 Dec 2024 20:58:50 GMT
content-type
image/gif
cm
u.openx.net/w/1.0/ Frame 21F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
423
content-type
text/html
date
Mon, 23 Dec 2024 20:58:40 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.23.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-23-172.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"c4b6-5e920545406d3-gzip"
expires
Mon, 23 Dec 2024 21:13:41 GMT
accept-ranges
bytes
content-length
17042
date
Mon, 23 Dec 2024 20:58:41 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.215.202.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE Conversant LLC, US),
Reverse DNS
ams01-convex-float1.dotomi.com
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
max-age=1800
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-credentials
true
expires
Mon, 23 Dec 2024 21:28:42 GMT
access-control-allow-origin
https://ezgif.com
content-length
190
date
Mon, 23 Dec 2024 20:58:42 GMT
content-type
application/json
vary
Origin
server
nginx
/
ce.lijit.com/beacon/prebid-server/ Frame 6193
Redirect Chain
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26...
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.32.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-32-26.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-encoding
gzip
content-length
742
content-type
text/html
date
Mon, 23 Dec 2024 20:58:44 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept-Encoding

Redirect headers

content-length
110
content-type
text/html
date
Mon, 23 Dec 2024 20:58:42 GMT
location
https://ce.lijit.com:443/beacon/prebid-server/?gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
server
awselb/2.0
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.23.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-23-172.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"394d0-60864a57eaadc-gzip"
expires
Mon, 23 Dec 2024 21:13:42 GMT
accept-ranges
bytes
content-length
67550
date
Mon, 23 Dec 2024 20:58:42 GMT
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
view
ad.doubleclick.net/pcs/ Frame 050A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvBe74a_ANd0Nw_hPwXYH2eqYXHk0HqF9HmVWnfEFid-0epYjeyBJeB125D5jVTysZzWCVkfVhnElfnk4yFqJ2cwAN0SbP4WNl-V65w3yiMftT4KDQX2iMm67Md0ceV4t3ecTdlG25NeJgSlvW-OUyuN8EPIYD70Rs6e9o2YAZmQu4CP-aIZBAH8FZ2m2ReE2jpGmZ72YbY4INwD33LSliOHA&sai=AMfl-YSW6Or4mQuUHPEN3NZwq_foFfEyrn8PZMLXYlr3SSKX6xqBJxnFitAnVXIJtFGYEpJi_rhzuiZ6uazxzaiE2i6dAQJ6njy718YEIi7sPEroJorpP3QY6mW_pqXhCQ11rHYCsUbX2YxdPIAk85GlugRa8i93tSj50PuBFc6qkyopgomGYvw&sig=Cg0ArKJSzMUQhcvJNW-vEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9taWxlZ2EuY28uaWw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3856&vt=11&dtpt=3855&dett=2&cstd=0&cisv=r20241212.35174&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:42 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:58:42 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"27783644":"0x4d37a4adccc813c60000000000000000","27783645":"0xbd5985b9ccf811d60000000000000000","27783646":"0xba1268d1630a4ec80000000000000000","27783647":"0x6286a0edb7652d150000000000000000"},"debug_key":"1939679241184132887","debug_reporting":true,"destination":["https://weshoes.co.il","https://royalty.me","https://milega.co.il"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["105835932","105835941"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["14674086"]},"max_event_level_reports":2,"priority":"0","source_event_id":"5175430036622650931"}
server
cafe
view
ad.doubleclick.net/pcs/ Frame 492C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstA6hPVUs8HoNjUNsBbn7SLKml3d1DfnreXucvjhBva1BqTAyATN7KNYyGPdUVix0qDskh5b4-TNu1RmEuctmpisCRZl1mlXQLqmTc7wivqoIoFTVlK3OH5Q6aqEylBQodMtfRUnGugYANxTy2kHn8YfdSaXN18VHmT06pRWTkhqDIhEgXzj42dAFkTzZg7QZGOJhfsIZVQQikjnmamkBHPcw&sai=AMfl-YRsuWbD01gfSi_0JpajzlX3laM8VPTH4lDNMZ8HO0QsbNP143qXtGOVEH99FMwcLMibGy1k8NMvMdM4YZq05fYj21xHnL-dDaQ2DrhHOsvr1yp4zaxRoZg8ztUFu44IYHcFJl9OgWxWygBXENuX3uh6h3EqHUFajh1D477CUiXuFHbM2I0&sig=Cg0ArKJSzHTxH5kTRZWAEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9taWxlZ2EuY28uaWw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3842&vt=11&dtpt=3840&dett=2&cstd=1&cisv=r20241212.34176&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:42 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:58:42 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"27783644":"0x4d37a4adccc813c60000000000000000","27783645":"0xbd5985b9ccf811d60000000000000000","27783646":"0xba1268d1630a4ec80000000000000000","27783647":"0xcc73f5617d6201f0000000000000000"},"debug_key":"11016001654817330834","debug_reporting":true,"destination":["https://weshoes.co.il","https://royalty.me","https://milega.co.il"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["105835932","105835941"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["14674086"]},"max_event_level_reports":2,"priority":"0","source_event_id":"6580642372326136484"}
server
cafe
setuid
prebid-stag.setupad.net/
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
  • https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1735867950667549031
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1735867950667549031
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eLzoePX%2Bo07TEX2pBEB3CRgfAuYrcry7zIu2j%2FFUE%2FGroSiu4QQYsuHF6MASGLwaPD3eE2yn1%2FiTWy8y9UsqGomZJ8DkEgy35guOw8E9sL5nQxhSCds0yY%2Ft1DGOQ2m8cJHeaJStrlQu"}],"group":"cf-nel","max_age":604800}
cf-ray
8f6b459fe8f86958-FRA
expires
0
server-timing
cfL4;desc="?proto=TCP&rtt=52503&min_rtt=52349&rtt_var=19741&sent=5&recv=8&lost=0&retrans=0&sent_bytes=1896&recv_bytes=2970&delivery_rate=49208&cwnd=251&unsent_bytes=0&cid=09806f9a499a0a42&ts=138&x=0"
content-length
86
date
Mon, 23 Dec 2024 20:58:50 GMT
content-type
image/png
vary
Origin
server
cloudflare

Redirect headers

access-control-max-age
86400
location
https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=1735867950667549031
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
content-length
0
date
Mon, 23 Dec 2024 20:58:49 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
bounce
id5-sync.com/ 		30 B
228 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:58:43 GMT
content-type
text/plain;charset=utf-8
vary
Origin
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
699c77e9de27eb363f0b2b37999d76ba14051d19bbb19d8a4e0f370203203fb3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:58:43 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 050A 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssX-V1Ajy1yE8HTQmRzl_vZQkX1iwCHkzWHwsdoAjerHFZbzekBia2sphND3diMTjqk-Lohigny8SFrEIFWl5S4siEe4blkEJd2evs5Stq4gERVQyMwHn6SZhT_nZB_qnLMs3zVd5USM2JMrcZYnSI&sig=Cg0ArKJSzPfeenh-q2SnEAE&id=lidar2&mcvt=1001&p=0,0,600,300&tm=4816.89999961853&tu=3815.8999996185303&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=424501397&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3092031800&rst=1734987517825&rpt=4768&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Dec 2024 20:58:43 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 492C 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3doRk7G0gvMbriZqW1nN015DeovVP6oORxXkzvidtr50Ii_tBJJQ277JEBnLaApUyD2-1-olZyLEYBEMYGHK1VRdE-RE5OWB_zSQdpnNrFKIAcSbfYHoAnGpmbCz2Q7Dx7o2OiRfq1yZ1yAYCnz4&sig=Cg0ArKJSzM7OzQkWwjtaEAE&id=lidar2&mcvt=1000&p=0,0,600,300&tm=4688.10000038147&tu=3688.5&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=0.65&vu=1&app=0&itpl=32&adk=2751007027&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3092031800&rst=1734987517975&rpt=4672&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Dec 2024 20:58:43 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
v3
id5-sync.com/gm/ 		700 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a459671e942df3b23f3a05ada202bd12080e55f42d02bd8c728785d4b11f3a2e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://ezgif.com
p3p
CP="CAO PSA OUR"
date
Mon, 23 Dec 2024 20:58:44 GMT
content-type
application/json
vary
Origin
info
uipglob.semasio.net/dbm/1/
Redirect Chain
  • https://id5-sync.com/i/481/8.gif?o=api&id5id=ID5*4Y9vvk2Q_OM24O3gv45-zO3awXMMzvzWJ9neM9p2xMbl-36uEdo3cnao9fZCyK-B&gdpr_consent=undefined&gdpr=false
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=d61f5e5f-0b48-49d1-ade5-b4ceca30de6f&ttl=%%TTL%%
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F10%2F6%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/481/10/6/3.gif?puid=1735867950667549031&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/481/19/5/4.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/481/19/5/4.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/481/19/5/4.gif?puid=4b084e15d64b669ac724c8b59b807be0&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-2b5cnn2mPuUNtz1sYyQRPjebrt8jpgv0NITuCZueGw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F3%2F4%2F5.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/481/3/4/5.gif?puid=5b1d6769-cf0b-4400-a6cb-140de9279671&gdpr=0&gdpr_consent=
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/285.gif?puid=M51IS0HB-23-GB43&gdpr=0
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/481/112/2/7.gif?puid=CF03B863553C947E&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F481%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/481/104/1/8.gif?puid=e956d046-38fa-4e19-bbe5-64f4a598c858&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Q0YwM0I4NjM1NTNDOTQ3RQ%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-2b5cnn2mPuUNtz1sYyQRPjebrt8jpgv0NITuCZueGw
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEF3_EnmSunAi0hnNkwHhGXs&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-2b5cnn2mPuUNtz1sYyQRPjebrt8jpgv0NITuCZueGw&...
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEF3_EnmSunAi0hnNkwHhGXs&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-2b5cnn2mPuUNtz1sYyQRPjebrt8jpgv0NITuCZueGw&google_cver=1
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
HTTP/1.1
Server
77.243.51.121 Aalborg, Denmark, ASN42697 (NETIC-AS Netic A/S, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
routing-server-id
-1
frontend-id
12
pragma
no-cache
expires
Sat, 01 Jan 2011 12:00:00 GMT
access-control-allow-origin
*
uip-response-status
Ok
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
date
Mon, 23 Dec 2024 20:58:54 GMT
content-length
42
content-type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEF3_EnmSunAi0hnNkwHhGXs&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-2b5cnn2mPuUNtz1sYyQRPjebrt8jpgv0NITuCZueGw&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
435
date
Mon, 23 Dec 2024 20:58:54 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
syncframe
gum.criteo.com/ Frame F778 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ezgif.com&gdpr=0&gdpr_consent=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 20:58:46 GMT
server
Kestrel
server-processing-duration-in-ticks
2468453
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Tue, 24 Dec 2024 20:58:46 GMT
access-control-allow-origin
*
date
Mon, 23 Dec 2024 20:58:46 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
view
securepubads.g.doubleclick.net/btr/ Frame 896E 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		67 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=345310670493965&correlator=1172143036429419&eid=31089315%2C95349035%2C31088252&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&gdpr=0&iu_parts=147246189%3A21770999482%2Cezgif.com_728x90_desktop_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C460x60%7C320x50%7C468x60&ifi=4&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D2abe36590a488876%3AT%3D1734987516%3ART%3D1734987516%3AS%3DALNI_MZPFHNbl6ZNQguBERin9bVoPuPRCw&gpic=UID%3D00000f7abbb44c1f%3AT%3D1734987516%3ART%3D1734987516%3AS%3DALNI_MYWc9D1CBqpYB_oh7RlDKOYazZ9gw&abxe=1&dt=1734987527493&lmt=1734987527&adxs=762&adys=28&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fezgif.com%2F&vis=1&psz=728x90&msz=728x90&fws=0&ohw=0&psts=AOrYGsn9V4jo2jzt1Dr4MZSS1oe-Wo1Fzg5wCE_stfKd9caPGPxxVnpZX1s7hDGStwX2mBDM3bIxZYyMbnFjQOQ%2CAOrYGskDhqby7LAX6HGIbIzI8rmt9FRJo52Wg2__IFkHZA-ElxiKheDKya1iE0Fup27atXAnlQ73NvO8aEJTuWk&topics=3&tps=3&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KlJqRlN5ZW91d1pTUlh0Q1hHREJEdTBwa19BU3JjTUdoZ0dmalJIM0ktYkhsLTVRSWNqRGdRZFFmYXU2QXdITndYARI0CgpwdWJjaWQub3JnEiQ1ZGY4OGZkYi1iMGMzLTRhN2EtYmIyNy1iYzVlNmQ3NzVhMWRYARIcCg1jcndkY250cmwubmV0GMWKwqq_MkgAUgIIZBLOAQoOZXNwLmNyaXRlby5jb20SsgE5dzBjTlY5U1lubG1USEpSUTJjMWFFdDRXVVp1UTJsbWVEZElPSGhCY1hsaGJscDRRV3BxU1dJM1RIRmhWMVI0WmxVMVVta3pjbkpFVjBwVVkzZG1VR2N3ZEhFMGJXaFlWWE0yV0RSRWVXZHFTVlJ2VG00M00zWlNUVVp0V0RaMlVFeFlZazVLYUZoblpWVlNhM2hzV1hkS1NITjNaMHBTYTBWdVRsbGpOM1J5U0V4NVdBGJDmwqq_MkgAEhYKB2V1aWQuZXUYxYrCqr8ySABSAghkEhgKCXlhaG9vLmNvbRi4msKqvzJIAFICCG8SGQoKdWlkYXBpLmNvbRjFisKqvzJIAFICCGQSFAoFb3BlbngYxYrCqr8ySABSAghkEhsKDDMzYWNyb3NzLmNvbRjFisKqvzJIAFICCGQSFwoIcnRiaG91c2UY-pfCqr8ySABSAghq&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734987513944&idt=907&ppid=5df88fdbb0c34a7abb27bc5e6d775a1d&prev_scp=pbsd%3D1%26amznbid%3D2%26amznp%3D2&cust_params=category%3Dcomputing_graphics%26audience_interest%3Dcomputing%26origin%3Ddirect%26ECT%3D3g%26hb_rf%3D0&adks=3922983428&frm=20&eo_id_str=ID%3D7da85bfa1fe80eae%3AT%3D1734987516%3ART%3D1734987516%3AS%3DAA-AfjaM5Euaiy8rXBrn5WKVL23a&td=1&egid=31438&tan=8bfbbaf0-3206-47d5-8553-91433b2f1dc9&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
6d83b7257de49bf7e63ab2ee0e146b25c30e48754b43260324da0e910fc3e1a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
content-encoding
dcb
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 23 Dec 2024 20:58:47 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
content-length
10865
x-xss-protection
0
server
cafe
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0C3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
975
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 20:42:34 GMT
expires
Mon, 23 Dec 2024 21:32:34 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6F3A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
975
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 20:42:34 GMT
expires
Mon, 23 Dec 2024 21:32:34 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b-bde0e05-b5b90430.js
tagan.adlightning.com/setupad/ Frame 8158 		68 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8006523641cfe7752eff7fab6bb5a7f7d0881ac0d494447eb8541e5f645d2edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
etag
"777a63c7bb73394365962e8e0fd2dc01"
x-amz-version-id
tHAtBRpN__u5ySMyvqtc44KVZeaJWugx
age
4582575
x-cache
Hit from cloudfront
x-amz-cf-id
lim2m97is37oNdZaufHwSgdSUEwyKmHio9nTlUHuLkyuIrwCskVdug==
date
Thu, 31 Oct 2024 20:02:22 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 20:01:47 GMT
cache-control
max-age=31536000
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
25896
x-amz-meta-git_commit
bde0e05
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012410292120000/ Frame 8158 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"f2f37e2e78f77a16"
age
370671
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
56191
x-xss-protection
0
server
sffe
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 8158 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"981e33f595c3ea40"
age
370676
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
5211
x-xss-protection
0
server
sffe
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 8158 		95 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-analytics-0.1.mjs
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"5e018091947c60fe"
age
370676
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
29021
x-xss-protection
0
server
sffe
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 8158 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-fit-text-0.1.mjs
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"deab494dea0d53b6"
age
370676
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
1906
x-xss-protection
0
server
sffe
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 8158 		40 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-form-0.1.mjs
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"f2575cb9f4cf0f6e"
age
370676
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
12953
x-xss-protection
0
server
sffe
css
fonts.googleapis.com/ Frame 8158 		20 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f10.1e100.net
Software
ESF /
Resource Hash
7d219cea3316552d5927b5b7528f1192223374dd1b9dd58c48e5de057af6e3f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 20:58:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 23 Dec 2024 20:03:55 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
en_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8158 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en_bl.png
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
3004170791804808702
age
29031
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 12:54:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2980
x-xss-protection
0
date
Mon, 23 Dec 2024 12:54:56 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8158 		344 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
6766994032117382215
age
62569
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 03:35:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
344
x-xss-protection
0
date
Mon, 23 Dec 2024 03:35:58 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
l
www.google.com/ads/measurement/ Frame 8158 		0
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 8158
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C10VMB89pZ8y6JNSKjuwPx9bymAWs8uyGfKGAy-KGE7epnZ2KKhABII3kvSlg-br0g5wQoAGE-ZbGA8gBBuACAKgDAcgDCqoElQJP0N_7MR7vFWJdAmahBItHzNnAwTHB2-SfgzXXKuEe...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe2a7e80d18ab2d90000000000000000%22,%222%22:%220xbbfb17407987d4040000000000000000%22,%223%22:%220x518e1f...
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe2a7e80d18ab2d90000000000000000%22,%222%22:%220xbbfb17407987d4040000000000000000%22,%223%22:%220x518e1f1e383731e30000000000000000%22,%224%22:%220xea469b26eb7ddd720000000000000000%22,%225%22:%220xc2db4001994b2f9c0000000000000000%22},%22debug_key%22:%227235041901012047022%22,%22debug_reporting%22:true,%22destination%22:%22https://curiositystream.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22952482948%22],%2222%22:[%22true%22],%224%22:[%2212-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223287632011737160881%22}&andc=true
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:48 GMT
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xfe2a7e80d18ab2d90000000000000000","2":"0xbbfb17407987d4040000000000000000","3":"0x518e1f1e383731e30000000000000000","4":"0xea469b26eb7ddd720000000000000000","5":"0xc2db4001994b2f9c0000000000000000"},"debug_key":"7235041901012047022","debug_reporting":true,"destination":"https://curiositystream.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["952482948"],"22":["true"],"4":["12-23"],"6":["true"]},"priority":"500","source_event_id":"3287632011737160881"}
content-type
text/css; charset=UTF-8
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xfe2a7e80d18ab2d90000000000000000","2":"0xbbfb17407987d4040000000000000000","3":"0x518e1f1e383731e30000000000000000","4":"0xea469b26eb7ddd720000000000000000","5":"0xc2db4001994b2f9c0000000000000000"},"debug_key":"7235041901012047022","debug_reporting":true,"destination":"https://curiositystream.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["952482948"],"22":["true"],"4":["12-23"],"6":["true"]},"priority":"500","source_event_id":"3287632011737160881"}&andc=true
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:58:48 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
truncated
/ Frame 8158 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c453dedc4a5af386de9c52ac739c4584e27301f5efb41cc341e67d5c039e4e09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v62/ Frame 8158 		35 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v62/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ezgif.com
Referer
https://fonts.googleapis.com/

Response headers

age
366425
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 15:11:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:11:34 GMT
last-modified
Tue, 29 Oct 2024 18:37:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
36216
x-xss-protection
0
server
sffe
view
securepubads.g.doubleclick.net/btr/ Frame 8158 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8158 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstO71BDquD4trEDV1PFLBfVkTU9VvywdpEL1VfI9vkVTDm-150Sp2mQaIzatT0MifNr7e79DBQIejpCRQVwMfsoD2nvo7s__Evd7EU5u46YZVD86cclahZv0lKJn95RrOgsYSaTDEH2Dbfli7HV_eazUliSwfxwLqfUeAUAY3EYhAZfaaXbPlrxFBDiITvV7_2fKg&sai=AMfl-YRxfI9deqT73bbRcXhermmWHcbySiA4GA4KZ5JLhIfTG8P93uSZE00MiCvjUCSZX52i3I1pmR9z80pUCgZLg-Y_g3T6P7gjfnCSqDM_Ssp9HbwS8sNCQKKxIVAdHm4JBoT5iNNcaEoJPP53wak&sig=Cg0ArKJSzEejid2tbdvYEAE&cid=CAQSTQCa7L7dULeDl3KBacQo-MJBmVxwztYOSiIqIiU49yUHKcuDdhAFQZ8JJ36Gl4U7RheBxcHPwrIS6ilhx_nLfhC8Wvtf2nNEQ2SJuaJWGAE&id=ampim&o=762,28&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=134&tls=1134&g=100&h=100&tt=1134&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Dec 2024 20:58:49 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 050A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyAHs82KiVgv5xCPhHfKNPwEd5FFxT8m5a93xudnrzhecylCJziPzEn6Edt0n8deyeCRVJ7J-Amq4VaXbOvCS4GMbt89wIQXF4tlwdu-r7pwQewicXLL_ornRDj3t24TFC2ihr3lW5Fso_B3k-84MPm9JPJhvNti0qjy3p0XX3X2G1OBZfqCP48vHU2zjfDzshDpovTflxl7_u_vBt3ZaOOYh37x-Za-TkHKrlOr7bCUErWBZ42sa4XRa4PuAXbKrwGF2stlnXqS0OOElPOXEpcKMaBcRjxcQVYlt3GAF66wKXoajHmpUIDl7rp1znkD6fX8EIaBPWV3FoVWFsFJZMKz_EyZ18vFxGumtBya4tjPoTH8FJVH7jGQ_CLhoVzcW_O5YfNCIOMsldnElSB11MTIT1mmjQHyOcaCtv_mvVWHbU&sai=AMfl-YQjDdJqPoIXX8eOvl_B-xJSs94ILlFz_hB-FY1rZb2veAq6PV02FEzLvxaE_thGXC3p4v47uQrUB3HaWKUsdkYabNrNlnavMIQdzjiwOAM-Zch-RJ9bLRAgzVWDKet7sVQqnZG2oAVKJSFM1oylaslkB35zx6_MkCdkBPJIhTwo&sig=Cg0ArKJSzCkM6LJ7bcBAEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:49 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:58:49 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=345310670493965&correlator=4222589697923519&eid=31089315%2C95349035%2C31088252&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&gdpr=0&iu_parts=147246189%3A21770999482%2Cezgif.com_300x600_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x300%7C300x250%7C160x600%7C120x600%7C240x400&ifi=5&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D2abe36590a488876%3AT%3D1734987516%3ART%3D1734987516%3AS%3DALNI_MZPFHNbl6ZNQguBERin9bVoPuPRCw&gpic=UID%3D00000f7abbb44c1f%3AT%3D1734987516%3ART%3D1734987516%3AS%3DALNI_MYWc9D1CBqpYB_oh7RlDKOYazZ9gw&abxe=1&dt=1734987529979&lmt=1734987529&adxs=126&adys=188&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fezgif.com%2F&vis=1&psz=300x600&msz=300x600&fws=0&ohw=0&psts=AOrYGskDhqby7LAX6HGIbIzI8rmt9FRJo52Wg2__IFkHZA-ElxiKheDKya1iE0Fup27atXAnlQ73NvO8aEJTuWk&topics=3&tps=3&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KlJqRlN5ZW91d1pTUlh0Q1hHREJEdTBwa19BU3JjTUdoZ0dmalJIM0ktYkhsLTVRSWNqRGdRZFFmYXU2QXdITndYARI0CgpwdWJjaWQub3JnEiQ1ZGY4OGZkYi1iMGMzLTRhN2EtYmIyNy1iYzVlNmQ3NzVhMWRYARIcCg1jcndkY250cmwubmV0GMWKwqq_MkgAUgIIZBLOAQoOZXNwLmNyaXRlby5jb20SsgE5dzBjTlY5U1lubG1USEpSUTJjMWFFdDRXVVp1UTJsbWVEZElPSGhCY1hsaGJscDRRV3BxU1dJM1RIRmhWMVI0WmxVMVVta3pjbkpFVjBwVVkzZG1VR2N3ZEhFMGJXaFlWWE0yV0RSRWVXZHFTVlJ2VG00M00zWlNUVVp0V0RaMlVFeFlZazVLYUZoblpWVlNhM2hzV1hkS1NITjNaMHBTYTBWdVRsbGpOM1J5U0V4NVdBGJDmwqq_MkgAEhYKB2V1aWQuZXUYxYrCqr8ySABSAghkEhgKCXlhaG9vLmNvbRi4msKqvzJIAFICCG8SGQoKdWlkYXBpLmNvbRjFisKqvzJIAFICCGQSFAoFb3BlbngYxYrCqr8ySABSAghkEhsKDDMzYWNyb3NzLmNvbRjFisKqvzJIAFICCGQSFwoIcnRiaG91c2UY-pfCqr8ySABSAghq&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734987513944&idt=907&ppid=5df88fdbb0c34a7abb27bc5e6d775a1d&prev_scp=pbsd%3D1%26amznbid%3D2%26amznp%3D2%26hb_env%3Dweb%26hb_adomain%3Dc-up.co.il%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.12%26hb_adid%3D1071cc2debe8ad34%26hb_bidder%3Dcriteo&cust_params=category%3Dcomputing_graphics%26audience_interest%3Dcomputing%26origin%3Ddirect%26ECT%3D3g%26hb_rf%3D0&adks=1863772561&frm=20&eo_id_str=ID%3D7da85bfa1fe80eae%3AT%3D1734987516%3ART%3D1734987516%3AS%3DAA-AfjaM5Euaiy8rXBrn5WKVL23a&td=1&egid=31438&tan=8bfbbaf0-3206-47d5-8553-91433b2f1dca&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
21ffbfaa7d715837deb3d6bc06f4b05ddc2938ef43363d4b78cba3e188c7df47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
dcb
google-lineitem-id
323971949
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 23 Dec 2024 20:58:50 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138303033635
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
content-length
2514
x-xss-protection
0
server
cafe
b-bde0e05-b5b90430.js
tagan.adlightning.com/setupad/ Frame 064E 		68 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8006523641cfe7752eff7fab6bb5a7f7d0881ac0d494447eb8541e5f645d2edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
etag
"777a63c7bb73394365962e8e0fd2dc01"
x-amz-version-id
tHAtBRpN__u5ySMyvqtc44KVZeaJWugx
age
4582575
x-cache
Hit from cloudfront
x-amz-cf-id
lim2m97is37oNdZaufHwSgdSUEwyKmHio9nTlUHuLkyuIrwCskVdug==
date
Thu, 31 Oct 2024 20:02:22 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 20:01:47 GMT
cache-control
max-age=31536000
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
25896
x-amz-meta-git_commit
bde0e05
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
view
securepubads.g.doubleclick.net/pcs/ Frame 064E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstit69pauuXvKS0sx0l2UlSNm-373HvCu5E80CqBRAmzAZWZ6E1DW-Aw0rKKBgLgeXaT7r25r3ZTVWOqS-gaPBN0B-S48ofqSHVwUk5bVNkJc7aOl-8xt_krEw6PQEZva3eeuUFfugUHFfoe7iUi4rNu_QEr7vhonpO_Sbem0uirKHZuKU6OW7jFZC22Wq5gOut61YU5jLYQLWMICbvhKgJ5HwrlbVcdLdkwJT3IC_2qVyVUdPyyk3KhDJ9C9xkrvcB4QxfkkcgpZX6kebX8cW1JbTFkw_PTKOFdJc0bQ9pNFAbxJaoU7fDlPrv0JvRLFdU0iPQOwCaoV7bZwQrvB0kMclzQy3t115f3QR5_fAwH_0cD8r1Mxw1TtPh7TkCYPS7Q-qqnyEaHuSqOuvgCemQPpr_cOQiGeJCjafTXhVH8A&sai=AMfl-YSSB4CiYkwgwlzRwirsvk-YQCARIcbdkuFFjYqyeE_P6z5Wqc5NH4j7txsldEKEVKLxWdyOJWznyRRJv8tB_3eISrgyt0zdE8ijgKQEeBC8FRwA5u7f6ElU3ANZwygPhdLMNwt1aapNjze0V8s&sig=Cg0ArKJSzElO0cR-JYFvEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:58:50 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame B3BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJzDdBDknrPhGBjV4OWlAjAB&v=APEucNX69PGDge-XX9rfQee1vGDUEC0bGBzQ0sDMDzQUUbMdNzEPeiovg9rOZgooNkuag3QTJVUnCkyZYJjHbXaz8fKJ8j-VjO6Q0omkUrXpsu32QYRWHWE
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 20:58:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 064E 		105 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
d22438a908fb754c1bd6e2f368e8f43bcc5092c126b5688d0cc14b0804727585
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
8686496304925888373
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:58:38 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
36916
x-xss-protection
0
server
cafe
sync
x.bidswitch.net/ Frame 064E
Redirect Chain
  • https://gce-nl-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=e956d046-38fa-4e19-bbe5-64f4a598c858&google_hm=ZTk1NmQwNDYtMzhmYS00ZTE5LWJiZTUtNjRmNGE1OTh...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESED-h_E8_eS8k_5fsBQ603-Y&google_cver=1&ssp=themediagrid&bsw_param=e956d046-38fa-4e19-bbe5-64f4a598c858&gdpr_consent=&gdpr=
43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESED-h_E8_eS8k_5fsBQ603-Y&google_cver=1&ssp=themediagrid&bsw_param=e956d046-38fa-4e19-bbe5-64f4a598c858&gdpr_consent=&gdpr=
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Mon, 23 Dec 2024 20:58:51 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESED-h_E8_eS8k_5fsBQ603-Y&google_cver=1&ssp=themediagrid&bsw_param=e956d046-38fa-4e19-bbe5-64f4a598c858&gdpr_consent=&gdpr=
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
393
date
Mon, 23 Dec 2024 20:58:51 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
opdYGT8aJHgb9zC5fQAPEuhNaWtSKyj2K1qY0xgn4vnwrVUd4Mv
media.grid.bidswitch.net/imp/jPN7qLrkX6Zr2FICrqViNfzBdFomdjQe7ft66XD6Ukb7be9U4funLomkCvpLiZdeM86GpqV2we07L_3c9hPJWyEm0AyXyKCGy0MZ7AUKoWk_0e7Tygo8ciWYEvhFjKMugqT-bwgBaWKPUOTqkVRtGSxLmWnft6KOyJrCvszX... Frame 064E 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.grid.bidswitch.net/imp/jPN7qLrkX6Zr2FICrqViNfzBdFomdjQe7ft66XD6Ukb7be9U4funLomkCvpLiZdeM86GpqV2we07L_3c9hPJWyEm0AyXyKCGy0MZ7AUKoWk_0e7Tygo8ciWYEvhFjKMugqT-bwgBaWKPUOTqkVRtGSxLmWnft6KOyJrCvszXMw4x1D53Xgu-zmgYg_Sk-xLtOFXTPTeLeyuqEquTeIrzepTT59b9GGng3Q9T_B6CjlHYigYmdOl0kLdN8uiio6ourykz4wyojK-AsZh2Zjrr9Xx24UUex2hqkzVlsW-fMPoKzjWVzzs-YrsFYeI98sdhzQo0UjZLD8DstjULjihDBAT87H1hhQaNeM2AGuvW21mN5zOSnCOrVemNCsafeQ7rt-4XAJio6KY-VuNk1sWhVntBkg4_WW_eVF1o36w_aKAwWkbc3poAaJYtxKc/https_A_B_Bghent-gce-nl.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCsqhQ-85pZ7ziM4n1x____AP3IWr0Qug66vwe9jexefbE2QQASCD____eYfYPm69IOcEKABvN____1-D3IAQKoAwHIA5kEqgTfAU____QPiJX____tEpXynsXIgazpKsYRFCZajfa26KMLyou4fDs1vVpSwWAOmyRyAh56daEjKlNq77UTEt9uykYQk2l7VpqGkDzpzt1oCs80klb6Flci1Cs3QWTa____PiXzUyJM3DuEb____rRL18kGt24PsiZzv6HKJctuLe1CRne9sM3UFLjPj90wi47Nw-weaws7btoymSr____kjvBdr1FAHPh30PpWhSdyVaxUaUfTeoEVITMjwf____mXil5H2PDNmBMtCdbx0ks3ZpKMhV9jqoMQEHnqsv6F2gMnLMWmNQtgGFJqvEXNHABJSZp____7oBOAEA4gF86aM50-SBQsIIhABGAFIjtG0ApIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGAoAHvJfG2BioB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcKEPXTDBjV4OWlAtIIJgiAYRABGF8yAooCOguAQIDAgICAoKiAAki9____cE6WIGlyZTkvooD8ggaYmlkZGVyLXRoZW1lZGlhZ3JpZF9hYmU0MTCACgTICwHaDBEKCxDAjZzOvuOKs94BEgIBA7ATmpfRGsgTwcqK5QPQEwDYEwrYFAHQFQGAFwGyFwoKBggAEgAYABgC6BcBshgJEgKtURgCIgEA__Jsigh__R9Vkk-98vWAo__Juach____m__R__U5BUACH__U5D__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSSQCa7L7dD8BCECpmYVvHOnh4SkWGDXl7jLwxlr5n3B5UXYucQs6h8lswZTPlxdMgFKp1QdzXlTHXyh8djKvHygr6ezbfOOTVEsUYAQ_B7pJs7hz4b3qxPZ4rH-0DeLpPVMdY7rbd8xmKAHCeHJsMQpLcBU44__HaELvCTOMNsHR9NPh6ej0X9UoW7qHTw6ENOB1__eer4K3zuEm4kVEtfvGpT__Wb__JP7KkWz6UkoASpl9Cpj6vywaJEgXZo-lbWpRHnzqbiAK0BH9i5mmXyJjTFc3kypmT0p-OdeMAj5gGclItG0mbEGOrr__scnEU7__nqWd-rCjday5BRmBT6RXhC__uPSvfE9KMXrxOazKSK6HQMMHv4EVHPwaJwqb9im8lTDITkKCnAESDqEDiMxIx2J5QXvFjS5NqTwqMZ4WoktUHfJPseCNZnglOhFsaDIXsgBiFhcVfbrqWzWiOFJGBXBuGe-IdeJH__Z2R2KtKq-mL30oNWx0yrhnHh9EsuSej8K-2MvcBBxmVU7tPFppFPxNCCtYyfWsYJuQhfWTbEyc1tLPuG08NFwh3cyzfwHHBFYZ5bb__reqiPFESlsTz1GS6qvqOX809xkLg129__clpofjkh__TwGLyncl5dP5HqjnMLZ4uTR6RDS9JpTRj9sHZYnQ2W8b5P5sCwNvoaDN2-kFdDD-0USc3cd7WiF16Qeh2SWoxPpK7fCKUDNvG-uGYMzoQ8chaI2CQFAQAfoggps03UBAaCd6Fgo7z5EjHLXRP-PGOXPFjjZQPO7uEfpvp0SKlFhmpKDQlXYxCMR0wnR5D9CW0pSbqfukYNlPqlFrCzL4zjjmPzDb9a__5r__66m7fHDtsst4OPVzzWIm-AbpQKVnGsTjHIGGM9XFU3ItdBztbz7omFnaWsDU-JivN1MvXts2VZSQS8sZiuYAS63l6klyX68EE3wMvh5QfTVmmz5R00__lNBfFDLPuNEP0ipYuCoxPPhla__f4aK0BLpEEpEPSQv2oKA9L3x6V1lo4XrhWOSiUPamPDAX2UYIVFJiatzyzWLBcDIOQ2ZChSb5vtnRkn5lo7bk8PSCbFEvb0Z9PlPtxeYbPEhGrmLNKXX4BvKafFPMo8VaQNXHZRpIWpJ7gF2erc__B7C8h0EhKjGXHUteowzoF5EE5ZF4NkVmIIuFpTMs2qk0-WzVRHRKpRxM08jFwevYVSrGs4x867__2nFlRMUYfUOJf6PshKAeXu9My8vAPbJUvJa8KEqMKvmEZscONhKJRwL7Y32Z4E9oKsDtScvAGwUkut4cbby80BVWUBntMC8vQ__tVIE2SgsZmvnrjqI9Q1JFvXwykFW9yN__YB1-9ZcdaTvio3C128YYw55PInSImAV-Xg_B/opdYGT8aJHgb9zC5fQAPEuhNaWtSKyj2K1qY0xgn4vnwrVUd4Mv
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.214.200.194 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
194.200.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
43
Date
Mon, 23 Dec 2024 20:58:50 GMT
Content-Type
image/gif
Server
nginx
Connection
keep-alive
cookie-overlap
grid-mercury.criteo.com/notifications/ Frame 064E 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=ezgif.com&bid_id=2-18aa3a78-b108-4b33-98e8-fd51a2106adb&ads_txt_id=A6ODQF&has_bsw_id=0&bid_price_usd=0.130599
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.59 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
date
Mon, 23 Dec 2024 20:58:50 GMT
server
Kestrel
cross-origin-resource-policy
cross-origin
tpd
cat.nl3.eu.criteo.com/ Frame 064E 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=uBbGlV9PWktPNm9JclR2T2VqN05mdyUyRlV2cVdlWXA3M2l2RHRNQ1JDalE4eVl4VEl1TjY4YmxRdzY5MkglMkJnS1FTRDFrUVk5UU1jJTJCZVk3bmVhS0xsNE9QUlZuazAwQmtRUm1sZEM1a0dpQ1hFR1lMV2w1ZmF3UDJ1YXNScWNpUVp3c3pUMVNuaGJvOGd6RTNldXBObmplWUdRcUoyM0hsJTJCUWxzOGcwN2NCZ1lpZzMyWTY2WHRnTWg2WXdzVGdkb2E5RmRubXpFSlZTak0lMkI3UEhBejkwNjRFMmlNUnZhQ2FhSlAlMkZRRDl5S254TGVpUXdnOTZrRXptU0UzUkpEckgzaU9BaSUyRmQ2RnA5ajklMkZZYkVpZjQ5d0klMkZ1akx5MUJ5eVNseU5BMDF3TVVnYlhkQTBQTlVWbnE0WVUlMkZvQyUyQkkyYW1BOVUlMkJXNzNVNzU4WG9VQjc4TVVnQU5DTzlrbm02NkExN0hTcCUyRldIcmZMZXFlVU03N2pMNVZDaHdXWnVLJTJGUFVrRG9VM3NCNWFzbG92OHQlMkY2dkFRU2ZKeHZINFQ1RE9oRThzV1hNWXRYeWQ4biUyRk95TTRPaFdTckdqM1hwRlNNSjl3dDN1JTJGVFVnUGsyYlRJUHE4elZVanFENVltTnZmUWg3QyUyRnBnQlRVcXJ6QWFUWE5VT3V1b3glMkJrV0ZEeW1BcjB4RndldXF5YkRmMzFTWHBwamRmSk9MZGlsRTZXSVk2Mmk4dEFJM1I1MklLeXUxUkp0MFR4SVRucXpPRGttYU1JSDU0QTdNaEtBeFFCZHg5NVNHOEUxNjNCQlBrY1VudjRkUlIySUNHaVN2R1I0YjM5eUMxYjlmemxybU5rQ2JzSmh3dFRNNiUyRlNidkZ0NUM2JTJCY2IlMkZ1enE2YkJ0bzd3JTNEJTNE
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
access-control-max-age
1000
cache-control
no-store
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
server-processing-duration-in-ticks
269545
access-control-allow-origin
*
date
Mon, 23 Dec 2024 20:58:50 GMT
content-type
image/gif
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
gen_204
pagead2.googlesyndication.com/pagead/ Frame 064E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BDG-Z7Cmi-tUIimUTdmuEnP0th3tXH7Iq-fJeqk7wmyU0-Vzn11iOyKYWYa-7iccl_KFtYWwyIfcwwi89JuycnDTaobbxCkAoSz6Zd1m3EDu9tzrw
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Dec 2024 20:58:50 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 064E 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
437
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:51:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:51:21 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 064E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1635063617661&version=m202411180101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:50 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 064E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1635063617661&version=m202411180101&ct=2&x=38&cor=17358347032120576000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:50 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ad
googleads.g.doubleclick.net/dbm/ Frame 064E 		84 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Byo5N2Dht_XtQ3mW3DqzrvNqSVkTy62TPtbK0u2jEQz8V-zpW92dbyePMdkKlta-BQUOfhJweTdOUQDXd3jaJ2UH6yEgu3b9vZLaQYyou3OC8zZdoFqnZZZHZKOou63PhHvVfJZCh2jD3b-lyYFKVsguuRaCQLyt7Huet5NWjrzJrh-ujphRaQ3FhkFJVwckae0LHTnqAX2Nv7Gdsg2SopGwZt_2jyTMToDiWED_nnfOTRoX8&cry=1&dbm_d=AKAmf-A7LcD9Zt36y79MXmxdGTvMlF7TbBSNimn9P5qyuMXOhncCRuWookUtwtMXp0dnvAhJGACHDlVAiZ_jfhbh_MOhS0VD_H3DZiW3XqFp_Y4qYLacJ0TRhi34KCpu52WANa0RUl0MD-MhVaP5eMOMrYFYBuSbYCjM6m0VFl0SCI-F_WtJvPqfJIlOJRItehzGiSz1Y68zX2b3Df0L4aWEPHMZonVniyO4KxsmNKZG_CLuD76P873fqe3ETmdXmx2rQys6vTkcf9z3RFE-RBH5ZIPvvRqvs5odN9J7tE6W7JjOCnRV7bVcq_akHSwNslQjr8w2btlweucdAm749e3L66ZFcoZU_KI6MUrq75uaEKvs08rsxVvjUE-pizN780cUnz2yuIBr-POS-3Qf4HkIcACs0PF7mDiMU4q9g6BBXacx3jzZREBx9Of48ILLLFsudvKCzuJr1gp9FIsxTkQ_TOlpWY9NGE6W_6ZjIrvlxM4OURZT0Gm_fsukWSwaXE_M7fPoDF9DF91Y33LsRqwrWcFrlN6D-9JylDzMjoemuN6Ld-rprTe7iRW7Cl4Ke6CUBH2c-gLD2M6Y0PJnR3DlIHC7o6qGg92P29p_zAEGvimsPC-6-yF5yvc_AedvQ3p-ftlQpH1iZ1heTwHdlo9gMp1zDdX8HFv8PRhEOJGSYipVXs3OfVpBukgZ5Om8Nh9ESlHcP1ULMdUR2TRdtyQ-4Eb0cROqkgMl-pufDXoGDzma68O9HHGvqA8gZ4FXjpYmgjtD_NNWlkNCaGvxJPPO204Z3I28vi1XCfQOsVFVHc2AZ9pvdni-z6lGpuKMMSqDS4mBjok52ItLnYhMU6UGn99RgniD_nuTBvo-7FxciUwWZ30Si9ggav4ERiCFBLlWt67I6xXB42RH9QtQY002D_EcxisGVhgr9x5l72PD-pHTAXTcUsdGrbU8i5Cz5LvbeaQiy0Ru7WUzPsRGOcHowwgd6hZvYC1-h7jc6uOAJzboqGLAQOJzbs_tUvU-8rQJYxCUnfne13yCB9a_2vO6A0nERoawAu5j00dyccwqWJa6Bnpjx1htiP6_T-L_evGv6OTugzFGJkVyMobxlP-xjP8MRLKbys9TKeG4pJOjoI8cZJEa5nzCBcyompJ-5BQWdNSQ4BWjbKiA3KtmUwwdgOWEnt79tQfiS42ExrHTNpAerAUmvjdUstUL0UpaYFIWj1jR2hj0KyR9QEfobTTIGOolc5cbO-Zglx2dci-6fDxunJrul0TnmePaDECKLRASUQ1K1Y9FVZ5vo3bl0R94HWQlH5WWMm6Boqz-7R6vmiVAHYMnOW_M1q_VMbYwws0d-oV_cUC69bXAgN-bbrBdkVK3MOgsDVtOtR_BSACpAnxDIZbTqNRj2nbeMlQv4JO6VSmMmRmpaLryobHS7fLbAS4AVxS6fyRu0svqL1rSfpjxYPGbGzGedGB19_21fmPHbw7Rsb2BHW7HQX9uAelGgLf6swdIKp7GVZWe8gTdMtPl806blbsSY4q_bC4P01NXCKTvsxgjQlKn-wiBxJwm7bfIJzUBWOmiehfo-s-OuaCucufFL2Dt8C-W14tqzL99f-qqcBmArw9BBXZ9e5Ed3o_g49KGhnbm8CX0FLens9sNlnM_R1dYFli5OQQUeK0ZHy_J2UlHmBtN9DhTkrYsf0orQj5pJ9dg7Dqw2RHP9jQNBph8vwd_3Hq_hIwLbiB208ThfyaQuUpJ9hj7e2V0CyQMKzd1P2cuGY81PsJZKit-Mkv62qgD1vPXuKGruVtisyUKw4NUf7q3nvAKQK3Y68z0RIwoFLE_IQiaGNICZX6dFBXtXIdYR1nQ6p4J1xtaev-NwSMvTaaEB6lwxVS_fUHA4n7NShqtLR-YfYIjjTmjSVRW86j5WmNYQtQkGtaGVuMfYP0eQieFCSg7VWi0-uc66Twp_h8UCrgciZ4bTM4T2cluj4ftzyMUvn9pCiCGdnXblPWJFuLR4h-k6QHLE7rcioz_P8thSeMPqEoGBoxOzARrA_NouPhn7nEXypFzkrrAGvr1rRuO6asbZMvgGTcUzGvavMeMeuW9dZfl7Ox3nK2ZfQO1j2qodOjqM25zGRsZzhImVe1Zv-xGI_cxjiyukvAyMHvTMrEwtOLnsgMqTKoM4n1xFXbM4l0N9M0GU2AqpQ3BAmDGaYEjoxMWhln3K2BQkX1SDOAen1r3leY8h_xTMATy14nPPRaYl_hiGGO16deNH0hRrmTewDh6m6icsS75Y5_U7ZkpGwQ_F0YvNn0BPlB3YqRUPhauVLtM21xq1JpwoyIpS7SYyItpnJy-IaYp-Gp4aog1hXTzkAqohAkcBwMNlJxMIuN4ITEE40IEfdbkglnYlu_v3Re8if5DodQXr1qkGySmF3JeS_hYZiSfLVwBS-mohgF98F8zC5tP3TDSncTwNuaHW44GomE3SAQvYgazejHdWTEKuXe2ZxcuxNN7ZYi0MCi9OjS3ptB1qup94YFke8CjbPMCIfSVCK09eHhscEUFHLGO1AO8aiAxVZLTJ9N4owQZqIvhjR6ZErTcEJYyjhGAhpYj18HJZu3lYaQkr_Dh8hog1ZZ9WSW0vHDrJt-xwDIbzB-JNgr3w9yw5XLNLvBVtAYx0naleONwPpEhaM6jBiKTlrdQz7bbIfNt4U3D7-1raFywRvsa7i1BZK8SjWgcxYeb1aXKl-foRj6PZxjRlPNkr-cedmrEu6CJuyrvNKZpnIpH2gmDbtQpgwNJdqbRuJzgF6v-hg69a5umZt7_OjTnmU8-EDktUnAYCxGZ2ZKRhXLIaW6iFCQe6ECP1hwsP1ZLXYJGx-n2OMyyWAQaZXM6sMJLpXWquFA_Wn4YEAf3q1AiFx2q4yXhV3cxODicVsP_0ov_2LXsoSkkk029AQvD0q7kBAxBRNUzY4Bo3MHi86XUNc4FJljXdDCpysS_Axd1Lp0UM_4IDJM2eS3UuHCvPlVJw9fBIp8MaeyQxySw6jaHtqsAbBH1qK5OMetGJUTtyMX6ev624GkjHWTxdYg9_kAia9kU_N09bITCThP4tMnNf632HWJVF-lDYfq98V8g87mc7-K3RwYcUkgBkFh8bL9Gl2H3rixJsRycWZBPc_WmBfpAxrSX3SBh52vqrRFN0HqrqgzD_rYimKQgp4U3NiAVukhAxWDsa7bFEz18Fl2KLq1LlhYgL8zoGntKH3TUqiSiWLQU_xaOn8swyLUOxztOLn0wkmhXHNUujB8rmbaUCBn7YCPDt9i1lsN0nAYmX2aylJMyqKVE1wBGaQPhG10XMQu6W0KQysbJZa66MF61u0JuPP1l3h_hcC-mLrwiIaAUZzizoqw94E7li5f4WUHeyeaWdj96cNJed0Dj7Y3nqzL3WofqNIjYRtcAf2DI8JrXCOnbL3gsrUPFz2jL2jnwR4WedtTJtR77bk5vqiD0fgs8ZlOwojdHyvMOXcESWBNphSq_gSNef5WqGQRR-TtXvZI-IDit3_4AREwNECsMbpWgkKZ4Q8TTINRpIQurd1n4icRRE75VZ9Go0CByhKebldgFRxTFLZBNfUSwmZbY1cHALzbQWjqfXcAvoFD--O6L1MI4-03MBTrf4duRkpzI_pxYkPJDpXe6jdZXPHp-Njqx8yG_L081HgzFKsw3Nm9ZINZUS2k4-7Vogsk3bT0cDFjGKQvY_CQgEWLLYFE1_KxotcBp7NfZhLrbn9t-Y0W0ohMqxBOVwdHrh-HPiHKFCswp0W16J6I65mt0Bgodp963vmQonO6gvLnYqq6_LSUpIeZOau3wByKQAp2RXXtLBptaD23uQoIEzgEiTlL-psQA_i_zxFCz9qp7vaHHTTu3zCxKBj5jg9V2oIuQYLZl3JtAghJX1l0eHhpI4w9S6B1yiP-0OosSSuuaAg_pruit8OljEc5Ge04GQiy-V2QNVknda8C0AW8RIGFSZMB7oYuyxEf9mC5WQ1Dy97suEecmWmTEfnhFXABXnA9ifknjIIlcYIQZv1t5sLf2V2_8xQ5Iz0lgFJZdkP7xm2uybQ3Ct46AMhy0QjPf4q4fU0SSGfBrGBhzM3pGbzcahJxoI9WQ05xaTLgA4gGC8TmgScF2yZBtGSirJGaLvskrvg3jqWnzehs&cid=CAQSSQCa7L7dD8BCECpmYVvHOnh4SkWGDXl7jLwxlr5n3B5UXYucQs6h8lswZTPlxdMgFKp1QdzXlTHXyh8djKvHygr6ezbfOOTVEsUYAQ&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202411180101&nel=1&rfl=https%3A%2F%2Fezgif.com%2F&ds=l&xdt=0&iif=1&cor=17358347032120576000&adk=1653260602&idt=3&cac=1&dtd=40
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
dd449afb2d762c6d43e9231f9bec690301917d86c2fd570e21878f9f6512158d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
39450
date
Mon, 23 Dec 2024 20:58:50 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/ Frame 064E 		30 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
39eccff87303e4def8d131109b031c3a973ed7163d9739eabdbdb1f5b710ec73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
1851978643320982193
age
15051
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 16:47:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 16:47:47 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
11583
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 064E 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
216
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:55:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:55:02 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/elements/html/ Frame 064E 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
39761e2a7cb0e42a8b09fbbf0d2c4cd9fb0c1568c045b1c5e387177dda8ff064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
5098607549323971572
age
15544
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 16:39:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 16:39:34 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
4393
x-xss-protection
0
server
cafe
view
ad.doubleclick.net/pcs/ Frame 064E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjss9nUjrDSymQCczAaMoKciGR0_LDsFVRJKtvCfMHQoC8UmME3nw2QsKtKxgFT0Qlq4QjOK6XbiQ8YkJmc-uvAfjH9u9dpKNMGmG5P0hZJ1BNlzY7rwKUxLyQ_ZGE8hXY1KlbkTn_QlqPwBd6nPVzxxNULczcfDup9C6U7ikCLzSDk4wJIzzBcpnOe62yOItcCCwM48httbrbFoiqfR8gbbc7A&sai=AMfl-YR22JTOQ0wQAuZwatYryQzXlh3nMbZDYyX2SrIEad8_wBpT7RH_L_TXgQ1OcKLKd0-h41fwa-j7iqyG29LBOuepSe1btx8PYFxoOCej8AC2U_fMrGRqnnfx66-7sANhidfSuhRpgsFrr0Nu2k9HWOXmHTqKJ3PzHibMncy3zAWNCYHtQfQ&sig=Cg0ArKJSzF4iIgiNDz_LEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9taWxlZ2EuY28uaWw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20241212.76869&arae=1&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:50 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:58:50 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"27783644":"0x4d37a4adccc813c60000000000000000","27783645":"0xbd5985b9ccf811d60000000000000000","27783646":"0xba1268d1630a4ec80000000000000000","27783647":"0x6286a0edb7652d150000000000000000"},"debug_key":"7354732474261026002","debug_reporting":true,"destination":["https://weshoes.co.il","https://royalty.me","https://milega.co.il"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["105835932","105835941"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["14674086"]},"max_event_level_reports":2,"priority":"0","source_event_id":"13467137662621818435"}
server
cafe
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 064E 		41 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
age
1282
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:27:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 20:37:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
13937
x-xss-protection
0
server
sffe
15135654432974524970
s0.2mdn.net/simgad/ Frame 064E 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15135654432974524970
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f6.1e100.net
Software
sffe /
Resource Hash
95d7a628dccc8580bb87e11944d5ddfc905e689cb2aaeaba2411caf9a3dbac18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

age
461137
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 12:53:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 18 Dec 2024 12:53:05 GMT
last-modified
Sun, 08 Dec 2024 19:46:56 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
31498
x-xss-protection
0
server
sffe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 064E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:50 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 064E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:50 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 064E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:50 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 064E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:50 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 064E 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a14228359e146bc5a1ace01f3f9fb68f3af5a855402642bdd83d689b328fcd4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
view
ad.doubleclick.net/pcs/ Frame 064E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjss9nUjrDSymQCczAaMoKciGR0_LDsFVRJKtvCfMHQoC8UmME3nw2QsKtKxgFT0Qlq4QjOK6XbiQ8YkJmc-uvAfjH9u9dpKNMGmG5P0hZJ1BNlzY7rwKUxLyQ_ZGE8hXY1KlbkTn_QlqPwBd6nPVzxxNULczcfDup9C6U7ikCLzSDk4wJIzzBcpnOe62yOItcCCwM48httbrbFoiqfR8gbbc7A&sai=AMfl-YR22JTOQ0wQAuZwatYryQzXlh3nMbZDYyX2SrIEad8_wBpT7RH_L_TXgQ1OcKLKd0-h41fwa-j7iqyG29LBOuepSe1btx8PYFxoOCej8AC2U_fMrGRqnnfx66-7sANhidfSuhRpgsFrr0Nu2k9HWOXmHTqKJ3PzHibMncy3zAWNCYHtQfQ&sig=Cg0ArKJSzF4iIgiNDz_LEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9taWxlZ2EuY28uaWw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=47&vt=11&dtpt=46&dett=2&cstd=0&cisv=r20241212.76869&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:50 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:58:50 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"27783644":"0x4d37a4adccc813c60000000000000000","27783645":"0xbd5985b9ccf811d60000000000000000","27783646":"0xba1268d1630a4ec80000000000000000","27783647":"0x6286a0edb7652d150000000000000000"},"debug_key":"6181337566316891340","debug_reporting":true,"destination":["https://weshoes.co.il","https://royalty.me","https://milega.co.il"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["105835932","105835941"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["14674086"]},"max_event_level_reports":2,"priority":"0","source_event_id":"14128967556101361396"}
server
cafe
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D984 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
975
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 20:42:34 GMT
expires
Mon, 23 Dec 2024 21:32:34 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 064E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZrPBxPTLG5NT1Z_hfBaJt_f2eZ5eSBsOMgNw0CK85VKvbGVabMIexcYDUrYSLExEBRfrQTKxgGPLHp6_-Y_C036tyJL02W8s3x7uSgtG9_DZYCOphxfSEPPp5kFiiu2bD9CngtCThD-bxOTEYEcx1bOYyv6kUk6CEXqKzOXueTEe99O6RmP5FSJTcNBxeaj06c42J4QyhHf0fUMH2Ni2P-6KXWsFUT7GmQ_Fh0Y1n7dGUkkfS_D0ORYCuYO1qJ7Fc3Qmz-HvGXlSgD3VnYrFwCBvBUznIfSCM3nwnWXGdumIyrGZmcE21h8Q4N9-ys6uOYs058xzsgKaDKd6BR5KQ0UWAPyiodFSOt0VNafPqinXZ-16JVNMGS6SZS7InkOJZDqzqQAeLz8IOcKqltFreQn-UlWvHu3r8LYdP5eCQD2WL&sai=AMfl-YQPkRl9maGIgK5KgJhDduklXVsKNhgyr_sxlWWGzLtzW3MeCqlj5qLk5VaSQa4GYXhR2KxNVD0K1etiDsrQmr-YJYcu7nzAS5du6OstmuES6wasYJ9y2h9n42qmpUCOkuXAQhKVsHclcGAeqbY&sig=Cg0ArKJSzCgSBZn_cIsvEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:51 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:58:51 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 064E 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssX-V1Ajy1yE8HTQmRzl_vZQkX1iwCHkzWHwsdoAjerHFZbzekBia2sphND3diMTjqk-Lohigny8SFrEIFWl5S4siEe4blkEJd2evs5Stq4gERVQyMwHn6SZhT_nZB_qnLMs3zVd5USM2JMrcZYnSI&sig=Cg0ArKJSzPfeenh-q2SnEAE&id=lidar2&mcvt=1001&p=0,0,600,300&tm=1034.7999992370605&tu=34.29999923706055&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=1653260602&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3092033000&rst=1734987530441&rpt=320&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Dec 2024 20:58:51 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 064E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1635063617661&version=m202411180101&ct=2&x=38&cor=17358347032120576000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:58:52 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 064E 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqyNScHtBgR5hPTDtlqLfXQ-Hol0djCvUNNbBsZlWh746S5OGep1SFNuhXOP5DSMDkVV0r1EGu5SfbW9vBox9I9tKmR6Y9sGz0eiqJ16DGhLg4FDKsAGX8TpHPZFVc6MSh4yqy1dqfLujWCpoFv8s9QujErBy5YJ4ogQ4qY96_3HifgWUoIHGKvzZkMIvzojmEaQ&sig=Cg0ArKJSzPF4fmdIlcaMEAE&id=lidar2&mcvt=1022&p=188,126,788,426&tm=2002.7000007629395&tu=980.6000003814697&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1863772561&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3092033000&rst=1734987530441&rpt=1268&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Dec 2024 20:58:52 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
bid
aax.amazon-adsystem.com/e/dtb/ 		182 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fezgif.com%2F&pid=CfD6FW3yl1bVh&cb=1&ws=1600x1200&v=24.1212.711&t=1500&slots=%5B%7B%22sd%22%3A%22ezgif_com_300x600_2%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x300%22%2C%22300x250%22%2C%22160x600%22%2C%22120x600%22%2C%22240x400%22%5D%2C%22sn%22%3A%22%2F147246189%2C21770999482%2Fezgif.com_300x600_2%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21setupad.com%2C158%2C1%2C%2C%2C&sm=87f9ad21-adfa-4af9-b9ac-59139a9132da&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*4Y9vvk2Q_OM24O3gv45-zO3awXMMzvzWJ9neM9p2xMbl-36uEdo3cnao9fZCyK-B%22%2C%22pubcommon%22%3A%22f82eac87-40a1-4b75-80e4-cc5dddb1eb7b%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.47.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-47-193.fra60.r.cloudfront.net
Software
Server /
Resource Hash
99e2a011a107f231abac42cf9ea5a846a2db73770befbbf491a1f3b7dfd43600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
access-control-allow-origin
https://ezgif.com
x-cache
Miss from cloudfront
content-length
172
x-amz-cf-id
oNwm9wdmhn3PkKfNeWS6PVSuoRXfEn2Y7d1l0rqNNx1PI-dh3-plYQ==
date
Mon, 23 Dec 2024 20:59:00 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA60-P3
server
Server
auction
prebid-stag.setupad.net/openrtb2/ 		350 B
885 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41be84e243d99ac7fdd5161f2f8e0b0668f2b8083fe141b5edbaf8e232becbdc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zru4CVK%2FP1xUjS1LaQB4nsEMlUZeqovtWikhovToIeU%2BkKjYtClfjIihHBQz43UjZtlUnWie9j2nGMBBYvWBijkZMPCt%2FF7vAB%2BLnIGel%2BAIBIPWXLUpOUq%2BBVA16bamCznQXKi%2BwKhj"}],"group":"cf-nel","max_age":604800}
expires
0
server-timing
cfL4;desc="?proto=TCP&rtt=52503&min_rtt=52349&rtt_var=6258&sent=12&recv=16&lost=0&retrans=0&sent_bytes=3314&recv_bytes=6166&delivery_rate=76969&cwnd=255&unsent_bytes=0&cid=09806f9a499a0a42&ts=9620&x=0"
date
Mon, 23 Dec 2024 20:58:59 GMT
content-type
application/json
vary
Origin
cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8f6b45da4de56958-FRA
access-control-allow-origin
https://ezgif.com
x-prebid
pbs-go/0.259.0
server
cloudflare
66b0e577077feb8d85703adf
exchange.cootlogix.com/prebid/multi/ 		0
346 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/66b0e577077feb8d85703adf
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.38.48.20 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

access-control-allow-origin
https://ezgif.com
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Mon, 23 Dec 2024 20:59:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.27.0&referrer=https%3A%2F%2Fezgif.com%2F&tmax=2000&gdpr=false
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.64.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://ezgif.com
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
openrtb
adx.adform.net/adx/ 		0
619 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
expires
-1
access-control-allow-origin
https://ezgif.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Mon, 23 Dec 2024 20:58:59 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
ad
lwadm.com/ 		6 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lwadm.com/ad
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.178.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-178-170.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
79a637a66b13d11bf515b67d16c27a6cf4db76960aa1766581625d4dc24ef82c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache,no-store,max-age=0,must-revalidate,private
content-encoding
gzip
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:00 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
prebid
ib.adnxs.com/ut/v3/ 		17 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
55e3f98152c82de13f4f4babb602109cb7363ae7454cb8a5a71898ef527adf38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
31.187.78.15; 31.187.78.15; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://ezgif.com
an-x-request-uuid
3fc22b70-584f-4e9f-8c3c-38869aba1b9d
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 23 Dec 2024 20:59:00 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.23.4
prebidjs
rtb.openx.net/openrtbb/ 		53 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
5bdef9757c929e2f3e2126d2389f53af6c2284bcb6a13cbcd9e0d4776d889209

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
x-forwarded-for
31.187.78.15
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://ezgif.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Mon, 23 Dec 2024 20:58:58 GMT
content-type
text/plain
vary
Origin
cdb
bidder.criteo.com/ 		0
0
prebid
mp.4dex.io/ 		0
500 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.78 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

x-version
3.0.0-gcp-ams
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Shapings: no adunits with size and seat and mapping
access-control-allow-credentials
true
via
1.1 google
cf-ray
8f6b45e2e8aded42-TLV
expires
0
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:01 GMT
vary
Origin, Accept-Encoding
server
cloudflare
v1
btlr.sharethrough.com/universal/ 		0
0
prebid-request
onetag-sys.com/ 		15 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length
41
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
c
prebid.a-mo.net/a/ 		0
0
hb
rt.marphezis.com/ 		0
0
prebid
prebid.media.net/rtb/ 		58 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUAMBU35
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
f11217557e220125bac26a3c36d809c7f1a31fc1f840463f20df50f56bf1ff3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
147
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
Mon, 23 Dec 2024 20:58:59 GMT
access-control-allow-origin
https://ezgif.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 20:58:59 GMT
content-type
application/json;charset=utf-8
server
envoy
v2
i.connectad.io/api/ 		0
0
v1
prg.smartadserver.com/prebid/ 		0
0
auction
pbs.nextmillmedia.com/openrtb2/ 		0
0
bid
ap.lijit.com/rtb/ 		597 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.27.0
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.217.95.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-95-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
58895985b3a78fed02da3b4239e96347e2983322764d70a296a5663edea4d3ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://ezgif.com
content-length
327
date
Mon, 23 Dec 2024 20:59:00 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
unruly_prebid
targeting.unrulymedia.com/ 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://ezgif.com/

Response headers

access-control-allow-origin
https://ezgif.com
cache-control
private, max-age=0, no-cache, no-store
date
Mon, 23 Dec 2024 20:59:00 GMT
pragma
no-cache
access-control-allow-credentials
true
metric
report2.hb.brainlyads.com/statistics/ 		68 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&groups=1161
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
0464f45b495a5aac8d0e6edd4cc000fef4d3f90187ba1a7b7faf39cf4087085f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

ETag
W/"44-BLfixpdlXhg7c93spq1PGUM+F+4"
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
68
Date
Mon, 23 Dec 2024 20:59:01 GMT
Content-Type
image/png
X-Powered-By
Express
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Headers
*
bid
aax.amazon-adsystem.com/e/dtb/ 		182 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fezgif.com%2F&pid=CfD6FW3yl1bVh&cb=2&ws=1600x1200&v=24.1212.711&t=1500&slots=%5B%7B%22sd%22%3A%22ezgif_com_728x90_top_responsive%22%2C%22s%22%3A%5B%22728x90%22%2C%22460x60%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F147246189%2C21770999482%2Fezgif.com_728x90_desktop_top%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21setupad.com%2C158%2C1%2C%2C%2C&sm=87f9ad21-adfa-4af9-b9ac-59139a9132da&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*4Y9vvk2Q_OM24O3gv45-zO3awXMMzvzWJ9neM9p2xMbl-36uEdo3cnao9fZCyK-B%22%2C%22pubcommon%22%3A%22f82eac87-40a1-4b75-80e4-cc5dddb1eb7b%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.47.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-47-193.fra60.r.cloudfront.net
Software
Server /
Resource Hash
3eb612344effe8db5868a280112365ff61e4a43c65e348db722d001ed3ae67dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
access-control-allow-origin
https://ezgif.com
x-cache
Miss from cloudfront
content-length
172
x-amz-cf-id
KsVYBOj3_pDiq_8FIazG9-n8M8asz0Yc4ERrar_iXtQJ0ozTh1J0Zg==
date
Mon, 23 Dec 2024 20:58:59 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA60-P3
server
Server
auction
prebid-stag.setupad.net/openrtb2/ 		351 B
801 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88f2c3032acee707763768b61142e23b900f03794f41842ee2baf7bbb373034e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YMTQ%2BkOyunqrmrz5D5UA2j2bEr6t7dW8j9SoU9phWLLveT0OJAV3PBUxl3jstMK65mP4lGv0mZBACbw7mNXJydYBhJYC7%2BvKi9eO4Bu1rEVvCN8WyXbeLV6cE8TNC0ncglQZuyoIrD9Z"}],"group":"cf-nel","max_age":604800}
expires
0
server-timing
cfL4;desc="?proto=TCP&rtt=52503&min_rtt=52349&rtt_var=2669&sent=19&recv=23&lost=0&retrans=0&sent_bytes=4265&recv_bytes=8737&delivery_rate=76969&cwnd=257&unsent_bytes=0&cid=09806f9a499a0a42&ts=10028&x=0"
date
Mon, 23 Dec 2024 20:59:00 GMT
content-type
application/json
vary
Origin
cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8f6b45dcef1f6958-FRA
access-control-allow-origin
https://ezgif.com
x-prebid
pbs-go/0.259.0
server
cloudflare
bid
ap.lijit.com/rtb/ 		597 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.27.0
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.217.95.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-95-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fd1d417e12a738e10dc85b3adc57e1c31520570cc9de74ec6b132d43dfc244f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://ezgif.com
content-length
327
date
Mon, 23 Dec 2024 20:59:00 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
prebid-request
onetag-sys.com/ 		15 B
405 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length
41
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.27.0&referrer=https%3A%2F%2Fezgif.com%2F&tmax=2000&gdpr=false
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.64.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://ezgif.com
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
v2
i.connectad.io/api/ 		0
0
unruly_prebid
targeting.unrulymedia.com/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://ezgif.com/

Response headers

access-control-allow-origin
https://ezgif.com
cache-control
private, max-age=0, no-cache, no-store
date
Mon, 23 Dec 2024 20:59:00 GMT
pragma
no-cache
access-control-allow-credentials
true
ad
lwadm.com/ 		1 KB
950 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lwadm.com/ad
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.178.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-178-170.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9d1d1bb67c19e34a317d4203cbafbd741d5f6ff8aa939b0dd00c454aa47e77b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache,no-store,max-age=0,must-revalidate,private
content-encoding
gzip
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:00 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
v1
btlr.sharethrough.com/universal/ 		0
0
prebid
mp.4dex.io/ 		0
41 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.78 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

x-version
3.0.0-gcp-ams
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Shapings: no adunits with size and seat and mapping
access-control-allow-credentials
true
via
1.1 google
cf-ray
8f6b45e2e8afed42-TLV
expires
0
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:01 GMT
vary
Origin, Accept-Encoding
server
cloudflare
hb
rt.marphezis.com/ 		0
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.203.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

access-control-max-age
86400
access-control-expose-headers
Content-Length
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
expires
0
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:00 GMT
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
66b0e577077feb8d85703adf
exchange.cootlogix.com/prebid/multi/ 		0
346 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/66b0e577077feb8d85703adf
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.38.48.20 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

access-control-allow-origin
https://ezgif.com
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Mon, 23 Dec 2024 20:59:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
prebid
prebid.media.net/rtb/ 		963 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUAMBU35
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
05641f224ff2c2e33678f83185ad208bc5ee4ebc6a3211ed72016f988b38d4d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
86
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
Mon, 23 Dec 2024 20:59:00 GMT
access-control-allow-origin
https://ezgif.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
564
date
Mon, 23 Dec 2024 20:59:00 GMT
content-type
application/json;charset=utf-8
server
envoy
c
prebid.a-mo.net/a/ 		0
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
85e5a9f43c6c5b674b2419fc09752be28f9ff8a35bd3a01601440a32cc797fe1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
x-forwarded-for
31.187.78.15
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://ezgif.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Mon, 23 Dec 2024 20:58:59 GMT
content-type
text/plain
vary
Origin
openrtb
adx.adform.net/adx/ 		0
619 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
expires
-1
access-control-allow-origin
https://ezgif.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Mon, 23 Dec 2024 20:59:00 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
prebid
ib.adnxs.com/ut/v3/ 		139 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f00ea01b2e0e88e4b989b3b70ea62ec4996e4e859df2a8878bcb8a2fba1dd82f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
31.187.78.15; 31.187.78.15; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://ezgif.com
an-x-request-uuid
f31d29f3-e947-40a1-adf7-a3486ed3c214
content-length
139
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 23 Dec 2024 20:59:00 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
v1
prg.smartadserver.com/prebid/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.149.193.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
65ba3ca03bce492b4d30fbd8b1c102bb6fe30f59c7525c350fe4426117dbec0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 23 Dec 2024 20:59:00 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
auction
pbs.nextmillmedia.com/openrtb2/ 		0
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.162.83 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns1016849.ip-15-204-162.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
x-trace-id
9629f269-fa11-4a67-9236-744c135c4209
expires
0
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:01 GMT
x-prebid
pbs-go/43.52.0
vary
Origin
cdb
bidder.criteo.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=185&av=36&wv=8.27.0&bundle=9w0cNV9SYnlmTHJRQ2c1aEt4WUZuQ2lmeDdIOHhBcXlhblp4QWpqSWI3THFhV1R4ZlU1UmkzcnJEV0pUY3dmUGcwdHE0bWhYVXM2WDREeWdqSVRvTm43M3ZSTUZtWDZ2UExYYk5KaFhnZVVSa3hsWXdKSHN3Z0pSa0VuTlljN3RySEx5WA&cb=74861473214
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.56 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
70828b7f8598af62ea6955f5436866a5edcef2397e982fa334861b8d0432ec83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:00 GMT
content-type
application/json
vary
Accept-Encoding, Origin
server
Kestrel
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.56 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ezgif.com/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:00 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
pixels
ssp-sync.criteo.com/user-sync/ 		750 B
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.57 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
33b3ab17ec4aae944b94479613ad39785eeaa56aaa676bb5f2583cab222bb85b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store,max-age=0
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:01 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
server
Kestrel
timeout
rt.marphezis.com/prebid/ 		0
239 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/prebid/timeout
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.203.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-max-age
86400
access-control-allow-origin
https://ezgif.com
access-control-expose-headers
Content-Length
date
Mon, 23 Dec 2024 20:59:01 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
metric
report2.hb.brainlyads.com/statistics/ 		68 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidTimeout&bidder=nextMillennium&source=pbjs&groups=1161
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
0464f45b495a5aac8d0e6edd4cc000fef4d3f90187ba1a7b7faf39cf4087085f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

ETag
W/"44-BLfixpdlXhg7c93spq1PGUM+F+4"
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
68
Date
Mon, 23 Dec 2024 20:59:01 GMT
Content-Type
image/png
X-Powered-By
Express
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Headers
*
g_pbto
1x1.a-mo.net/hbx/ 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1734987541507&eid=240bc7f9cdb685dd
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.226.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-226-21.eu-central-1.compute.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 23 Dec 2024 20:59:01 GMT
vary
accept-encoding
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=345310670493965&correlator=2425993341977002&eid=31089315%2C95349035%2C31088252&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&gdpr=0&iu_parts=147246189%3A21770999482%2Cezgif.com_300x600_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x300%7C300x250%7C160x600%7C120x600%7C240x400&ifi=6&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D2abe36590a488876%3AT%3D1734987516%3ART%3D1734987516%3AS%3DALNI_MZPFHNbl6ZNQguBERin9bVoPuPRCw&gpic=UID%3D00000f7abbb44c1f%3AT%3D1734987516%3ART%3D1734987516%3AS%3DALNI_MYWc9D1CBqpYB_oh7RlDKOYazZ9gw&abxe=1&dt=1734987541511&lmt=1734987541&adxs=126&adys=809&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fezgif.com%2F&vis=1&psz=300x600&msz=300x600&fws=0&ohw=0&psts=AOrYGsmndGUY1igaPHHbtGzNzAoCDXBuoCZxiXLTqduVOEGZIl2Cb-EqK3xXrdckAfzCRaZZ4u-4HU4ygwfi4aU&topics=3&tps=3&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KlJqRlN5ZW91d1pTUlh0Q1hHREJEdTBwa19BU3JjTUdoZ0dmalJIM0ktYkhsLTVRSWNqRGdRZFFmYXU2QXdITndYARI0CgpwdWJjaWQub3JnEiQ1ZGY4OGZkYi1iMGMzLTRhN2EtYmIyNy1iYzVlNmQ3NzVhMWRYARIcCg1jcndkY250cmwubmV0GMWKwqq_MkgAUgIIZBLOAQoOZXNwLmNyaXRlby5jb20SsgE5dzBjTlY5U1lubG1USEpSUTJjMWFFdDRXVVp1UTJsbWVEZElPSGhCY1hsaGJscDRRV3BxU1dJM1RIRmhWMVI0WmxVMVVta3pjbkpFVjBwVVkzZG1VR2N3ZEhFMGJXaFlWWE0yV0RSRWVXZHFTVlJ2VG00M00zWlNUVVp0V0RaMlVFeFlZazVLYUZoblpWVlNhM2hzV1hkS1NITjNaMHBTYTBWdVRsbGpOM1J5U0V4NVdBGJDmwqq_MkgAEhYKB2V1aWQuZXUYxYrCqr8ySABSAghkEhgKCXlhaG9vLmNvbRi4msKqvzJIAFICCG8SGQoKdWlkYXBpLmNvbRjFisKqvzJIAFICCGQSFAoFb3BlbngYxYrCqr8ySABSAghkEhsKDDMzYWNyb3NzLmNvbRjFisKqvzJIAFICCGQSFwoIcnRiaG91c2UY-pfCqr8ySABSAghq&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734987513944&idt=907&ppid=5df88fdbb0c34a7abb27bc5e6d775a1d&prev_scp=pbsd%3D1%26amznbid%3D2%26amznp%3D2%26hb_env%3Dweb%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.16%26hb_adid%3D234847a71d6a7703%26hb_bidder%3Dmedianet%26hb_rf%3D1&cust_params=category%3Dcomputing_graphics%26audience_interest%3Dcomputing%26origin%3Ddirect%26ECT%3D3g&adks=4242743476&frm=20&eo_id_str=ID%3D7da85bfa1fe80eae%3AT%3D1734987516%3ART%3D1734987516%3AS%3DAA-AfjaM5Euaiy8rXBrn5WKVL23a&td=1&egid=31438&tan=8bfbbaf0-3206-47d5-8553-91433b2f1dcb&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a60da17e604513faddba0e77401d065569caa5f512779940946432b0191d5ff7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
dcb
google-lineitem-id
323972309
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 23 Dec 2024 20:59:01 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138303033656
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
content-length
2530
x-xss-protection
0
server
cafe
error
rt.marphezis.com/prebid/ 		0
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/prebid/error
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.203.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-max-age
86400
access-control-allow-origin
https://ezgif.com
access-control-expose-headers
Content-Length
date
Mon, 23 Dec 2024 20:59:01 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
metric
report2.hb.brainlyads.com/statistics/ 		68 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&groups=1161
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
0464f45b495a5aac8d0e6edd4cc000fef4d3f90187ba1a7b7faf39cf4087085f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

ETag
W/"44-BLfixpdlXhg7c93spq1PGUM+F+4"
Access-Control-Allow-Origin
*
Content-Length
68
Date
Mon, 23 Dec 2024 20:59:01 GMT
Content-Type
image/png
X-Powered-By
Express
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Headers
*
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=QxKyul9mcWVVSXJsZEp3WE9XN2NQTThZUUdsd0NVU2pwemFZMDVvbTlYUllhRDhJJTNE&gpp=&gpp_sid=&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-s0qbHok8Zi8yrW8r7...
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-s0qbHok8Zi8yrW8r7avammgeGAzt-U9evq91BQ&gdpr=&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/match?p=KygbfF9PS0hsM29kR1V3VlcxakxIbkFtZ2FmZ0RlJTJGQWJ6dk5ZWTFRSkglMkI3WG5QcyUzRA&u=e956d046-38fa-4e19-bbe5-64f4a598c858
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=KygbfF9PS0hsM29kR1V3VlcxakxIbkFtZ2FmZ0RlJTJGQWJ6dk5ZWTFRSkglMkI3WG5QcyUzRA&u=e956d046-38fa-4e19-bbe5-64f4a598c858
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Server
178.250.1.57 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store,max-age=0
date
Mon, 23 Dec 2024 20:59:02 GMT
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//ssp-sync.criteo.com/user-sync/match?p=KygbfF9PS0hsM29kR1V3VlcxakxIbkFtZ2FmZ0RlJTJGQWJ6dk5ZWTFRSkglMkI3WG5QcyUzRA&u=e956d046-38fa-4e19-bbe5-64f4a598c858
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 20:59:03 GMT
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dz4DxgV9jblJDNWk5cVJaalc5eGNUZXVXUFNlSWl5Rjd0R3BLRE42Y0VqUTh2T0lvJTNE%26u%3d%24UID&gdpr=&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/match?p=z4DxgV9jblJDNWk5cVJaalc5eGNUZXVXUFNlSWl5Rjd0R3BLRE42Y0VqUTh2T0lvJTNE&u=379148967230319548&gdpr=&gdpr_consent=
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=z4DxgV9jblJDNWk5cVJaalc5eGNUZXVXUFNlSWl5Rjd0R3BLRE42Y0VqUTh2T0lvJTNE&u=379148967230319548&gdpr=&gdpr_consent=
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Server
178.250.1.57 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store,max-age=0
date
Mon, 23 Dec 2024 20:59:01 GMT
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://ssp-sync.criteo.com/user-sync/match?p=z4DxgV9jblJDNWk5cVJaalc5eGNUZXVXUFNlSWl5Rjd0R3BLRE42Y0VqUTh2T0lvJTNE&u=379148967230319548&gdpr=&gdpr_consent=
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
31.187.78.15; 31.187.78.15; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
7f9994a6-7967-4391-9890-c9dd1b12a7a8
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 23 Dec 2024 20:59:01 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=k-s0qbHok8Zi8yrW8r7avammgeGAzt-U9evq91BQ&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3...
  • https://ssp-sync.criteo.com/user-sync/match?p=fNKEvl9zNjkxZlNjVThoM29VaCUyRkgwRlZPWFZKNkdwMGszeVY1U2hHY0hzTk1NSm8lM0Q&u=CAESECppALDOAnpb5knTLTtVq8s&gdpr=&gdpr_consent=&google_cver=1
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=fNKEvl9zNjkxZlNjVThoM29VaCUyRkgwRlZPWFZKNkdwMGszeVY1U2hHY0hzTk1NSm8lM0Q&u=CAESECppALDOAnpb5knTLTtVq8s&gdpr=&gdpr_consent=&google_cver=1
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Server
178.250.1.57 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store,max-age=0
date
Mon, 23 Dec 2024 20:59:01 GMT
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ssp-sync.criteo.com/user-sync/match?p=fNKEvl9zNjkxZlNjVThoM29VaCUyRkgwRlZPWFZKNkdwMGszeVY1U2hHY0hzTk1NSm8lM0Q&u=CAESECppALDOAnpb5knTLTtVq8s&gdpr=&gdpr_consent=&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
394
date
Mon, 23 Dec 2024 20:59:01 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
bid
aax.amazon-adsystem.com/e/dtb/ 		182 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fezgif.com%2F&pid=CfD6FW3yl1bVh&cb=3&ws=1600x1200&v=24.1212.711&t=1500&slots=%5B%7B%22sd%22%3A%22ezgif_com_300x600_1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x300%22%2C%22300x250%22%2C%22160x600%22%2C%22120x600%22%2C%22240x400%22%5D%2C%22sn%22%3A%22%2F147246189%2C21770999482%2Fezgif.com_300x600_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21setupad.com%2C158%2C1%2C%2C%2C&sm=87f9ad21-adfa-4af9-b9ac-59139a9132da&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*4Y9vvk2Q_OM24O3gv45-zO3awXMMzvzWJ9neM9p2xMbl-36uEdo3cnao9fZCyK-B%22%2C%22pubcommon%22%3A%22f82eac87-40a1-4b75-80e4-cc5dddb1eb7b%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.47.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-47-193.fra60.r.cloudfront.net
Software
Server /
Resource Hash
ccccd1ac635a1c1b6855ba9e05331a84335a034a4c431322d95817ba2e32756a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
access-control-allow-origin
https://ezgif.com
x-cache
Miss from cloudfront
content-length
171
x-amz-cf-id
4srbReLqadD79fIGQOcttWZsJ9T6Xuin2wtcklN4rQswIf92Tyirpw==
date
Mon, 23 Dec 2024 20:59:02 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA60-P3
server
Server
auction
prebid-stag.setupad.net/openrtb2/ 		31 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11832e87d6a77300825114c96b7093fd938840715cdfa4dd974831e595b6d2ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mjlvuWFPeaW93ydhFLQJ30QiEbs1gTGY5eexkg4iZ%2Fupy%2F8NUmswzTE0Cnfj0Nd%2F5obJdpZcj1xxjQGkHhN%2FK7gf%2FkRbprK66IOdEPnEsu5ekDJTfXyzVdz12i5u8ZAnQVh4vUlKI91V"}],"group":"cf-nel","max_age":604800}
expires
0
server-timing
cfL4;desc="?proto=TCP&rtt=52521&min_rtt=52349&rtt_var=1149&sent=25&recv=29&lost=0&retrans=0&sent_bytes=5132&recv_bytes=11303&delivery_rate=76969&cwnd=4&unsent_bytes=0&cid=09806f9a499a0a42&ts=12091&x=0"
date
Mon, 23 Dec 2024 20:59:02 GMT
content-type
application/json
vary
Origin
cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8f6b45e92e086958-FRA
access-control-allow-origin
https://ezgif.com
x-prebid
pbs-go/0.259.0
server
cloudflare
66b0e577077feb8d85703adf
exchange.cootlogix.com/prebid/multi/ 		0
346 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.cootlogix.com/prebid/multi/66b0e577077feb8d85703adf
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.38.48.20 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

access-control-allow-origin
https://ezgif.com
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Mon, 23 Dec 2024 20:59:01 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
prebid
mp.4dex.io/ 		0
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.78 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

x-version
3.0.0-gcp-ams
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Calling bidders. no bid responses
access-control-allow-credentials
true
via
1.1 google
cf-ray
8f6b45e8f8f7ed42-TLV
expires
0
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:02 GMT
vary
Origin, Accept-Encoding
server
cloudflare
hb
rt.marphezis.com/ 		0
43 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.203.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

access-control-max-age
86400
access-control-expose-headers
Content-Length
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
expires
0
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:01 GMT
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
unruly_prebid
targeting.unrulymedia.com/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://ezgif.com/

Response headers

access-control-allow-origin
https://ezgif.com
cache-control
private, max-age=0, no-cache, no-store
date
Mon, 23 Dec 2024 20:59:01 GMT
pragma
no-cache
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
116 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.72.6.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-6-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://ezgif.com
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		34 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUAMBU35
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
40d8a22356302e16e75a6b1f532709d010995a68a806383342d1f8a282c22121

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
99
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
Mon, 23 Dec 2024 20:59:01 GMT
access-control-allow-origin
https://ezgif.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 20:59:02 GMT
content-type
application/json;charset=utf-8
server
envoy
c
prebid.a-mo.net/a/ 		936 B
788 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.34 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software
envoy /
Resource Hash
3500da2dd1fda2744f584b33b4c64a0d489bacf5dc379720194147b669ed8860

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
x-envoy-upstream-service-time
81
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
content-length
472
date
Mon, 23 Dec 2024 20:59:01 GMT
content-type
application/json; charset=utf-8
vary
origin, accept-encoding
server
envoy
auction
pbs.nextmillmedia.com/openrtb2/ 		0
109 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.204.162.83 Reston, United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns1016849.ip-15-204-162.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
x-trace-id
fe8afd86-de39-425b-a85e-90bdabc648a3
expires
0
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:01 GMT
x-prebid
pbs-go/43.52.0
vary
Origin
bid
ap.lijit.com/rtb/ 		597 B
677 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.27.0
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.217.95.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-95-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
caedd5996d7dc602f7942b2d8782b71bc6030d239d16daf5fbef8f37afa25378

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://ezgif.com
content-length
326
date
Mon, 23 Dec 2024 20:59:02 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
ad
lwadm.com/ 		1 KB
861 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lwadm.com/ad
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.178.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-178-170.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
be79d518d4832fb0246d8c568109ea92b01dce7492f67a0a44a386bb3f383690

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache,no-store,max-age=0,must-revalidate,private
content-encoding
gzip
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:02 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
v1
prg.smartadserver.com/prebid/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.149.193.80 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software
/
Resource Hash
e1532073da3bed0b820e926ee1550e654deff46082917bc1c5f580a73b13bf3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 23 Dec 2024 20:59:01 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.27.0&referrer=https%3A%2F%2Fezgif.com%2F&tmax=2000&gdpr=false
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.124.64.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-64-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://ezgif.com
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
prebidjs
rtb.openx.net/openrtbb/ 		53 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
6a15e2eca7310303fb05e0f66f5d3f3b72b005160e138d88508780f3f4768bf2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
x-forwarded-for
31.187.78.15
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://ezgif.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Mon, 23 Dec 2024 20:59:01 GMT
content-type
text/plain
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		17 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3852506fd12a0bace7e8d5a6ce2db9f43fe80090ab44f408cfb4b2aefa5941ff
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
31.187.78.15; 31.187.78.15; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://ezgif.com
an-x-request-uuid
2147b955-0138-4aaf-ab0a-994acf49701b
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.23.4
openrtb
adx.adform.net/adx/ 		0
619 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
expires
-1
access-control-allow-origin
https://ezgif.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Mon, 23 Dec 2024 20:59:01 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
cdb
bidder.criteo.com/ 		17 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=185&av=36&wv=8.27.0&bundle=9w0cNV9SYnlmTHJRQ2c1aEt4WUZuQ2lmeDdIOHhBcXlhblp4QWpqSWI3THFhV1R4ZlU1UmkzcnJEV0pUY3dmUGcwdHE0bWhYVXM2WDREeWdqSVRvTm43M3ZSTUZtWDZ2UExYYk5KaFhnZVVSa3hsWXdKSHN3Z0pSa0VuTlljN3RySEx5WA&cb=63738816736
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.56 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2cd9586c225fc8d671973eb1ddd294a7b2f319d28badbf534ccb28eea7a5fd9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:01 GMT
content-type
application/json
vary
Accept-Encoding, Origin
server
Kestrel
prebid-request
onetag-sys.com/ 		15 B
405 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length
41
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
v2
i.connectad.io/api/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 492C 		0
0
b-bde0e05-b5b90430.js
tagan.adlightning.com/setupad/ Frame FD65 		68 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8006523641cfe7752eff7fab6bb5a7f7d0881ac0d494447eb8541e5f645d2edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
etag
"777a63c7bb73394365962e8e0fd2dc01"
x-amz-version-id
tHAtBRpN__u5ySMyvqtc44KVZeaJWugx
age
4582575
x-cache
Hit from cloudfront
x-amz-cf-id
lim2m97is37oNdZaufHwSgdSUEwyKmHio9nTlUHuLkyuIrwCskVdug==
date
Thu, 31 Oct 2024 20:02:22 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 20:01:47 GMT
cache-control
max-age=31536000
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
25896
x-amz-meta-git_commit
bde0e05
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FD65 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
437
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:51:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:51:21 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://ezgif.com/

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-methods
GET, POST
access-control-allow-origin
*
date
Mon, 23 Dec 2024 20:59:02 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
g_pbto
1x1.a-mo.net/hbx/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1734987541951&eid=29541da25d9e4fd4
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.226.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-226-21.eu-central-1.compute.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 23 Dec 2024 20:59:02 GMT
vary
accept-encoding
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ 		67 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=345310670493965&correlator=921277449468470&eid=31089315%2C95349035%2C31088252&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&gdpr=0&iu_parts=147246189%3A21770999482%2Cezgif.com_728x90_desktop_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C460x60%7C320x50%7C468x60&ifi=7&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D2abe36590a488876%3AT%3D1734987516%3ART%3D1734987516%3AS%3DALNI_MZPFHNbl6ZNQguBERin9bVoPuPRCw&gpic=UID%3D00000f7abbb44c1f%3AT%3D1734987516%3ART%3D1734987516%3AS%3DALNI_MYWc9D1CBqpYB_oh7RlDKOYazZ9gw&abxe=1&dt=1734987541962&lmt=1734987541&adxs=762&adys=28&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fezgif.com%2F&vis=1&psz=728x90&msz=728x90&fws=0&ohw=0&psts=AOrYGsmndGUY1igaPHHbtGzNzAoCDXBuoCZxiXLTqduVOEGZIl2Cb-EqK3xXrdckAfzCRaZZ4u-4HU4ygwfi4aU%2CAOrYGskLiAXDdBOxHtVlBxUSmJiEoNL8sx4DufJf2wQS1HTDFOT3Do6p7f5-1uPG4HP7Qp7nX_dn9hdLTdOcsJ4&topics=3&tps=3&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KlJqRlN5ZW91d1pTUlh0Q1hHREJEdTBwa19BU3JjTUdoZ0dmalJIM0ktYkhsLTVRSWNqRGdRZFFmYXU2QXdITndYARI0CgpwdWJjaWQub3JnEiQ1ZGY4OGZkYi1iMGMzLTRhN2EtYmIyNy1iYzVlNmQ3NzVhMWRYARIcCg1jcndkY250cmwubmV0GMWKwqq_MkgAUgIIZBLOAQoOZXNwLmNyaXRlby5jb20SsgE5dzBjTlY5U1lubG1USEpSUTJjMWFFdDRXVVp1UTJsbWVEZElPSGhCY1hsaGJscDRRV3BxU1dJM1RIRmhWMVI0WmxVMVVta3pjbkpFVjBwVVkzZG1VR2N3ZEhFMGJXaFlWWE0yV0RSRWVXZHFTVlJ2VG00M00zWlNUVVp0V0RaMlVFeFlZazVLYUZoblpWVlNhM2hzV1hkS1NITjNaMHBTYTBWdVRsbGpOM1J5U0V4NVdBGJDmwqq_MkgAEhYKB2V1aWQuZXUYxYrCqr8ySABSAghkEhgKCXlhaG9vLmNvbRi4msKqvzJIAFICCG8SGQoKdWlkYXBpLmNvbRjFisKqvzJIAFICCGQSFAoFb3BlbngYxYrCqr8ySABSAghkEhsKDDMzYWNyb3NzLmNvbRjFisKqvzJIAFICCGQSFwoIcnRiaG91c2UY-pfCqr8ySABSAghq&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734987513944&idt=907&ppid=5df88fdbb0c34a7abb27bc5e6d775a1d&prev_scp=pbsd%3D1%26amznbid%3D2%26amznp%3D2%26hb_env%3Dweb%26hb_adomain%3Dvantagemarkets.com%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D237f36e75b06266d%26hb_bidder%3Dcriteo%26hb_rf%3D1&cust_params=category%3Dcomputing_graphics%26audience_interest%3Dcomputing%26origin%3Ddirect%26ECT%3D3g&adks=3922983428&frm=20&eo_id_str=ID%3D7da85bfa1fe80eae%3AT%3D1734987516%3ART%3D1734987516%3AS%3DAA-AfjaM5Euaiy8rXBrn5WKVL23a&td=1&egid=31438&tan=8bfbbaf0-3206-47d5-8553-91433b2f1dcc&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8dad0fd4b35f81cc6817f7dec2b229cb8d0c612c77cecffdce3eeb537113b045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
content-encoding
dcb
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 23 Dec 2024 20:59:02 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
content-length
10891
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame FD65 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhmPIKoWdNOM89SZK1_3znnyc8MS2WgO20F0nMT2IdXU2ocXPMWLVunLKvGWCKkAPtShpjtufDAec4n4QMtTqOPrtbeauidwOGS0-_QbDNEqHzjD05NUUKBDHd62cw7xBZ9uNS08OXaTHpesyED4LEue9d-Ivzh72rhKQLfIPYBBwlYxEIHThxJLlSXN69vxEjFMb5XkW06Z8Wpw_u98ONb-Fzvy1vDrtxJXJAzx_HFQ5PSKUp-3rXwr-vOFELQWdaVRUl9XSij5cLK545pEFAtc9VwjQ1uwiBGjmQrlCxVcu_0nN3D_qwQSfMsxgEgiEDjwLxjC7sRullCD4Rnv4WY_QYdkVTkMK1qVZlgPjkcrK6xfNU6iAvA9ZVwFLeqpjp1rpx0aOkTOyG30ULkVrF0Pc014NllCLt7i0JJ92_r2Q&sai=AMfl-YSh4wQbp59ULxGdkOzZqIjpfU4f8nebMPE7W8yUAID6mi48OoC-aZizElD8xR1FycwrC1gQkObPnHoGFA7sOsVtwc--u8h6LOiI-VpVZ05FpgYkrHGVaCl4JDLXqEoZwlM_FgV50mhzdsSFDTc&sig=Cg0ArKJSzL4AfhjOpI8PEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8CEE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJzDdBDknrPhGBjV4OWlAjAB&v=APEucNW4SbyeKisLgXYAZ9uhosKKx_E2VKriPBwK-6fBfdc-G3KqrhghQt8X3lBQWIb8Jjb1jzEl87hpSBj5sJBq446z_Da5yvvVi73IdqmhMAY1RE6lAnM
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 20:59:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6949 		105 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
d22438a908fb754c1bd6e2f368e8f43bcc5092c126b5688d0cc14b0804727585
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
8686496304925888373
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:58:38 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
36916
x-xss-protection
0
server
cafe
bidderNotifier
cdn-geuw1-xch.media.net/AdExchange/ Frame 6949 		0
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-geuw1-xch.media.net/AdExchange/bidderNotifier?data=https%3A%2F%2Fadx.g.doubleclick.net%2Fpagead%2Fadview%3Fai%3DCzHj9E89pZ8z7KLuJ2fcP-JycuQqg66vwe9jexefbE2QQASDE4pZ_YPm69IOcEKABvN_1-D3IAQKoAwHIA5kEqgTkAU_Q0RBdDa0ErLCdqSvkN7PgFKc2W1ULQvspxQWqZSebqyxXkmo7btxQV62gh7d-q-v1t9w6DCTOxe-hFF3VI8lJ2vULJFS1tSvtBgpVc5XbM0DXvt6iPWgfgBJOL1OXKPY9oEXaJPmHl3btWFdAjVFFjnZ5N985lEcY5b6ZAbt148kXrDMEncX7qRLapeKdLiWDxaTFQ3ZOH6wenWIikelshoT3fYS9aTpgwFjK0E4FXXOtTyJdHUZHBen_GAfMTjxWeUh8KVfSqbanteS7Atcwi8WWss12rew1NZ_kTbtrQIPCEsAElJmn_ugE4AQDiAXzpoznT5IFCwgiEAEYAUiO0bQCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAYCgAe8l8bYGKgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcKELSZDBjV4OWlAtIIJgiAYRABGF0yAooCOguAQIDAgICAoKiAAki9_cE6WOmy95_kvooD8ggQYmlkZGVyLThDVUFNQlUzNYAKBMgLAdoMEQoLEPCyzpWIy9_nygESAgEDsBOal9EayBPByorlA9ATANgTCtgUAdAVAYAXAbIXCgoGCAASABgAGALoFwGyGAkSAq1RGAIiAQA%26sigh%3DriTdDOew6CA%26uach_m%3D%255BUACH%255D%26ase%3D2%26nis%3D4%26pr%3D104%3A0.199%26cid%3DCAQSbgCa7L7dl2_lW9lj1lSrhC77KvS-6tON9QkAoURxV6udTqOMx3hO3jAvVWMD3hafbwvWrRO_y2CvecQSwp6_MJ9HxoKQk_-M4MFm3JPCSAKdmSmoVuxuvmJO0GRsKUk4VKvj0KY2RakHCb9pLqNYGAE&pvid=251&bidReqId=31128222713412_1626381676_9722376792511_0&domain=ezgif.com&itype=PREBID&prvreqid=98d70165a8e260623a62d6fcfb4d94dc_1-3&cid=8CUAMBU35
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
x-envoy-upstream-service-time
8
pragma
no-cache
expires
Mon, 23 Dec 2024 20:59:02 GMT
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
server
envoy
log
qsearch-a.akamaihd.net/ Frame 6949 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=98d70165a8e260623a62d6fcfb4d94dc&algo=unicorn&bdp=0.1970&bidfp=0.0000&capd=0&cc=IL&cid=8CUAMBU35&crid=972237679&ct=tel%20aviv&dc=eu_be&dfpbd=0.173369&dn=ezgif.com&iwb=1&ogcbdp=0.167459&other_bids=0.155394%7C0.1674585&other_prv=203%7C251&pbshr=85.0000&prdp=0.1734&requrl=ezgif.com%2F&sat=0&sc=TA&sc_pvid=251&server=1&size=300x600&strg=unicorn_b&totalTime=4976489&ugd=4&ver=10.0.3&vsid=3779891196891134&cliIP=532368911&time_stamp=2024-12-23%2020%3A58%3A59&seat=1909148&itype=prebid&req_id=84c6f72f-43fc-4f9e-a288-064bb93ea3db&dim4=exploration&dfp_bucket=0.1&level_base=0&bdp_bucket=0.2&app_type=prod&br_id=265&o_id=25&ua=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F131.0.0.0%20Safari%2F537.36&br_ver=131.0.0.0&second_bid=0.155394&second_bidder=203&model_key=3_pbd_rest_pvid_251_cbm&ogerpm=0.000000&rawbid=0.1990&totalTimeBucket=4&as_cache=0&current_day=1&current_hour=20&cut=12&floor_bucket=0.00&model_version=202412230820_3_pbd_rest_pvid_251_cbm&erpm_bucket=0.00&mul_ratio=0.0000&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.7000&stid=ezgif_com_300x600_2&pvid_seat=251_1909148&ckfl=1&mnckfl=1&sd=-1&predicted_wr=12.19&bdp_wider_bucket=1&splid=ezgif_com_300x600_2&dim9=dmm-n2-8-7df7b6f584-tfh2j&dim10=false&dmm_m9=0.0000&dmm_m10=2461767&log_less=false&cut_bkt=10&advurl=c-up.co.il%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=3&clisp=rtb-common-7fd6984b7-mjtzd.BE&dmm_m1=2024-12-23%2020%3A58%3A59.786536897&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=1600x1200&ss_d1=1600&ss_d2=1200&dim15=1-2-0&dmm_m22=0.0000&adtyp=0&gpid_sent=false&pst=EMS&bcrid=19310209148_616132693&buyer_id=21422609267&pvag_id=1909148&erpm_mult=1.000000&zone=b&rc=1&sfm_key=System_251&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=3&wsip=mowx-6c455fd984-6c2sm&rel_cut_bkt=10&optimal_cut=0.0&cut_cluster=0.0&bro_isapp=false&bro_iswebview=false&bro_cookie_support=false&devmodel=Chrome%20-%20Linux&zip=65787%2005&szs=300x600%7C300x300%7C300x250%7C160x600%7C120x600%7C240x400%7C300x600%7C300x300%7C300x250%7C160x600%7C120x600%7C240x400&win_rate_wt=1.0&margin_wt=0.59&dmm_co=def&ecp_dn_group=v2_v2&bid_uuid=ebaf78c7541960058be6d163cc2c7428&fleet=common&commit_id=2d6f2d99&itype_override=PREBID&ip_src=1&trace_id=954a583aa1d50dd98108a5d8f7ec6708&trace_sampled=false&pcrid=1909148_616132693&pv_adtype=0&usp_enf=1&isapp=0&act=headerBid&mnvw=0.651171875&ushr=-1.0&shr=0.9&uhr=-1.0&twr=0.0&pxtype=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.20.245.134 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-134.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Mon, 23 Dec 2024 20:59:03 GMT
Access-Control-Allow-Origin
*
Content-Length
35
Date
Mon, 23 Dec 2024 20:59:03 GMT
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6949 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DFiPr_2c4P97YsvXfqiFGM2jKVlGD5NNu-JF5QeFzBRQKqQt236-QZ1VVpi0xwUXpVODeJXq-fDwoXaDsdnQB4fK1A1PQNa2pfG11lsFUh969Im9o
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
release-20241026-168-adperformance.js
warp.media.net/rtb/resources/ Frame FD65 		71 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20241026-168-adperformance.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

x-goog-metageneration
1
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-encoding
gzip
etag
"821663833b8f83b3092ebbca9ed4a6f2"
x-goog-stored-content-encoding
identity
expires
Mon, 23 Dec 2024 21:58:39 GMT
x-goog-stored-content-length
73074
date
Mon, 23 Dec 2024 20:58:39 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3rd7AvXGFRBASnYfU_daW7dnRswW_lHP4y2XOFWLnQUiWEG6zIJ4QjWQHoX9SWnRuKolc
cache-control
max-age=3600
x-goog-storage-class
STANDARD
x-goog-generation
1729939849468787
content-length
25080
server
UploadServer
log
hblg.media.net/ Frame FD65 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AbQEOwaELAQCEAABAIAAAgAAAAAAAAEABgAAQIABAAgAINCYCXACUjMxMTI4MjIyNzEzNDEyXzE2MjYzODE2NzZfOTcyMjM3Njc5MjUxMV8wQDk4ZDcwMTY1YThlMjYwNjIzYTYyZDZmY2ZiNGQ5NGRjIDM3Nzk4OTExOTY4OTExMzTerZmfB_YDRrbz_dR4yT-WAyJodHRwczovL2V6Z2lmLmNvbQRJTBJlemdpZi5jb20SOENVQU1CVTM1CA4zMDB4NjAwEDAuMTczMzY4FGMtdXAuY28uaWwKZXVfYmUiMTkwOTE0OF82MTYxMzI2OTMMUFJFQklEBmFkbQAAAAAAAIBRQJCVh9X-ZAIxAAAAAAAA8L86cnRiLWNvbW1vbi03ZmQ2OTg0YjctbWp0emQuQkUCEDJkNmYyZDk5AmICDGNvbW1vbioxOTMxMDIwOTE0OF82MTYxMzI2OTNAZWJhZjc4Yzc1NDE5NjAwNThiZTZkMTYzY2MyYzc0MjgCAgACAQACMQ4xOTA5MTQ4&cpr=0.6089451943805837
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
expires
Mon, 23 Dec 2024 20:59:02 GMT
access-control-allow-origin
*
content-length
35
date
Mon, 23 Dec 2024 20:59:02 GMT
content-type
image/gif
clog
hblg.media.net/ Frame 6949 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awelog&pixel_len_bucket=3796&__q=AcgO_3-P_AzcsAi5GThBwSUIw7EITKFAEAt8lCDA44EEAHgsGJwIkAEgAQAUfIAg2F2ASSoAeGO15GYQimrQeAcADBIAmAHCAk8CAKgCAAAAAAAAIOACgQKAAdjgDpGBIB5wAIAkFgMM6k8GymAPOEu3DupoonkEUjMxMTI4MjIyNzEzNDEyXzE2MjYzODE2NzZfOTcyMjM3Njc5MjUxMV8wQDk4ZDcwMTY1YThlMjYwNjIzYTYyZDZmY2ZiNGQ5NGRjSDg0YzZmNzJmLTQzZmMtNGY5ZS1hMjg4LTA2NGJiOTNlYTNkYiAzNzc5ODkxMTk2ODkxMTM03q2Znwf2AysTfqmfN8k_AAAAAAAA8D8AAAAAAAAuQEa28_3UeMk_lgPv5qkOuRnGPwAAAAAAACZAAAAAAAAAJECiRbbz_dTIP8P1KFyPwsU_hgIiaHR0cHM6Ly9lemdpZi5jb20ABElMEmV6Z2lmLmNvbRI4Q1VBTUJVMzUSaGVhZGVyQmlkCAEmZXpnaWZfY29tXzMwMHg2MDBfMg4zMDB4NjAwEjhDVUFNQlUzNRI4Q1VBTUJVMzUCEmhlYWRlckJpZBAwLjE1ODg0NxAwLjE3MzM2OAJPEjk3MjIzNzY3ORYyMTQyMjYwOTI2NxRjLXVwLmNvLmlsCjEzMC4wAiwzNzc5ODkxMTk2ODkxMTM0MDAwVjEwAAAAAACATUAKZXVfYmUAAAAAAAAAAAAAAAAAAAAAABJoZWFkZXJCaWQSdW5pY29ybl9iHDB8MHxueGJsb2NrPS0xKm1vd3gtNmM0NTVmZDk4NC02YzJzbSIxOTA5MTQ4XzYxNjEzMjY5MwIwBjEwMgQyMwxQUkVCSUQAJjIwMjQtMTItMjMgMjA6NTg6NTkABFRBEHRlbCBhdml2GjE3MzQ5OTExNDAwNDEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABhI4UFJMNEU3TjMmZXpnaWZfY29tXzMwMHg2MDBfMswBYmxvY2tfdmVuZG9yX21ldHJpYz0xfHNzUHJvZmlsZT0wfHNmbD1mYWxzZXxzc0J1Y2tldD0wfGJmbD0tMTAwfHNjaD0xfGZsX3JsPTV8ZGJyPTF8c2ZsPWZhbHNlfGJmbD0tMTAwAgYxMDMCNQZhZG0CAAAAAAAAAIBRQAACMAIwAjACMAAgMTY3OWYyNzA4ZTkxMWJiNQASMTYwMHgxMjAwkJWH1f5kAjEAAAAAAADwvxAwLjE2NzQ1OCZlemdpZl9jb21fMzAweDYwMF8yDDEzNjc4NwACMAIxAjA6cnRiLWNvbW1vbi03ZmQ2OTg0YjctbWp0emQuQkUGAAYAABJ1bmljb3JuX2IqMTkzMTAyMDkxNDhfNjE2MTMyNjkzSDk4ZDcwMTY1YThlMjYwNjIzYTYyZDZmY2ZiNGQ5NGRjXzEtMwACMQIwAjEABHY0AgIwAjECAgASZXpnaWYuY29tAAAADjE5MDkxNDgAABpwdWItOENVQU1CVTM14gcAACBQUkVCSUQtOENVQU1CVTM1GnB1Yi04Q1VBTUJVMzUKTjEyMHg2MDB8MTYweDYwMHwzMDB4MjUwfDMwMHgzMDB8MzAweDYwMAIAAk4CTgAAAAAAGlRlbCBBdml2LVlhZm-WAqAfzAi-ATMwMHg2MDB8MzAweDMwMHwzMDB4MjUwfDE2MHg2MDB8MTIweDYwMHwyNDB4NDAwfDMwMHg2MDB8MzAweDMwMHwzMDB4MjUwfDE2MHg2MDB8MTIweDYwMHwyNDB4NDAwAAYHHFByZWJpZENyaXRlb0lkBmlkNQxwdWJjaWQGBwxDb29raWUGaWQ1DHB1YmNpZAEGVVNEAAAAAAAA8D8AKE11bHRpcGxlKENvb2tpZStVSUQpFjIxNDIyNjA5MjY3EjYxNjEzMjY5MwQAAAAAAADwvwAGQVBJEDJkNmYyZDk5JjIwMjQtMTItMjMgMDA6MDA6MDACSDg0YzZmNzJmLTQzZmMtNGY5ZS1hMjg4LTA2NGJiOTNlYTNkYgpmYWxzZQAmZXpnaWZfY29tXzMwMHg2MDBfMhI4Q1VBTUJVMzUAEjhDVUFNQlUzNQJOAgEAAAAwZ2VuLXZibHRfcHJlYmlkX3Rlc3RfMl8xRjIwMjQwOTI1MDg0MF9nZW4tdmJsdF9wcmViaWRfdGVzdF8yJmdlbi12Ymx0X3ByZWJpZF9hbGyMASRNRURJQS5ORVQgRVhDSEFOR0UBAgACMgxjb21tb24ASDYwMTgxZjM0LTI5NGYtNDgyNS1iYzI2LWNiOGM1MjgzMGJiYgAAAAAAAAAAAA4wMDAxMDAwAmIAFDFhM2IyNWFiNWMOMTkwOTE0OBI5NzIyMzc2NzkESUwABDIzAAYxLjECAAIAAAAAAAAAAAABAQYHFnB1YmNpZCNFSURTEGlkNSNFSURTJlByZWJpZENyaXRlb0lkI0VJRFMAAQIBCGJhZHY2Zy1ldXcxYi1lbnZveS1ydGItY29tbW9uLTE5AAQtMgpbMjUxXSsTfqmfN8k_gSIWMewwxj8AAAAs__8_Nk5lZENrZmxXaXRoRGF0YTphbGxfYmxrXzBudDRsb3NzX25vdGlmaWNhdGlvbl9leHA6dHJ1ZRhCRl9zdG9yZTpHQ1NEUHJvZmlsZVVwZ3JhZGF0aW9uTmV3Ok5FWFRfUFJPRklMRSBWaWRUaHJ0bDpERUZBVUxUEHFwc0JrdDowHG11bHRpLXNjOm5ld3NjEmJzVEU6Y3RybA5zc2NETjoxCnNjdDowGnByZV9mbHRyOnRydWUSb3BQcm9mbDowPlRURFVuY29va2llZFRyYWZmaWM6cmVxX3Blcl90YWccYXZncXBzOkRFRkFVTFQKUFJEOjFORFYgMzYwIFZpZGVvIFRocm90dGxpbmcgbWFya2luZzpwYXNzX29uEHB2X2dycDoxJGNyaXRlb19kdXA6aW52X2R1cB5wdl9ncnAyOkRFRkFVTFQKYWlyOjEwQXNzZXRVcmxUaW1lb3V0VGVzdDp0ZXN0MkFkQ29kZUFwaVRpbWVvdXRUZXN0OnRlc3RAZWJhZjc4Yzc1NDE5NjAwNThiZTZkMTYzY2MyYzc0MjgCMBJlemdpZi5jb20IaHR0cAQEAAAMT1RIRVJTBFYxFE1BUktfQkxPQ0sYQ09OU0VSVkFUSVZFARxOT1RfQVBQTElDQUJMRTBJTlZFTlRPUllfQ0xBU1NJRklDQVRJT04MUFJFQklEBAAAAAAAAAAAkAEAFAACAgIACgxzY19kdmRadXDWYqkTQAhzY18zDkFWR19DUE0AAAAAAAAAAAAAAAAAAAAAFHZpc2l0b3ItaWSgOAABAgQxMQIEAB5tYXJrZWRfc3RyYXRlZ3kAARA2NTc4NyAwNQEAABxOT1RfQVBQTElDQUJMRQBAOTU0YTU4M2FhMWQ1MGRkOTgxMDhhNWQ4ZjdlYzY3MDgAFnNldHVwYWQuY29tzAgCAAAAAAgPCGd6aXAOZGVmbGF0ZQRicgh6c3RkCmV1X2JlAAImU1NUOkNwbToyOnNjX21uOk1OQmZmZmZm1uQ_ABxOT1RfQVBQTElDQUJMRQICAQxzc3Q6ZWMAAA5kZWZhdWx0AC5kdXBsaWNhdGlvbl9yZWRpcmVjdGlvbgYxNTgUc2NfZGVmYXVsdBRzY19kZWZhdWx0AAA&utime=2199&sf=0&cpr=0.871597291860172&audit_scanning=0.17&audit_cur=${AUCTION_CURRENCY}
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
expires
Mon, 23 Dec 2024 20:59:02 GMT
access-control-allow-origin
*
content-length
35
date
Mon, 23 Dec 2024 20:59:02 GMT
content-type
image/gif
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=84c6f72f-43fc-4f9e-a288-064bb93ea3db&cid=8CUAMBU35&crid=972237679&adunit_count=1&dn=ezgif.com&requrl=https://ezgif.com/&istop=true&event=client_bid_won&value=0.1636&rd=
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.20.245.134 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-20-245-134.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Mon, 23 Dec 2024 20:59:03 GMT
Access-Control-Allow-Origin
*
Content-Length
35
Date
Mon, 23 Dec 2024 20:59:03 GMT
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6949 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4240842527645&version=m202411180101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6949 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4240842527645&version=m202411180101&ct=2&x=104&cor=10310603640024535000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ad
googleads.g.doubleclick.net/dbm/ Frame 6949 		84 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DkI4ulPtAI8Ggi5vTzW6yqwn6NK8DST2ULTC5I5Mp5nxpXhH5d4rjQFpVNLDrZGgo78uGpmgp1vVD51bCdK9AkUxf9m1_AZjLS9i4XtXnNlvxnhkLD6H18QKN4oYO2e8N7F3E5zzYifrgqQ8ZgosSOjC97kGacO8aQNagZW41y5NnQDdCkdFWpcuf0rFWKbDig0sT2ETwsWNO0hx-sIwEdq1b4E7Rw27CmAKSbAfjBKLYkEjI&cry=1&dbm_d=AKAmf-ApNgoLPrwyGjeaayCYe6mOw8n32lpQ-9mAnm98V7BpqaQDXjSeFG1DEFFQlo43-23gUniEpjikNcHaXl1RmDHVU-fUuz148fzpPjc3JF1wtyGg7rwjjD1eFonLRqYgFtWwx4ooGpSrunS-clrTFm1Zk6j2lWRkHcybGGsHMCodmTb2iLfCe96sU5f2Xv6XBIbWmuscoY3lJfmFsAIjbgEtSpmNSvnX4Yys4O6dgDp-EkVaneYYur__LSR_pkds20ZBTvNtaDnh-TCqIPZS8PsB-rkbbxmA9GEkpiA5A92lbjApcdvU51ScSjDY_TN68XXZhvmKnVoMlO2bt589uXOm7ZeamFqKx4J8QN3Z8ZO2C08BWarBG4W-Ni8DL2kxVIsUxSjh_KZOtMPKQNZG5_t16ROZfufAOUN6DUmpBRaPD-z3ZnhXgiQRLm7XKNQZYI-YL6emhuvxemOwtNUnzdBCo71Tn3WeuF9hPfRnsx1JYW67IPL2dmVHD9UYh9pwSUQQqug0dpXbdKlxz3DT0Ye-6sIWrCmYdK56mxQmmRHMkI357OXLAQkNnes5MubPknz4EGjBoutHkRPukEt_FvRsDRg63BgaDn4YRvqZRZZ2Ravlq4yaP4oqhr36P8_X8G_o4tR2GdwNH9jqiSTTqaNKXjQ4zOF_fwYolhSekY32eHuNE7T0D7YkbX9oAq-heXZXjtUve9Odcd3SvFla27VkJxauDUccE4sS6j6rMWd3bXvbGNyyA5QPLK2ClZRSI0atxK2wZeQ7p9I0rbXe2SBLCNMgIUgwvb9raUbwZ8ntQZIyQWg9wk6bQlVXY-evBjC6IJS6CrBwiR-O1cC9ALvh5UaiiviJA37oTYBNVYVyI4PYU4PGAnKSn0KAjEe95PSwmbXmj5NvXfFnO9Lw-22QMaftlnOV9J3YTeZKyXz0bZz7dc4djs8-RXE9k-zTXV1idJBnrXYCNoYRe68_0TwzeudxfvpzRIVvEFDzErukFMLspAfXgEfpSn6hUmvPj_aNzwUZG15Dc9C9gg6T4uCSWBy4CSc9TqwQlVPDzHyS7JWN5fzxv4oDE9gXWsh2HWGXfTgG_9E97vR1HkBYyz-efnop6FLAKtaslYWgLbvIdpa5BEngqhNwJ5Z--KFR66bnqDi-x4B_PpEComMnuT-0O2OlxCsOii-LFZh1Hh6Oy78XVQEXL1JFiJ124rxdPHw-gkG0ZPM_PYRX69C2NHjFOUIHimCf-24q8sLRo5lt27EqMQdIzQDbu6orXSk9Q78dZeCPgN2xAtbUIRC2mkYx35ljSiCskNEdMOP0vS5XL9cP3udpAprRUzlqKypclrW5LN3iYmwnkul88x9zpAGw1X57Wv6-2ZZ0e5PmJrZYUE3PP-t_Ggm0K6sDPXPrWPfnDmJRoE96dZhD1T2UYA_V0cGHmzUMWAMkQJX40DfUGwRvgW3P-CDJs-ZNFqZOBVArU9IXM7eWJSRVJirLE3ZDgc7-61XBn6T3Z7VcaheWP_qKaSr1Dp0Wocg3fxfJxAfiYnI5NGKf-Cd1GYUPd3Lijr0lGf1zOUSCVOFWOWDEJM9XJyJBufMvZyw8G35rccKy5eCwneFwxK2bHUQMx92xvu6PpkpBieDXMUqWoRA5oZQf78lKORMaumcgZ9Awyfb53bruR79kRu2_r0zj37AZRKiTCrToMZclX7KkMul8Ea0zsFlSs6CoTJt5xaGPVPH_E7idHg0bd81tFI-BPmlajUSMohXGZ63WFGIgzQmGJ3nBkAGgIcf6UCdUJgZPH0clUHjkTFs9gs_cnwV-Osawq0LzIz9lLhqxR1N4al_NidfuyFS26PZ3gTOQrOg-DUuLh2h6iAc2ntS6aXPLoBfJFCcKmvGm1E6fqXwIfaktkkuDrUKVVSKwUEfafy8jJpaO1qp3fjJTXfY_cdoBthpIiU5DtPjzrQzn4HL9NkFit2vDiaWuzafZdhHQPpitq1cpZOBJ9K7393DDce4baTWB5vYpsL1P0x4fIL8A4LPli-9WFVOexr6o3E4juRs4Az2gMQNdnrcV2fmN8YnuyHUppxicTjbWzCaSTnSyAbng0PACUUAwb-XJRJtUOmEODAadhoSCuYvta1AApo2MSt-GFMaBlaTiYBK3R0bUZTBznTXFsO87eYAc-EMY36kCOvSReVjkyFD9nXYbyr1tgG9iirbQuQzrUG9A3wqJNDbC7v_-Jbfyyq1oI71pym9_i1mrfBCiYA3IMx7y3l939HyX5uHK6eR-zHQQlpUCP7RISpow0-_1Ve_wniO3nEIGT2qdvOQAnqnvVJkye4W3yfbUnaA85UC_l0HhWxWm5LaTslouMsqbQ5OTuKcNg1QX3pcepYkBuk5nxPklCfKiaQfgBlWo5hpaAkbhMazob_5manbsh5QtQY5OYJG32Ou_wa73NUiOGvBsjRwSFYf0-3OIXivPBGhfv7liW7L0MpNT_YS66X06E1Tkm8Pleexaad8MNwK5rrWvhix7GyLQihJjHYaovQ0On-lSnncuV0ZpavdYFqzMlel7A9GKQmrulPUp4IBXidmv6_VyQ5dIwIUyoTaOcgO0piWNDQPUbcyg5-1CijDHf0dLXqfapcWvwbacFU7cZucJV3ySSyQ1GU0kIP9N1ROBW2iNkh7co7RCxLVRJl3_KfL8BZWe_kA_AxdWMLewniEvH_1KTeVfnUl0noUBCAwJfxTLPZsH9g3pe6kyE1qUAJKwos4vXEKsKt5HlJTIs6J_tsizpOKo0z3g4jrUeGwsv-s3XSDknkqduAp3TIb9FOVv-mvZoxVze2XldtM2JDeT2on90uc0yy8n-pLc1Lx_aSXBM8Be_FqKGPTsrfqKVXWOP30aveWPv1CWT6_DTJZnnejWF-rGqXe5zgDocZtDX0CKVOg-VXs0_pPwU27QSirUAA3O5828-uKOAswkQimiv_PZuGqYFym5Sh3YuZ9CSqM-lpZASYDVgZQtwK9cwcnoUQ1pw9BcISVIB_S_Tw-Mmz_i0S03VnzM7NWABG9-UU51NnQ2YzUxwuh7owy8AV-AZFCBUGaK-IOXzC13G5e32KTj3ypnMblMLRaSaL11uW-Z4qp0Qvntm5pcne779AlI8d8uu35r16KEcH0MKySHOx1vH22ATaXY3FmLVBh44OZgYU_erSm1soF9vOWNT85Y0VUtOzdJl7aVvkjrf1L0Vsx6dFm4qcgw3MwiBAHijBoKakYeXnM8RmqMXyj-CH1SM3DOX9VvFpJAf4PB5nyCx19dtknNG1KeghhfRblA1T0T0DO1Zd4ePO_WWLGqynPH08nwWkNKPPUgg-maBDbzaI4pSWBrd79YDL-mjj-EfZOtVI5PMuwgZqj6Swuya-mjzX-fWRegVkuj7nufa50q9j3Nbcj_rabQk_86Hh8LYnsXVzu6AEi-PZC6CdkMIAX7TlCFil-py4vBSrhmyA1LWYBiRGbpt7bYTIVPnMd-jhN2uaSpvNqBfKJeLAykhzhVTdmdcrC8DPSTklWE37HumTBEd_jHSHf9tbkicjehT8YU5XnPSbETsMnyfQrXnRWFIg_e94fFWXgVb5FxXnfg7hTblVqNTOZKxbYTPfO5GYDMa9jj_S_Ve85siYV8TYcLPKH7728g8Vc0B6pMyJ3K0rYBriAof6R2AG-bEtuDxEsPeE9NvJbDi0G2cAQ1wR03uR1SPFWuGs2QssAcy9ShQMV6rQEu1ZbpcKGbiZRmx9pdxJeHwt6TOsUkAm4TTu8HsZiEAwOYuQZrhByxvYraVJBJ2u_Rve7vKVnykTn_XB1Lz5-uP9JBJQIDAfh4pmWEaIXmDIrxRA_r0o0hz32VZu_4a-S18rY0JKlgfn_zIfAGb0mmiQS5Rmy1wSZQO1aSwpSPP636FEd70Fvj1fjybBJGolbCVI5MLFucJRFEcFE6xHk0eheXfQD1tvKadqO6jOZRAHs30ds5iqHB4WW7t7WgZCD3LEDOAntBveEFCAHinlYHLKKvCww_OMa7CCaqjqmde_QHLyLpSzxLr8CojJ7pMsTe01AXIoGpPr7YWyhxoQGJIrsNqpEWWC0DTFAw4LxgPixvA4iFL1OwS1XYRzMHlC_9Y1jRNszHV6XjsPs5uvyq1Ps5Jqlnz8h5RHgg-XqdYOZJCfqFch4dPdtCYVI29YwKhKsmvwVX9q0Wfk1Cr9bgyIOAwZSsH0Y&cid=CAQSbgCa7L7dl2_lW9lj1lSrhC77KvS-6tON9QkAoURxV6udTqOMx3hO3jAvVWMD3hafbwvWrRO_y2CvecQSwp6_MJ9HxoKQk_-M4MFm3JPCSAKdmSmoVuxuvmJO0GRsKUk4VKvj0KY2RakHCb9pLqNYGAE&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202411180101&nel=1&rfl=https%3A%2F%2Fezgif.com%2F&ds=l&xdt=0&iif=1&cor=10310603640024535000&adk=1040758303&idt=5&cac=1&dtd=30
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
0a03164063d2254b66872fee2b70d1b5882a8db44e0ce5598e98fe555ecd62e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
39649
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD65 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame FD65 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
830ba20e0e0e758cf569820bff18cffb3771de3d3e04d68c0da7614e79159a1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD65 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.56 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ezgif.com/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:01 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
pixels
ssp-sync.criteo.com/user-sync/ 		239 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.57 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6fc46942ddf1f8238f149e98aea324f60a2bcda3f302cea3b73d262692bb369f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store,max-age=0
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
date
Mon, 23 Dec 2024 20:59:01 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
server
Kestrel
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/ Frame 6949 		30 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
39eccff87303e4def8d131109b031c3a973ed7163d9739eabdbdb1f5b710ec73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
1851978643320982193
age
15051
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 16:47:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 16:47:47 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
11583
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6949 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
216
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:55:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:55:02 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/elements/html/ Frame 6949 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
39761e2a7cb0e42a8b09fbbf0d2c4cd9fb0c1568c045b1c5e387177dda8ff064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
5098607549323971572
age
15544
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 16:39:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 16:39:34 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
4393
x-xss-protection
0
server
cafe
view
ad.doubleclick.net/pcs/ Frame 6949 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvGYX_Sb52AfS0oRspOXu72cCo3yPNt2uHvyS45c5t6pZpRybUxKrTp81Ja2ayDYT_9wJavQCIeWDyS9SGTtO5CYpzq4Uu6WqfPtXmpzEMOwg8Vn_RRDdQM8zNZIlo30vDibbop2bhZLo1VI4WxcEF-K4kX62KSZWWxgZl2ca86iXfNNirWPvETzLr58Hwqh76v8Ksy3nhHhvAMugJejd_BZA&sai=AMfl-YSB1qv9lDpl0FuP2dE9kARSfO2yvvJkGvp0-CRc0-vyFRs6w1aRK2nOcnR9GErgurx7GzVvI2t-5TGWruLfZr_mC8sFmF9LKpRepKHvTY0gjk7k76njuQ_Uygeez7aL2fgxIsvlRLTLxd3NHVNODIxzhepv_c2bZADUTv0EDM0gTIbrfT5rgKYva2rE8WFa7Ux9efqxnICZZRb2Rw&sig=Cg0ArKJSzIUJJFMXaTUJEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9taWxlZ2EuY28uaWw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20241212.47187&arae=1&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:59:02 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"27783644":"0x4d37a4adccc813c60000000000000000","27783645":"0xbd5985b9ccf811d60000000000000000","27783646":"0xba1268d1630a4ec80000000000000000","27783647":"0x6286a0edb7652d150000000000000000"},"debug_key":"14286052141486435661","debug_reporting":true,"destination":["https://weshoes.co.il","https://royalty.me","https://milega.co.il"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["105835932","105835941"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["14674086"]},"max_event_level_reports":2,"priority":"0","source_event_id":"10963977088127680927"}
server
cafe
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 6949 		41 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
age
1282
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:27:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 20:37:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
13937
x-xss-protection
0
server
sffe
15135654432974524970
s0.2mdn.net/simgad/ Frame 6949 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15135654432974524970
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f6.1e100.net
Software
sffe /
Resource Hash
95d7a628dccc8580bb87e11944d5ddfc905e689cb2aaeaba2411caf9a3dbac18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

age
461137
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 12:53:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 18 Dec 2024 12:53:05 GMT
last-modified
Sun, 08 Dec 2024 19:46:56 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
31498
x-xss-protection
0
server
sffe
checksync.php
contextual.media.net/ Frame 4370 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CUAMBU35&prvid=2034%2C2033%2C2030%2C590%2C2073%2C273%2C233%2C2028%2C2027%2C236%2C313%2C2025%2C237%2C117%2C636%2C319%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C122%2C201%2C2039%2C3007%2C246%2C203%2C446%2C404%2C408%2C2011%2C2055%2C3022%2C3020%2C251%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C413%2C3014%2C77%2C20000%2C38%2C182%2C261%2C141%2C460%2C462%2C222%2C542%2C301%2C345%2C225%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
12712
content-type
text/html; charset=UTF-8
date
Mon, 23 Dec 2024 20:58:39 GMT
expires
Wed, 25 Dec 2024 20:58:39 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
timing-allow-origin
*
vary
Accept-Encoding
x-mnet-hl2
E
view
ad.doubleclick.net/pcs/ Frame 6949 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvGYX_Sb52AfS0oRspOXu72cCo3yPNt2uHvyS45c5t6pZpRybUxKrTp81Ja2ayDYT_9wJavQCIeWDyS9SGTtO5CYpzq4Uu6WqfPtXmpzEMOwg8Vn_RRDdQM8zNZIlo30vDibbop2bhZLo1VI4WxcEF-K4kX62KSZWWxgZl2ca86iXfNNirWPvETzLr58Hwqh76v8Ksy3nhHhvAMugJejd_BZA&sai=AMfl-YSB1qv9lDpl0FuP2dE9kARSfO2yvvJkGvp0-CRc0-vyFRs6w1aRK2nOcnR9GErgurx7GzVvI2t-5TGWruLfZr_mC8sFmF9LKpRepKHvTY0gjk7k76njuQ_Uygeez7aL2fgxIsvlRLTLxd3NHVNODIxzhepv_c2bZADUTv0EDM0gTIbrfT5rgKYva2rE8WFa7Ux9efqxnICZZRb2Rw&sig=Cg0ArKJSzIUJJFMXaTUJEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9taWxlZ2EuY28uaWw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=11&vt=11&dtpt=9&dett=2&cstd=0&cisv=r20241212.47187&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:59:02 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"27783644":"0x4d37a4adccc813c60000000000000000","27783645":"0xbd5985b9ccf811d60000000000000000","27783646":"0xba1268d1630a4ec80000000000000000","27783647":"0x6286a0edb7652d150000000000000000"},"debug_key":"10754022862852716851","debug_reporting":true,"destination":["https://weshoes.co.il","https://royalty.me","https://milega.co.il"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["105835932","105835941"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["14674086"]},"max_event_level_reports":2,"priority":"0","source_event_id":"12203488681692756497"}
server
cafe
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame A943 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
975
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 20:42:34 GMT
expires
Mon, 23 Dec 2024 21:32:34 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6949 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6949 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=345310670493965&correlator=42873692053522&eid=31089315%2C95349035%2C31088252&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&gdpr=0&iu_parts=147246189%3A21770999482%2Cezgif.com_300x600_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x300%7C300x250%7C160x600%7C120x600%7C240x400&ifi=8&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D2abe36590a488876%3AT%3D1734987516%3ART%3D1734987516%3AS%3DALNI_MZPFHNbl6ZNQguBERin9bVoPuPRCw&gpic=UID%3D00000f7abbb44c1f%3AT%3D1734987516%3ART%3D1734987516%3AS%3DALNI_MYWc9D1CBqpYB_oh7RlDKOYazZ9gw&abxe=1&dt=1734987542297&lmt=1734987542&adxs=126&adys=188&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fezgif.com%2F&vis=1&psz=300x600&msz=300x600&fws=0&ohw=0&psts=AOrYGskLiAXDdBOxHtVlBxUSmJiEoNL8sx4DufJf2wQS1HTDFOT3Do6p7f5-1uPG4HP7Qp7nX_dn9hdLTdOcsJ4&topics=3&tps=3&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KlJqRlN5ZW91d1pTUlh0Q1hHREJEdTBwa19BU3JjTUdoZ0dmalJIM0ktYkhsLTVRSWNqRGdRZFFmYXU2QXdITndYARI0CgpwdWJjaWQub3JnEiQ1ZGY4OGZkYi1iMGMzLTRhN2EtYmIyNy1iYzVlNmQ3NzVhMWRYARIcCg1jcndkY250cmwubmV0GMWKwqq_MkgAUgIIZBLOAQoOZXNwLmNyaXRlby5jb20SsgE5dzBjTlY5U1lubG1USEpSUTJjMWFFdDRXVVp1UTJsbWVEZElPSGhCY1hsaGJscDRRV3BxU1dJM1RIRmhWMVI0WmxVMVVta3pjbkpFVjBwVVkzZG1VR2N3ZEhFMGJXaFlWWE0yV0RSRWVXZHFTVlJ2VG00M00zWlNUVVp0V0RaMlVFeFlZazVLYUZoblpWVlNhM2hzV1hkS1NITjNaMHBTYTBWdVRsbGpOM1J5U0V4NVdBGJDmwqq_MkgAEhYKB2V1aWQuZXUYxYrCqr8ySABSAghkEhgKCXlhaG9vLmNvbRi4msKqvzJIAFICCG8SGQoKdWlkYXBpLmNvbRjFisKqvzJIAFICCGQSFAoFb3BlbngYxYrCqr8ySABSAghkEhsKDDMzYWNyb3NzLmNvbRjFisKqvzJIAFICCGQSFwoIcnRiaG91c2UY-pfCqr8ySABSAghq&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734987513944&idt=907&ppid=5df88fdbb0c34a7abb27bc5e6d775a1d&prev_scp=pbsd%3D1%26amznbid%3D2%26amznp%3D2%26hb_env%3Dweb%26hb_adomain%3Dc-up.co.il%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.18%26hb_adid%3D299d131769d0fced%26hb_bidder%3Dcriteo%26hb_rf%3D1&cust_params=category%3Dcomputing_graphics%26audience_interest%3Dcomputing%26origin%3Ddirect%26ECT%3D3g&adks=1863772561&frm=20&eo_id_str=ID%3D7da85bfa1fe80eae%3AT%3D1734987516%3ART%3D1734987516%3AS%3DAA-AfjaM5Euaiy8rXBrn5WKVL23a&td=1&egid=31438&tan=8bfbbaf0-3206-47d5-8553-91433b2f1dcd&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
bcb6cde5027e74974f308a98fc2204be4857d7f1e153fed4ea4d04367c735e18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
dcb
google-lineitem-id
323972549
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 23 Dec 2024 20:59:02 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138303033644
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://ezgif.com
content-length
2524
x-xss-protection
0
server
cafe
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=KygbfF9PS0hsM29kR1V3VlcxakxIbkFtZ2FmZ0RlJTJGQWJ6dk5ZWTFRSkglMkI3WG5QcyUzRA&gpp=&gpp_sid=&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-s0qbHok8Zi8...
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-s0qbHok8Zi8yrW8r7avammgeGAzt-U9evq91BQ&gdpr=&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/match?p=KygbfF9PS0hsM29kR1V3VlcxakxIbkFtZ2FmZ0RlJTJGQWJ6dk5ZWTFRSkglMkI3WG5QcyUzRA&u=e956d046-38fa-4e19-bbe5-64f4a598c858
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=KygbfF9PS0hsM29kR1V3VlcxakxIbkFtZ2FmZ0RlJTJGQWJ6dk5ZWTFRSkglMkI3WG5QcyUzRA&u=e956d046-38fa-4e19-bbe5-64f4a598c858
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Server
178.250.1.57 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store,max-age=0
date
Mon, 23 Dec 2024 20:59:02 GMT
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//ssp-sync.criteo.com/user-sync/match?p=KygbfF9PS0hsM29kR1V3VlcxakxIbkFtZ2FmZ0RlJTJGQWJ6dk5ZWTFRSkglMkI3WG5QcyUzRA&u=e956d046-38fa-4e19-bbe5-64f4a598c858
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 20:59:03 GMT
b-bde0e05-b5b90430.js
tagan.adlightning.com/setupad/ Frame 76E0 		68 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8006523641cfe7752eff7fab6bb5a7f7d0881ac0d494447eb8541e5f645d2edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
etag
"777a63c7bb73394365962e8e0fd2dc01"
x-amz-version-id
tHAtBRpN__u5ySMyvqtc44KVZeaJWugx
age
4582575
x-cache
Hit from cloudfront
x-amz-cf-id
lim2m97is37oNdZaufHwSgdSUEwyKmHio9nTlUHuLkyuIrwCskVdug==
date
Thu, 31 Oct 2024 20:02:22 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 20:01:47 GMT
cache-control
max-age=31536000
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
25896
x-amz-meta-git_commit
bde0e05
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012410292120000/ Frame 76E0 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"f2f37e2e78f77a16"
age
370671
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
56191
x-xss-protection
0
server
sffe
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 76E0 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"981e33f595c3ea40"
age
370676
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
5211
x-xss-protection
0
server
sffe
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 76E0 		95 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-analytics-0.1.mjs
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"5e018091947c60fe"
age
370676
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
29021
x-xss-protection
0
server
sffe
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 76E0 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-fit-text-0.1.mjs
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"deab494dea0d53b6"
age
370676
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
1906
x-xss-protection
0
server
sffe
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 76E0 		40 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410292120000/v0/amp-form-0.1.mjs
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
"f2575cb9f4cf0f6e"
age
370676
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 14:00:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 14:00:47 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
12953
x-xss-protection
0
server
sffe
css
fonts.googleapis.com/ Frame 76E0 		20 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f10.1e100.net
Software
ESF /
Resource Hash
7d219cea3316552d5927b5b7528f1192223374dd1b9dd58c48e5de057af6e3f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 20:58:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 23 Dec 2024 20:03:55 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
truncated
/ Frame 76E0 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b011b2167c7f14ba42b07011683f6e6779010cab9f86782377fabe7bb207ced9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
en_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 76E0 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en_bl.png
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
3004170791804808702
age
29031
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 12:54:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2980
x-xss-protection
0
date
Mon, 23 Dec 2024 12:54:56 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 76E0 		344 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
6766994032117382215
age
62569
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 03:35:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
344
x-xss-protection
0
date
Mon, 23 Dec 2024 03:35:58 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
l
www.google.com/ads/measurement/ Frame 76E0 		0
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 76E0
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=COPArFs9pZ4SDBLPTjuwPs9mE-Qys8uyGfKGAy-KGE7epnZ2KKhABII3kvSlg-br0g5wQoAGE-ZbGA8gBBuACAKgDAcgDCqoElQJP0D6dcyRFHyabsF67KFkzUJnGl0UraXhzYQ_iwooI...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe2a7e80d18ab2d90000000000000000%22,%222%22:%220xbbfb17407987d4040000000000000000%22,%223%22:%220x518e1f...
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe2a7e80d18ab2d90000000000000000%22,%222%22:%220xbbfb17407987d4040000000000000000%22,%223%22:%220x518e1f1e383731e30000000000000000%22,%224%22:%220xea469b26eb7ddd720000000000000000%22,%225%22:%220xc2db4001994b2f9c0000000000000000%22},%22debug_key%22:%227643029835689666485%22,%22debug_reporting%22:true,%22destination%22:%22https://curiositystream.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22952482948%22],%2222%22:[%22true%22],%224%22:[%2212-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217694316414724183745%22}&andc=true
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:59:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xfe2a7e80d18ab2d90000000000000000","2":"0xbbfb17407987d4040000000000000000","3":"0x518e1f1e383731e30000000000000000","4":"0xea469b26eb7ddd720000000000000000","5":"0xc2db4001994b2f9c0000000000000000"},"debug_key":"7643029835689666485","debug_reporting":true,"destination":"https://curiositystream.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["952482948"],"22":["true"],"4":["12-23"],"6":["true"]},"priority":"500","source_event_id":"17694316414724183745"}
content-type
text/css; charset=UTF-8
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xfe2a7e80d18ab2d90000000000000000","2":"0xbbfb17407987d4040000000000000000","3":"0x518e1f1e383731e30000000000000000","4":"0xea469b26eb7ddd720000000000000000","5":"0xc2db4001994b2f9c0000000000000000"},"debug_key":"7643029835689666485","debug_reporting":true,"destination":"https://curiositystream.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["952482948"],"22":["true"],"4":["12-23"],"6":["true"]},"priority":"500","source_event_id":"17694316414724183745"}&andc=true
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://ezgif.com/

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-methods
GET, POST
access-control-allow-origin
*
date
Mon, 23 Dec 2024 20:59:02 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v62/ Frame 76E0 		35 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v62/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ezgif.com
Referer
https://fonts.googleapis.com/

Response headers

age
366425
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 15:11:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 15:11:34 GMT
last-modified
Tue, 29 Oct 2024 18:37:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
36216
x-xss-protection
0
server
sffe
view
securepubads.g.doubleclick.net/btr/ Frame 76E0 		0
0
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"493ea254-2b"
cross-origin-resource-policy
cross-origin
expires
Thu, 18 Dec 2025 20:59:02 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Mon, 23 Dec 2024 20:59:02 GMT
content-type
image/gif
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
pixel.gif
static.criteo.net/images/ 		43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"493ea254-2b"
cross-origin-resource-policy
cross-origin
expires
Thu, 18 Dec 2025 20:59:02 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Mon, 23 Dec 2024 20:59:02 GMT
content-type
image/gif
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 064E 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 064E 		0
0
b-bde0e05-b5b90430.js
tagan.adlightning.com/setupad/ Frame 5F40 		68 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8006523641cfe7752eff7fab6bb5a7f7d0881ac0d494447eb8541e5f645d2edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
gzip
etag
"777a63c7bb73394365962e8e0fd2dc01"
x-amz-version-id
tHAtBRpN__u5ySMyvqtc44KVZeaJWugx
age
4582575
x-cache
Hit from cloudfront
x-amz-cf-id
lim2m97is37oNdZaufHwSgdSUEwyKmHio9nTlUHuLkyuIrwCskVdug==
date
Thu, 31 Oct 2024 20:02:22 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 20:01:47 GMT
cache-control
max-age=31536000
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
25896
x-amz-meta-git_commit
bde0e05
x-amz-cf-pop
FRA60-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
view
securepubads.g.doubleclick.net/pcs/ Frame 5F40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssH9_rwIjgB5OAXhhloAXj7h1kAmBcG2GF6u0nQoxUe7XvbWvXx4eBsRZnHyKDuH64w3q2TZ85OgRyCgNpHjsPlGa26520_coI4Ae99IuiKRCe6XyNkVhzYfY5O_1kW6rrKncn7c0kgy9IrwjHn7-yWVLCHhKHFbQ7iUHkVOj4M495tlOfF4CBNdf6p1P9oaRsDCQZNGF6e8A4mTGKi--OMpdyp04ccVPOaGUFw5BmHFEKcUBdwwN4mLfFhQ4ROyON56E-azOY_JinFUgTG2nd74rZUfBDA8NXBylbE2As-aGtO13SpliGE6pi2Sz2nL2bSXcNFt1LA2RchXS5ze5EnncNaiJzStMBykhbwueLhkaal3FPgfXUSYqtAZIlRat-YlnJB5lezcXdVxo1AqkdOJ_vF1Ecc9ZAPjeP31pGmuUQ&sai=AMfl-YRS4H__idshoWPyEa6ALyfFerbBUVp9AZFG_ZLqPIawP1WpOP3-tCYWHv03sFRM_7LpRDFzDdOdwtBB4-SnpUhe-5XKXedLGitrzSECS9orr4TNhmTBuXeVRblp9-A8-iA3OunbQYIiEaZCAPE&sig=Cg0ArKJSzHwa2dVFI-tAEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9CDC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJzDdBDknrPhGBjV4OWlAjAB&v=APEucNUEM34yPVNJUZUPWslvkyPLgQP0pvcGnLSwZDcI24-UqAGSuNUKgJlb9_WP2sVSQwzB9S8Of6kj_B8LDLr7NVhm4z11e_d2YlFVNuzLdxih0FtpeEo
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
262
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 20:59:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5F40 		105 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
d22438a908fb754c1bd6e2f368e8f43bcc5092c126b5688d0cc14b0804727585
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
8686496304925888373
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:58:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:58:38 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
36916
x-xss-protection
0
server
cafe
sync
pool.admedo.com/ Frame 5F40
Redirect Chain
  • https://gce-nl-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_custom_parameter=e956d046-38fa-4e19-bbe5-64f4a598c858
0
0
dvtp_src.js
cdn.doubleverify.com/ Frame 5F40 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=33677394&cmp=DV1471444&ppid=351&sid=bidswitch&plc=BSW-IQMF-DISPJS&adsrv=0&advid=3891363&autt=1&dvtagver=6.1.src&auprice=0.2238&auxch=themediagrid&pltfrm=themediagrid_A6ODQF&aufilter1=BSW&aufilter2=IQMF&auip=31.187.78.15&DVPX_PP_AUCTION_UA=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/131.0.0.0%20Safari/537.36&aubndl=null&turl=ezgif.com&c1=USD&c2=16&c3=themediagrid&c4=16&gdpr=0&gdpr_consent=${GDPR_CONSENT_126}
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.138.255.24 , Germany, ASN201011 (CORE-BACKBONE Core-Backbone GmbH, DE),
Reverse DNS
Software
/
Resource Hash
0146b623d89e25ec60c9eb0e7573c8719296b6e4a721e6d63126279b1fc4dc64

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

Access-Control-Expose-Headers
*
Cache-Control
max-age=900
Content-Encoding
br
ETag
"4181fa8e9f3df81f82fc2f30afac3142"
Connection
keep-alive
Expires
Mon, 23 Dec 2024 21:14:03 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
3226
Date
Mon, 23 Dec 2024 20:59:03 GMT
Last-Modified
Thu, 19 Dec 2024 02:24:11 GMT
Content-Type
text/javascript
opdFsIuIjcgR5pDJLzj984xdb5Ms035k0jEwqlVD4B85SpJHV5d
media.grid.bidswitch.net/imp/XXfkWPyZhmqtkzzXDfSm-jxTSAP0AZ78EA3KmCChuJJYM5BRiyay6uaXw98TC5MaO7UTuCuF5jtzgUHPbZUw2uw7pCWmCTbgshQdOnt6uzl1ip-NMVDBWu5Ezipj2tNF0ZVVFZDOZrZ5Wdvr80yAG_Xt9Pw0uKUbcvSKrdNM... Frame 5F40 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.grid.bidswitch.net/imp/XXfkWPyZhmqtkzzXDfSm-jxTSAP0AZ78EA3KmCChuJJYM5BRiyay6uaXw98TC5MaO7UTuCuF5jtzgUHPbZUw2uw7pCWmCTbgshQdOnt6uzl1ip-NMVDBWu5Ezipj2tNF0ZVVFZDOZrZ5Wdvr80yAG_Xt9Pw0uKUbcvSKrdNMiasy0YgMlB_BlV-JME8gBzRrgio1dwO95d9Lwrp2tIC-EVOPgLUrGP2ikeZdFTfU4dxfR9zvq0ZXK6545tJerc70g29lCrCvgc-xHmdbQBo7LUKCl2-yLP1qz4KzdVpRa0awuj1Ow1hT96U1FTKvWkP3-HX6dgH7P2CSiH6NzdEBW6y49pMAoE8P4rc1mGIFj9BF9B9vD5mTJpKFhlVBt8x0q-2tYIBNhF51EA2cPQTmIRtcD_oeiy7wkuBmVbzVsoLI22zaoYUf9FBxehg/https_A_B_Bghent-gce-nl.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCR2vhFc9pZ9u0PMLM1PIPvZ30-QKg66vwe9jexefbE2QQASCD____eYfYPm69IOcEKABvN____1-D3IAQKoAwHIA5kEqgTlAU____Q8auGxj-uaqk1j3N____M2Uf7cqbF____Bp41LiG3qQcnc25SIy3Tnn3z21____S____Q1Eo4xBaWsbaAB7AcvzTT2tXYcWD73JR____Y4xSEDQaFjiUjgh3jwZhj3aHt____SvRcSfuzpCzhREvX3DRipYyiYxpDWsxLHk6P8-HlVi0zqDPexLRGVRzivloFphf-S3WPOegKlfxIGQiLF4lpAN0qRhQkdOVQ0wYeDwi-9S5Exi3tom6MxQ59jk4BUeXge3Aojt4Ce3d____2olRBHhbID-707D1JaNDjdEHA4x13dQ2km8AodErLzJUT2wiPABJSZp____7oBOAEA4gF86aM50-SBQsIIhABGAFIjtG0ApIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGAoAHvJfG2BioB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH7paxAqgH____p6xAqgHr76xAqgH98KxAtgHAPIHChDi1A0Y1eDlpQLSCCYIgGEQARhfMgKKAjoLgECAwICAgKCogAJIvf3BOlj684Sh5L6KA____IIGmJpZGRlci10aGVtZWRpYWdyaWRfYWJlNDEwgAoEyAsB2gwQCgoQkJ7qgNTupNl0EgIBA7ATmpfRGsgTwcqK5QPQEwDYEwrYFAHQFQGAFwGyFwoKBggAEgAYABgC6BcBshgJEgKtURgCIgEA__Jsigh__RSPVYVfFEMOQ__Juach____m__R__U5BUACH__U5D__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQShQEAmuy-3RSN14BeRq-TYb1T70SZxQpqhAilEIctr4w4HNHLbZxQ-2Uhp6BXryPbHsnIfZEa0jNVsM3rczGaejd3PIXowugcjMRNBwGSMajwtr22cNyEGNNU93ldRkIETO3em6-dQHX77ep____0bQuxA-9eNc-kyScHxaPXASW3MAfDNYyCZ0nGAE_BN4IVN-RnNGJf-beA0d5E33amoqwxYQlLwh-Xl9AaNIz9cDewH__u3wq6dQcgiqWyvQhdXd7FTokaGnzvvQ6c5-BTftqB8GsL-hfSD8XcmiAEsQp2ph73CYgEFHpIdMj3tKz8cqsjMwvyy4Et3qufBBC1YSPE7-Wr7XOJSCHQoppHir8XEpPba3y9Xb1iLT5WPN2ZcaDD2xgtVFS2ZcK38__txfhlnHFra4BqbcQhotS43-bWfasbR3VYC2a__Q2WL7IygqfOJMa__9fW75yviUJ3H67kwdVLluTIlhYai3TB1CcWj__I0rOiPTFPK8vb7aBp5eqqfr34nJi9__-Jjy89OpTdaLCEjZ9zsOb-zOW-3fPu5tMqHK__oX0tDA62B4UM3ct-5sMfv__xDEvN__HcBiMlmW37eT5vuNKvsAOE-WTMYPx2YBWtPd52mOcQZPgWqsZKxr__3krIp9lFAl8Cj7__q2Fl86V4kgZkw54CEPINggaV8n8k4qPzIXxevPQvRkNUgc9pPx6kAzsndUI__ggGyMHHKmBmAe7O5i1juW9kIYXYtOs-4A8OTO0WO55sivhhQYp7UbCpZ1-VybTIKMaVD7lShCgn20xMnF4dGFVQlr8o4zVodrZb-WONI8yuUZOL95D8n34ZF0wlQAPrCuUT6gTOpj68qOGuHzFlHId90iwz0nsDxhsbxjjsAspu6GKn-AkTBZ6DTzEMWJUmpRm637vMMRmxBqrBkzsbODUBsC8zrHR6btqSERJhd7A37ji5Nsbgn2Xm8SDt8RYOzUYWEPMhhtHTbADSGLupTFrF07IMPgPvL7FwWNPHIlkNUqGvvV5f7gqFs7bODvcKsgac3KgoD3kF__eJvrzCn4__jmc6LRRtw6N4ORVJflXWEx1WwQETPhoLgkPJqrq0AHkAUoYcNkx1t0eu6gsZNszCHl24maA3ibHBGj54xEI8KE2__QKmPzJwPigNrLZ3fohC0I2S-XvL5Bt3CemQeIe930hyBiAsIxGrpkczbknXldCi8SISi5n5zndHgx-JyzRM__Kdkr8R3YLV3fID-CjmoqIGTi7CWR8p-MdrIcFpUSjueKs6q3ImTTXcgcvobnpWCdIadMFlTsu9p7FL5jjR4Y9Cx__QMV-Su8juR7RRPNJQtAgvCE__fsQNDfpngC-QVaiSVaLLuEfIoY-YcNdxlh8JuCUKaU-ZbYgI5c1L21c-64pLVhSpbiZav6Z0qa7F7GLCPfvwe0e3QOsFgWbiklkdVLLEAoJQm__HMRpmfQ15C6S9h23vF4gn2bZLBZvHOHSb__vTcZ68oD3uuClUmp0nBE8ey0ctBy4VWBB2t8ZNhqkHe__m28soVjnxblHLwGa6zFahId0UOl7Xu9rK1S2I-QxaDGCoqjPRUWvzRpp-jxNrbaJe5_B/opdFsIuIjcgR5pDJLzj984xdb5Ms035k0jEwqlVD4B85SpJHV5d
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.214.200.194 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
194.200.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
43
Date
Mon, 23 Dec 2024 20:59:02 GMT
Content-Type
image/gif
Server
nginx
Connection
keep-alive
cookie-overlap
grid-mercury.criteo.com/notifications/ Frame 5F40 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=ezgif.com&bid_id=0-66b0ef7d-cf5f-4a7a-9155-d843ef52ab2c&ads_txt_id=A6ODQF&has_bsw_id=0&bid_price_usd=0.191349
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.59 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=31536000; preload;
date
Mon, 23 Dec 2024 20:59:02 GMT
server
Kestrel
cross-origin-resource-policy
cross-origin
tpd
cat.nl3.eu.criteo.com/ Frame 5F40 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F40 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AvoNILDdQTbRYV12qAaR8b1K8k4oZc5eVZIZYo_8h1MNNNBAwLLRWH80j2sTkOUgZlRZxsnGDwcxGpb9_s-bxIlNYKLggrg5gbsMCVUIGFx7ctKTY
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
node.php
node.setupad.com/node/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/3148
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://ezgif.com/

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-methods
GET, POST
access-control-allow-origin
*
date
Mon, 23 Dec 2024 20:59:02 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5F40 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
437
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:51:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:51:21 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F40 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=206295403989&version=m202411180101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F40 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=206295403989&version=m202411180101&ct=2&x=38&cor=2486011198111049700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ad
googleads.g.doubleclick.net/dbm/ Frame 5F40 		85 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLoLnjUleZRdFljwGPT0mkgKnpmrDK8bLypH0QWMOhuW7E2tvcz9ISrEnyxWZEA_Oy__ITOmntg15njuKnyfrmjffElSD76YWrB72HgJTxIiUIp-cBNX1sXntyYu625XUDkEz2qJh_ALOgaQ5cBtWFATYj4EouKtJMRGQG8mDHVy_EJvgAuUkvONiJDuC8svOmz3BST_jx-dqj-3-S2v3hYyCEwP0zqaHAJF9nAeXNV1DcK-U&cry=1&dbm_d=AKAmf-A7F_fV4SKT2u_IiHbB2y46cYUOdqALRt2kKtwIDHfFyso1FbmWSQKVi0MiXkMbUm-XLJK2krMF7t_p9a_CeTh-BwS7iu4XCFeOT50mkYtWXCoZQaKflqX8-Y33eJ9mPFiJ1vNUFBl_Nkv1E6bMxLYNm5gQDIoH87tbygnGcrqXmq3hs2whMc_wjFwSevdfL3g1NH5_romQexmANmSbk7w_yJuhFQIAVwo1EapUesvAQgUUTZgrWlsqAYeuJ6_-KNIOtjGuPYD-rvRUcgv8n4gOLWZHFhfjp5MldTD9TIXe_dOqoTvH3yRJQw8PfyAJrUm6NewBFO42QZeMsP1G4nfgnAm4ikkcWsIIpsSvjGfm4Jvf3FbzFj3DY9IF_UC3rXQhUvpfIS2WQhj3goudmQYm72XNZ6DzhoOuyc-Fptok0ijr_xz8jpS7eOWrgsVIMxX3476nFBWKw3zT4XZ1irbqWsHSiIejyp29OLgeSgkMBJ5Uiol7mHQQSFqJU5PVfDJny2jcW4gF-yR54fBOwNmbyRH6d17ZlZA-2ldlhmQVG0_ythoB9Kpvb-Q2sH3W7uJzvhJr13VanrPbmH93nufW9vZ9HfliUozbSsT8Eiy5mi02z_in3mA9_93nkzZ-AYr1axQdVDl-0pW6MuW66qp-OZxhPZweuwMNVAwjFJTSZa2I2Nqqjx-CiBsyunzzEsnXRHiG2WZ5cd3L10Qwbw33-1cPigX3hT85oF8NHzOsH6j6Vg2yEcMhd2ZgRrQsW0bQTB3YdtuTHmn0pXf9jER8y6lmnixMFXc6z2N53KLMTQXDqvQf33rZTb_7yySGEbn1gCLKmoR2WoMM64gioh5FLKoVifN0POzPUvi18e3Ywl-FOnMsaQEIXB3uwF80ZLr_Nbl2j03YpqWnIAkSsfqaFq75Ygsxlxs-NS0QmvxSXlkD0Y5edfo4Scazk3vlVwspcIhlRlWoZ20Y2Mm5bIM0sS_dIARWLCwEqyhSXkIzTmAfKhHyvjcYcYZT-GobOfH7fZAKXOCezlluLE5eeYMz4m9MZfmNMXksUiVT5WzMiN_7WSY99MsSlHX1LqM7rVm0AQ9LaPj43atcDZPgj9bsboaqfBviDrUZ0vlX0Jaz6MnHIOKWHycnqC0KFcabLuHVrX_PFY9Y1tDWiXMCiOW4goj2_omH_DdtFDQPRLd3-sDt-nEbzEFjERGlRfQ-4vSQQ4NqYTiAUiLF9fATYVZvsIzwCWSWQknI23s5OChuSIMXLo1kOIXx9YbvzZQa0ESRts9OjSSQsWE3TiLm8xIALp3Lve2yPcRn3aN-l96Y5dV-zLg80cyVZdFuLdQagUd58hIiZ2J4xz3ki7fcYSQccAEON5T9rX50DuDYXliJB0ib8JYx006KMUdY4bmJUpY_Dz3aGtSA_tUXbyRBb4JXoiAP8KlHjryJG2QLKfWCuHazTtPKkuK9rt7KA35-dtoYnw--DO5uZ8iQJZGsC3J8-zQOCiK0LCmEz-NTsuQYPH24_HBbl1Y21lGOrScD7Qv9bQ6tPpoXgbgOWEFmim_lwHB-p6t1H8lO5UihgChUBvPAd_tIsGIWxvBSRIVZ1CwgAInTVjqk6WvyvOgI4-i1FOEEKWK5oCbYnopsRHePaiNiPzprLTB51XRkkEEIm3b8pm2h1b4S5UyDt8meCfWHX2y2SUhwCpztF3QRQJXddxgbJ5Xt6MlKrv33r9QQF76EsgvGznvj0lgnWlbIxMdy0weS-QShU-zoMd-OJZ8XL4YVJkSYd2URpC3sqjoL-h0Ia1FeYFWTettoVmChwxTTUCBlXCKlIo6pDHv0oIAlCBRNR31dA4iMzZJLSQTnXWxmGksSLmtzgYM7q-2IuIfwXIgujfH_J5lbSRkfwaah2WwuTdbUXB8wfgLbThwYjXxMMQLzm8FLsGpGaj4yuucm4MZcnK04-czgJI6mkMUVWtT1MdhR09jb2AeLmXPPUJPgRB4I87ir10PgMBwk68MR_mqxA0vq_7Vu-ax0BpVu-ZQ_Alo18btWnZAOaJ9xZb6WEnjdZjH2fYL378PhsGfwQJPP54QmuamM6qTTKQ9x6M56fnx2n8v4A8qhdCAQSZUoO5xpTisRZ45krtXfQQziPC47cZ8RPZqQAI16OvzR07i6MDNiU6bE3aihBddK2A3Gl2Z7K8FejjnMpXM_KWtYK3RnyDz5mk6isG7marvP-4J1R9Hw7uoXH_ecITgLlgVa-GOfATb_1dn4x3ldJjZyFCww1lFLGcScQEnWK3tNCVfB2f8OtWtuMchBtFXiLRaZ9szvRmUgXHby3zzPcNzABs2dEaKtKNNIqAXHFhzcakME-eChvGXu29UCpUf1ZAMC3dAMxJ_OkAAU1RxeZ8sy3uaCcn1DiXEButfdpaPTBw_dcCzluF75gPTj-fjppIzchrszWYpKnjMRu0lOLVR69jW042xjl2EQiuYZ5cocNcD0mCuRokoeoofzRm1QYdxYYmG1_P1BLiuYa7hQsVjCJ_rl3vBg__9y2lC_roK-JF2seqCRGLa9cXQhtshN5kt9TkQe5Q4mr-wVk1foHFwxsTxy_bi1DVejqoMiwo_nfdyK83fI_fG8PDYQ37OUVHB_Pa8W1g6OyMFccKoLyfdJabx3dyZ6oNGZz4LZOLFzcTtsnq5BELxmS6AECwqvpJM5lDluGGophHyuDj3a2_QjWKruRG3f34OuNrSnVyXWn7NXK2uQlsuz72-peLXaqZ9vRB_mEilin75zwYQPgBeCiX3TXzcUGwvc3rxSY1XcRaVwCPrIBmsO28WGbD58iKvcXjQdTYK8VY4P4NiNLAFNUF7iWF6aw_dBhKq_SeCw116MItwfZtyIA6e5upZquKKipYsm17gqvKtGZMLWGPqLRibWEIlA2DUJ6fKd6SEwrxuJKVY8Qe2K-Gxh71vGaYXwRCLM1Dm6RNAQS_stjPuIAzCsT0Bf-hOZ0zqPpTdpYdJR7ZtL5Xa1IPD1qnZ6VdNvkyy_gePLTefDTL0_mHsEDvxAMe2TthqftWIYfe6ygWAawjMKxBgzunaxPou_Vm0xGdgqIJB4ZE4fiAhAEhmAR5udXf1_YDtF19eGcTX0vFE5vJ0LyFLq3K5mifRmRFEcSsDcoMo9bBNxx_QrRQC4oSP-sic3L_mRGhdDX50wJ5_Ox6udEjJt7zpMXPskevR6NSZWsLvAiVtf87A1aVptDuk9C9wsEigBOWsRp-LvqL6xP4eH5aVRPGljyUQawZPCSlWJN0eJRriJHUCT1Qpr-PF_cg0Nv8g-dEPKMFewaGj-io16_7s5DpGnJNUnCMX5RBVVghQMg7RG5d8NpT252emD0knYAYLd-gqltUygCwjyUPpVngXVbmHH1_rZTW1t1xNRM0UeNM4pO8XDeQ09tI893OM9yUwi4gNHSMps9HDoOlch6hX4WxKMAVfq25G4wJ4zI2AE8K8n5s0fFSjSgjk_fymZDsm82W_sFTwwkLalbXjq3opQrk4PpHZmHzNQ4v8Qyaows_czNnQodhoetUUxX-GserWa29mNJoxrbxGKOQ24aOqnryB4IFhLdM9t8piIaCNAt4_OpmwrhTKqDqSS44QBPr6VwESJclqrbLpGQKxGXwXNAFhZgbC89PwB_eEv4aGQZISBzZFbqhppdH-yEJQk3TnCm8O2nXvbIdhmPjCZAXhWWveIRA_Bgiyme9sIxTCDM2BE1t39pDx0R2TJqUuUiE8x8tO936KpljG2Cfg60f3YFgVPbiyzhzy5t4ryu5sCC9Hnf_bntO1CB64ROHIKflkeJhJxlj_LtCt1LDfiYzhBRc29jrsUAXIZLHSz8D8eOajOl-x69XTSDMlkgQWdplDDZKLQvt0VKGcLlTwh4HreQ-ITAfPrv65oGto_4S06S0hibqpeFDlngwOXQNa4ZVwwAzmdwrCWtaUtRy4Ibvf4nsECY5fYm06_lYuq41uY0KDTpm16vlzb2cC2WarVi2HbGKj9l4KW-NIU0ZyEfXOEpQQMmkcifUS9QrMGIbd3wQNLswaU8M37II4zjwf4zx2Rnbp1rvESwh-d-yRxiBeWCS7xV6WaUDl7gyN3E1KPUftNPl4wdkT_jq4gJDeHg6qeUQZfHC659mWG2mSHZaNT3L7w5u6dNM3FCA0YhALTcTVNXhMie6tPB9A24wtEmIEssagW0frQ26h95sy6hUVZTkVQ1x16mdpaOL7WzY2RJS-_U-GfZu6fjIGcah8aKyRPE27u485CArMytN59zsWiOuACs_0KTcLaiPgYIMWldbepfUBvTF_CBDtFy91Q15bPPXwOIK-whNWf98w&cid=CAQShQEAmuy-3RSN14BeRq-TYb1T70SZxQpqhAilEIctr4w4HNHLbZxQ-2Uhp6BXryPbHsnIfZEa0jNVsM3rczGaejd3PIXowugcjMRNBwGSMajwtr22cNyEGNNU93ldRkIETO3em6-dQHX77ep_0bQuxA-9eNc-kyScHxaPXASW3MAfDNYyCZ0nGAE&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&dv3_ver=m202411180101&nel=1&rfl=https%3A%2F%2Fezgif.com%2F&ds=l&xdt=0&iif=1&cor=2486011198111049700&adk=1653260602&rc=1&dtd=51
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
adc1343b1ab3af7c3e8991fba0648333f4ef87d7a13368862981a68fac3e2172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
39903
date
Mon, 23 Dec 2024 20:59:02 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
15135654432974524970
s0.2mdn.net/simgad/ Frame 5F40 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15135654432974524970
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f6.1e100.net
Software
sffe /
Resource Hash
95d7a628dccc8580bb87e11944d5ddfc905e689cb2aaeaba2411caf9a3dbac18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

age
461137
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 12:53:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 18 Dec 2024 12:53:05 GMT
last-modified
Sun, 08 Dec 2024 19:46:56 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
31498
x-xss-protection
0
server
sffe
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/ Frame 5F40 		30 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
39eccff87303e4def8d131109b031c3a973ed7163d9739eabdbdb1f5b710ec73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
1851978643320982193
age
15051
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 16:47:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 16:47:47 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
11583
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5F40 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
216
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:55:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 20:55:02 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/elements/html/ Frame 5F40 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
39761e2a7cb0e42a8b09fbbf0d2c4cd9fb0c1568c045b1c5e387177dda8ff064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
etag
5098607549323971572
age
15544
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 16:39:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 23 Dec 2024 16:39:34 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
4393
x-xss-protection
0
server
cafe
view
ad.doubleclick.net/pcs/ Frame 5F40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssf3N_Y_6GnnLkfDHjGiDdRLBLBUwC12HScqOQ-vdpgcjEVCm0F0ODXDvsU9fIHC8rTebPnNV9hEl1Q3liNSjQ9c0B5JWYjK8hhiaED6t-0fg-i1LVal82dRmF4S6a9XEVXnupO1zn_oeVHEILqRw93f3-k5L1AapnJUKqnJnVa_Q3OscBVXcoDsXWoMnnRQxGTBWb6f6UU7RSrLg0ztlSabQ&sai=AMfl-YREHW_PDcdFBOEjgi-GOKk2b4_g5xH3Po4qes86hMX6tN7Iyso4F3WGAfh9wwwP_YoPDLatCh-m_UNDqksDwUQ2AceEyXZweQMp_nzzObPzbGlbaxWdSsasxBGFuAruplnlxjZ1GS-d7-_pPsRzH4h9bz1JuvqrERvvXVyhKe6VCknzrkhHLTNhCpg1KgkEYldSnaSsm4Yj6kwiATUeu0HJF6FX4xglEv2zJ7o5t3qXaKplBttp3A&sig=Cg0ArKJSzG7UeKyfNyt5EAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9taWxlZ2EuY28uaWw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=2&dett=2&cstd=0&cisv=r20241212.96004&arae=1&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:59:03 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:59:03 GMT
x-xss-protection
0
content-type
image/png
attribution-reporting-register-source
{"aggregation_keys":{"27783644":"0x4d37a4adccc813c60000000000000000","27783645":"0xbd5985b9ccf811d60000000000000000","27783646":"0xba1268d1630a4ec80000000000000000","27783647":"0x6286a0edb7652d150000000000000000"},"debug_key":"17206220272853391722","debug_reporting":true,"destination":["https://weshoes.co.il","https://royalty.me","https://milega.co.il"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["105835932","105835941"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["14674086"]},"max_event_level_reports":2,"priority":"0","source_event_id":"2899123772447598616"}
server
cafe
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5F40 		41 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

content-encoding
br
age
1282
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 21:27:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 20:37:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
13937
x-xss-protection
0
server
sffe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:59:03 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:59:03 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:59:03 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Dec 2024 20:59:03 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 043D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ezgif.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
975
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 20:42:34 GMT
expires
Mon, 23 Dec 2024 21:32:34 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
log
hblg.media.net/ Frame FD65 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AYQGcgCAjASAAAiAAABAgAEAAAAIAAAEAAEAAAAAAgEEAAAIAAAAAAEAAAAAAAxQ_AQEAEA5OGQ3MDE2NWE4ZTI2MDYyM2E2MmQ2ZmNmYjRkOTRkY96tmZ8H9gMrE36pnzfJPwRJTBJlemdpZi5jb20SOENVQU1CVTM1JmV6Z2lmX2NvbV8zMDB4NjAwXzIOMzAweDYwMBAwLjE3MzM2OBRjLXVwLmNvLmlsCmV1X2JlIjE5MDkxNDhfNjE2MTMyNjkzBDIzDFBSRUJJRBI4UFJMNEU3TjMOMTkwOTE0OAAmZXpnaWZfY29tXzMwMHg2MDBfMgIxOnJ0Yi1jb21tb24tN2ZkNjk4NGI3LW1qdHpkLkJFEnVuaWNvcm5fYgIxAjAABgAwZ2VuLXZibHRfcHJlYmlkX3Rlc3RfMl8xRjIwMjQwOTI1MDg0MF9nZW4tdmJsdF9wcmViaWRfdGVzdF8yJmdlbi12Ymx0X3ByZWJpZF9hbGyMASRNRURJQS5ORVQgRVhDSEFOR0UCAmJAZWJhZjc4Yzc1NDE5NjAwNThiZTZkMTYzY2MyYzc0Mjg&evttyp=1
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
expires
Mon, 23 Dec 2024 20:59:03 GMT
access-control-allow-origin
*
content-length
35
date
Mon, 23 Dec 2024 20:59:03 GMT
content-type
image/gif
dv-measurements7021.js
cdn.doubleverify.com/ Frame 23C8 		419 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements7021.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.138.255.24 , Germany, ASN201011 (CORE-BACKBONE Core-Backbone GmbH, DE),
Reverse DNS
Software
/
Resource Hash
a021e373ab74d3f6e2266741c0f44e06c538243c2f9e4970cbdcaa8bf59bee37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

Access-Control-Expose-Headers
*
Cache-Control
max-age=31536000
Content-Encoding
br
ETag
"2caef60da288f5f5986c532c497508f1"
Connection
keep-alive
Expires
Tue, 23 Dec 2025 20:59:03 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
84333
Date
Mon, 23 Dec 2024 20:59:03 GMT
Last-Modified
Thu, 19 Dec 2024 02:16:54 GMT
Content-Type
text/javascript
truncated
/ Frame 5F40 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1c06b07fad921a15171f632a645f7c4b73702affd726049e1584b136f8c64fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 6949 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpV3R20GFW9bdPX5tXMdxjB_CZvoGC2OS1MUGXbaD337gwDroygO3lBwj6YjUOgOFO8_O9UVXved0Efqjw0oZpl8jn_bMQXVWX-PD8-Y-z-cmoT5NQf2-qpPM1RQapS9WvXKeNbRIiFf-nRsBetco&sig=Cg0ArKJSzMXetovbcoKvEAE&id=lidar2&mcvt=1000&p=0,0,600,300&tm=1007.8999996185303&tu=8.299999237060547&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=0.65&vu=1&app=0&itpl=32&adk=1040758303&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3092034200&rst=1734987541982&rpt=293&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Dec 2024 20:59:03 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
visit.js
tps.doubleverify.com/ Frame 23C8 		578 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?flvr=0&ttmms=309&ttfrms=23&brid=96&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTau6K8%3A7%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau6K8%3A7%5D4%40%3ETar9EEADTbpTauTau6K8%3A7%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTau6K8%3A7%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=49&ddur=459&uid=1734987543524526&jsCallback=dvCallback_1734987543524148&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=7021&tgjsver=7021&lvvn=28&m1=96&refD=1&referrer=https%3A%2F%2Fezgif.com%2F&fwc=0&fcl=834&flt=7&fec=303&fcifrms=23&brh=2&dvp_epl=170&noc=10&nav_pltfrm=Linux%20x86_64&ctx=33677394&cmp=DV1471444&sid=bidswitch&plc=BSW-IQMF-DISPJS&adsrv=0&advid=3891363&turl=ezgif.com&c1=USD&c2=16&c3=themediagrid&c4=16&auip=31.187.78.15&gdpr=0&gdpr_consent=${GDPR_CONSENT_126}&errorURL=https://tps.doubleverify.com/visit.jpg&auprice=0.2238&ppid=351&auxch=themediagrid&pltfrm=themediagrid_A6ODQF&aufilter1=BSW&aufilter2=IQMF&autt=1&aubndl=null&mib=0&dvp_auip=31.187.78.15&DVPX_PP_AUCTION_UA=Mozilla%2F5.0%2520(X11%3B%2520Linux%2520x86_64)%2520AppleWebKit%2F537.36%2520(KHTML%2C%2520like%2520Gecko)%2520Chrome%2F131.0.0.0%2520Safari%2F537.36&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=26167586490.986984&ee_dp_sukv=26167586490.986984&dvp_tukv=20658472536.134575&ee_dp_tukv=20658472536.134575&dvp_tuid=24946762308&jurtd=3077684835
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
7294c522539a9853213df2d0d99c8979b9bdc74ba3cac2fc8a0a9cb473099937

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=0
Timing-Allow-Origin
*
Content-Encoding
br
Pragma
no-cache
Connection
keep-alive
Expires
12/22/2024 20:59:03
Date
Mon, 23 Dec 2024 20:59:03 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 76E0 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_AeqjUCL-FApT0o7OEd8IaO1Uq5xqwbP5-jxeEYIoCyfl85_eNuJx5RtYnrv0xgBjp6P8V5OhOUpEZPaCVqLooljX4qFegGAo3WDNX3273w4CSRRMOztHeiKYj7JGbmTqgU_MgbpBjnc_vor-eZAvAdmCozZ9rtCkgnnPkdKHWYYMxIvowiykzzF1mjM07ZdtxQ&sai=AMfl-YSZXnmdml9LqtctTjNeFyEyKfEvzLOHnAVaKL880npqYwtN2AhsRRx4ZrZBA2kO2osV-douUp3_UhU03si9KeBBg0YQ40poHEE6Z-aT_3LygPSLo7NawSovxLXOhnQektbWURotH4IByBEyu7w&sig=Cg0ArKJSzOr34s-4AjOIEAE&cid=CAQSTQCa7L7dZpXhdw9gwQVyXnUsuS8lmWabRu11P-twQ0NwaDb6ndySMP6YHgzCpqPI-TfVG6QpgSwUD7Tg84hnl-wcEW0a6eVV6QQBFS4QGAE&id=ampim&o=762,28&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1038&mtos=0,0,1038,1038,1038&tos=0,0,1038,0,0&tfs=94&tls=1132&g=100&h=100&tt=1132&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: ezgif.com
URL: https://ezgif.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Dec 2024 20:59:03 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 5F40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRtUh4WIdvK7IifSsHGiFvuwSdvsFhqZ-brBWSvYrCg3C5JNFCs5tzgpE4A9dKoyCDgY18swq_LTt2p4w6YR6aKy5J6-qGAk4t58fFLD-Zcssi4snjixtJ2eKutaYAZEkcTxwWbGDrBdQxu_xFv2iZfO9Ebl3eOx37IDbHTYxADRxMvYbt0TmtQ1ILYeYRtSE-mfpbk8_2vVGPckPN337AGqvU3Uvem74YVRdzDWvOmUsO96FRAWfdM2JL12VyTFXPPW9aPCyDBxl8toeHFtAjlxrYAEPdhhr1BoKmhyRqKaMo04AEf9MTexUpTiBNrX5R1xAjLUafQGdX1h8G3bIBfr5XKlIxNKJp9TdfrW06Rkhs3lgwMkpPAI-c4xWqffbhIDCbWz0AgaNTRy3I5eIM2_tl1i_OWHZoMuMWT1vIbvMPZA&sai=AMfl-YQD6J4Dt5AnUWoRtC4yAmNXnxCvrsAVVfmXHzDjugN38UqJpGGpcwR1TsRIFEfPw2j4WdwUv53ZH-JNNfh10TyAdHKHBlH-GdIzNKvCl8tFtKld4G5Y-KaCBvO5_pXEhgfqR6CA01-6_Eqrz8s&sig=Cg0ArKJSzPGMWDIjZnOBEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 20:59:04 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 23 Dec 2024 20:59:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 5F40 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpWROuo2rkPDbAU_INvV5Cc0DDqOnZ8nnx72_pcv997gwE1hyq2piR-S9-I-6GO7WWSTRTYcpwNMFkhuhl1HXq5rKLHCperduZXIum09phkOg-sRl9O_9vHiG7L59HxUK4QCERAh2wy9QB8byuYLk&sig=Cg0ArKJSzGH6fxXaaBlqEAE&id=lidar2&mcvt=1001&p=0,0,600,300&tm=1023.3000011444092&tu=22.80000114440918&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=1653260602&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3092034300&rst=1734987542689&rpt=344&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-bde0e05-b5b90430.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ezgif.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Dec 2024 20:59:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
oa.openxcdn.net
URL
https://oa.openxcdn.net/esp.js
Domain
tags.crwdcntrl.net
URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
lwadm.com
URL
https://lwadm.com/ad
Domain
tags.crwdcntrl.net
URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Domain
adx.g.doubleclick.net
URL
https://adx.g.doubleclick.net/pagead/adview?ai=C0Y7X-85pZ8GEM62RjuwPo_KbMaDrq_B74OfF59sTZBABIIP95h9g-br0g5wQoAG83_X4PcgBAqgDAcgDmQSqBN8BT9Bp9ZKUpZasQizEqDfMfmFMUynWKMf6fAaGoqcJfFQLV13EZ52kFqs7evONkbhA-hBM9EceuMoUZ2W9DVaha5BA4fWC0rIhPgPD_h53poSaul8MhYz6QjskIQJNxcdBaPIdYmLCerVeOPRNLxxe5g9I1pXeWt-bjh9i1WhmrHXVL9mRBw8b8SYNo7QTotjwZeBVm527RDTY5eOnGaMxRzS01t_WoU5FBHhiRQ9Rp6zyZf9dm0fUgzEGnq7zjeSWkOtDZ2qxNnux9E81BmfVD_CTcJdAeknzt1g21yteTcAElJmn_ugE4AQDiAXzpoznT5IFCwgiEAEYAUiO0bQCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAYCgAe8l8bYGKgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwDyBwoQstoMGJ_F5aUC0ggmCIBhEAEYXzICigI6C4BAgMCAgICgqIACSL39wTpY4dbIlOS-igPyCBliaWRkZXItbWVkaWFuZXRfOENVQU1CVTM1gAoEyAsB2gwQCgoQsO6j_PbnsIpiEgIBA7ATmpfRGsgTwcqK5QPQEwDYEwrYFAHQFQGAFwGyFwoKBggAEgAYABgC6BcBshgJEgLUaxgCIgEA&sigh=7xbKMErNJKs&uach_m=%5BUACH%5D&ase=2&nis=4&pr=38:0.208&cid=CAQSSQCa7L7dY2RYjcYa2wLfmnTQ-wBx3yf3Cq-AWkHoJIl0lyXOMahQcStKO8zAJEVegXUyiZvPtPmzxEGBWSKctWvCIekQMR4-dCwYAQ
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/btr/view?ai=CCqWg_M5pZ76GOfm4juwPxfXV4A_o4Kmue5jKvvziEpTVhvG_JhABII3kvSlg-br0g5wQoAHM3pu4AcgBBuACAKgDAcgDCqoEhgJP0DrGzJn__KUdePqrtquZNnc1PnmfNAmGeqzWU8ob3Iw5URvjkDt3LZw-HjEHrQfVim-QG4G8vMy-ZWgtOIemtYbCij09ruWMDGb4IkjHFQA6E4TmEBbGWP2e3xUazSu5qU73Tmt6BsKBQeLnEOWFLOcHsjoOugdD2Mqz3UEW_gVeXFeIp3TkY_8pmgk3uQpl1SMg1hfvTAjlNxWWnyQUsBvrhnchyPIwsXSHTaypFcpr7TLwyOrjF2sZAr1Td_De7DuFZIRLLvBDrjVuwOkwr_uNjWQzm-PMAYA4441OEncXnJAmqEQ4AoHBJfRvlTTyKWpSMlLdStvR02iFPvpx2stkg0PvwATnrf2S8wTgBAGIBaud8JRQkgUECAQYAZIFBAgFGASAB5yh5McCqAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBBCykwHSCCYIgGEQARgdMgKKAjoLgECAwICAgKCogAJIvf3BOliVroiV5L6KA_IIG2FkeC1zdWJzeW4tMTM5NDUwMTEwODc5Mjk5M5oJwwFodHRwczovL3BsYXlib29rLmNvbS8_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1wYWlkJnV0bV9jYW1wYWlnbj1waG90b2dhbGxlcnkmdXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmY2FtcGFpZ249MjE1MTg1Nzc1NDMmdXRtX3Rlcm09JnV0bV9jYW1wYWlnbj1wbWF4Z2xvYmFsJnV0bV9jb250ZW50PSZnYWRfc291cmNlPTWACgPICwHaDBEKCxCg86Hpv-mfwt8BEgIBA-INEwi49oiV5L6KAxV5nIMHHcV6FfzqDRMIzvCJleS-igMVeZyDBx3FehX82BMM0BUBmBYBgBcBshcgChwIABIUcHViLTM5NzAyNzc1MzU1Mjg2MTMYleIfGAG6FwI4AbIYCRICnWMYASIBANAYAQ&sigh=3xf3p4PWCdY&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSYACa7L7dhwlaGG3U3RCjwFrR-JQNTvz-bdQVVg926rpWGgjRLo267cpP00GJf71W5tGSmAJZhPOgqetDWk90kAwKJbOo0P5BS7-Kah9erzJpvhcUnjUAfYdbI4P_ZBCpBxgB&template_id=492&ibtr=1
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsOq5Vdb2_VfD1vf9-NzSKOmhie5VmKRBVXFr__tNQvmo_VaRJRCVVGX3Ei7VMY8kTFzxapeY5kamXq14Kev5mwLGUUQ
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/btr/view?ai=C10VMB89pZ8y6JNSKjuwPx9bymAWs8uyGfKGAy-KGE7epnZ2KKhABII3kvSlg-br0g5wQoAGE-ZbGA8gBBuACAKgDAcgDCqoElQJP0N_7MR7vFWJdAmahBItHzNnAwTHB2-SfgzXXKuEepfVDhy1-FmtQ6sr190i62W5D9_J7CMbzBHlsQTvkSFIV0wlaI-J3Joj7fwl3e8SFbDarxt2v8MGC0Gzk0q2EdLQaq6XyVtMToOdTxNDNITLXDf-btpXL8yddSepWI44bYaofGBqQ-2qOfmfxP0VjbmcIpIv5zOdOfqFwJTMfXQul_mzzzs-hogJZgHKcS5hNymaeOQOiSFti200Kq0k4t8Anh5XFNOqy4teBQPxPXegl4gR6E2P-2pjtSPiDfddxVt2blgeY9LzUB_KGWhiY7KiNkJa19eHMZaj4WFy-rIu_7H1uePaRFefNtVehyXVTxMRWpoyUwATKl-zhzATgBAGIBbjW89JNkgUECAQYAZIFBAgFGASAB-SG6TmoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBBCwmgTSCCYIgGEQARgdMgKKAjoLgECAwICAgKCogAJIvf3BOlio2JSa5L6KA_IIG2FkeC1zdWJzeW4tMTM5NDUwMTEwODc5Mjk5M5oJf2h0dHBzOi8vY3VyaW9zaXR5c3RyZWFtLmNvbS8_dXRtX2NhbXBhaWduPXtjYW1wYWlnbn0mdXRtX21lZGl1bT1wbWF4JnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9wbGFjZW1lbnQ9JnV0bV9jb250ZW50PSZnYWRfc291cmNlPTWACgPICwHaDBAKChDw9fPvquT0xTcSAgED4g0TCLmMlZrkvooDFVSFgwcdR6scU-oNEwi46JWa5L6KAxVUhYMHHUerHFPYEwzQFQGYFgGAFwGyFyAKHAgAEhRwdWItMzk3MDI3NzUzNTUyODYxMxiV4h8YAboXAjgBshgJEgK9UhgBIgEA0BgB6BgB&sigh=-kSTvdg02Mw&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSTQCa7L7dULeDl3KBacQo-MJBmVxwztYOSiIqIiU49yUHKcuDdhAFQZ8JJ36Gl4U7RheBxcHPwrIS6ilhx_nLfhC8Wvtf2nNEQ2SJuaJWGAE&template_id=492&ibtr=1
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?ptv=144&profileId=185&av=36&wv=8.27.0&bundle=9w0cNV9SYnlmTHJRQ2c1aEt4WUZuQ2lmeDdIOHhBcXlhblp4QWpqSWI3THFhV1R4ZlU1UmkzcnJEV0pUY3dmUGcwdHE0bWhYVXM2WDREeWdqSVRvTm43M3ZSTUZtWDZ2UExYYk5KaFhnZVVSa3hsWXdKSHN3Z0pSa0VuTlljN3RySEx5WA&cb=11558659560
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/a/c
Domain
rt.marphezis.com
URL
https://rt.marphezis.com/hb
Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
prg.smartadserver.com
URL
https://prg.smartadserver.com/prebid/v1
Domain
pbs.nextmillmedia.com
URL
https://pbs.nextmillmedia.com/openrtb2/auction
Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/a/c
Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3doRk7G0gvMbriZqW1nN015DeovVP6oORxXkzvidtr50Ii_tBJJQ277JEBnLaApUyD2-1-olZyLEYBEMYGHK1VRdE-RE5OWB_zSQdpnNrFKIAcSbfYHoAnGpmbCz2Q7Dx7o2OiRfq1yZ1yAYCnz4&sig=Cg0ArKJSzM7OzQkWwjtaEAE&id=lidartos&mcvt=19266&p=0,0,600,300&tm=22954.60000038147&tu=3688.5&mtos=0,0,19266,19266,19266&tos=0,0,19266,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=0.65&vu=1&app=0&itpl=32&adk=2751007027&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&co=3092031801&rst=1734987517975&rpt=4672&ec=1&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjdhSMsw7XPamOCMu2HKO4pWkZaxmuc__yGf9ZrZRFwDtZRWYWFo4q346glnXW60sakk9CjvMt0QmvyWkMEmVE5d-H5w
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/btr/view?ai=COPArFs9pZ4SDBLPTjuwPs9mE-Qys8uyGfKGAy-KGE7epnZ2KKhABII3kvSlg-br0g5wQoAGE-ZbGA8gBBuACAKgDAcgDCqoElQJP0D6dcyRFHyabsF67KFkzUJnGl0UraXhzYQ_iwooIACVFc3WZ1shcdANUzihzEfn3jKHBdNdt7_mrzkN-A32tdCiTWFB5VjBwVtkMU_lW31KNxUlFRsJZVqgE6FV5yKxh1-ePhiEozBUFKReFyCt6pe7gq6dJICXNY1wiKaAIVINPWRD6HooiyiQFtptZQNj9AtSorlJa9klTxOBwqR4vdRJynoqbzRooMxgf0I8DlN4FS5RndImDDcl4h7NaAr99Dgb9CPaswiq8BSKmlnEB53pFfOUObey7zqe5ms3_nsl_HUfzs4mb3VqPlKRm_8p8y5UhwdfIYUxuNktFlK-2CxNJo-xwGFVAu_qtWFL1hA0e7LkjwATKl-zhzATgBAGIBbjW89JNkgUECAQYAZIFBAgFGASAB-SG6TmoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBBDanwTSCCYIgGEQARgdMgKKAjoLgECAwICAgKCogAJIvf3BOlia3oeh5L6KA_IIG2FkeC1zdWJzeW4tMTM5NDUwMTEwODc5Mjk5M5oJf2h0dHBzOi8vY3VyaW9zaXR5c3RyZWFtLmNvbS8_dXRtX2NhbXBhaWduPXtjYW1wYWlnbn0mdXRtX21lZGl1bT1wbWF4JnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9wbGFjZW1lbnQ9JnV0bV9jb250ZW50PSZnYWRfc291cmNlPTWACgPICwHaDBEKCxDAy-z4xpvg2JwBEgIBA-INEwimk4ih5L6KAxWzqYMHHbMsIc_qDRMI8veIoeS-igMVs6mDBx2zLCHP2BMM0BUBmBYBgBcBshcgChwIABIUcHViLTM5NzAyNzc1MzU1Mjg2MTMYleIfGAG6FwI4AbIYCRICvVIYASIBANAYAegYAQ&sigh=WmdTsdSkUew&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSTQCa7L7dZpXhdw9gwQVyXnUsuS8lmWabRu11P-twQ0NwaDb6ndySMP6YHgzCpqPI-TfVG6QpgSwUD7Tg84hnl-wcEW0a6eVV6QQBFS4QGAE&template_id=492&ibtr=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqyNScHtBgR5hPTDtlqLfXQ-Hol0djCvUNNbBsZlWh746S5OGep1SFNuhXOP5DSMDkVV0r1EGu5SfbW9vBox9I9tKmR6Y9sGz0eiqJ16DGhLg4FDKsAGX8TpHPZFVc6MSh4yqy1dqfLujWCpoFv8s9QujErBy5YJ4ogQ4qY96_3HifgWUoIHGKvzZkMIvzojmEaQ&sig=Cg0ArKJSzPF4fmdIlcaMEAE&id=lidartos&mcvt=10951&p=188,126,788,426&tm=11931.5&tu=980.6000003814697&mtos=10951,10951,10951,10951,10951&tos=10951,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1863772561&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&co=3092033001&rst=1734987530441&rpt=1268&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssX-V1Ajy1yE8HTQmRzl_vZQkX1iwCHkzWHwsdoAjerHFZbzekBia2sphND3diMTjqk-Lohigny8SFrEIFWl5S4siEe4blkEJd2evs5Stq4gERVQyMwHn6SZhT_nZB_qnLMs3zVd5USM2JMrcZYnSI&sig=Cg0ArKJSzPfeenh-q2SnEAE&id=lidartos&mcvt=11901&p=0,0,600,300&tm=11934.79999923706&tu=34.29999923706055&mtos=11901,11901,11901,11901,11901&tos=11901,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=1653260602&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&co=3092033001&rst=1734987530441&rpt=320&ec=1&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Domain
pool.admedo.com
URL
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_custom_parameter=e956d046-38fa-4e19-bbe5-64f4a598c858
Domain
cat.nl3.eu.criteo.com
URL
https://cat.nl3.eu.criteo.com/tpd?dd=a5Vj019IM3ptQnBhcUtzVzJqMk5yZmFxJTJGMUJLMW45TVVXbGxiek56TW9UOE9PYjVpRFZRcXMlMkJ6bVd2dHRYWm8lMkJHRnhPTGRIUUYlMkI2UWpCU3RSNm5Cem5DSkZnR21YdDh0VGpWbVVLMUoySENMJTJGNmRoeElCeFpvWGF0d1NlcDVUa1p5N0V3c1RjeGlWNDFIWUNYWjBkQVVoOHhWVkxvS1VsN0NsaTZNalJYdndQUHlweUgxOUZKNFJKcTFTcDRucEtlSUJ1RlN0Z0clMkZNJTJCb0QzVFZLUkFWTCUyQlJxZEZJRHlGOU1aV2ZQa0hZRmJYODBtWTAxQmF0Mnh6amIxQ3RUdWJvUUN2THJFeThaJTJGSURHcFhINGNkOW5lckhOTG43UCUyQjA1dXl2SGhYM2VMM1k0VDdidGRVbTBieXB5TVJwdDQlMkZoOGdJRSUyQmFpMkFVZ1dTdXVyWHMzYmhwZmJXeiUyRkpzbkZZcmRoUHRURWRDV05HN1pNMUppWTRpdjZlc21sYUYlMkZuZ3lWbDFyRzFRMDRENmdOcWJUbEh4UEUyWTVIMkZmZTlGSGxNeW04UlpLZHdLVkRhS1JJUFJNVXpRN0pUZEVTak9qb3hnVU93M1BOOUFKMUxMa08wcSUyRmxReWJEakRId0hmNmt5bVdZb1lObFFYYXlnVUpuM0xucm0lMkIwZFBCNGRnZXZucWVnS3BEV3hsZkNSd0g3MzA4WnpJbzZ2U3dTJTJGQWVQeG9pWEtGMHBxSlo0aEdKUm5RaGtWWiUyRk9FTSUyRjR1eEZoN0hsU2JuOXl1NFl0V1hFc0VZYjl5OThhWWdDVHlGa2JjcHcyVDlVeGFMVjFBUGprblo3SyUyQlpRYVloYTVPM3BwN0FOaw

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 function| docReady object| s string| cmpid object| s2 object| googletag function| inView object| ggeac object| google_tag_data object| google_js_reporting_queue function| __tcfapi function| findCMP function| _defineProperty object| stpdChunk object| stpd object| _pbjsGlobals function| stpdPassback object| stpdSource object| ADAGIO object| mnet string| clientContinent object| __stpdTags object| __bt object| __bt_intrnl object| __bt_tag_d object| apstag object| aax function| stpdLog object| google_reactive_ads_global_state boolean| __bt_already_invoked object| stpdCmpGlobals function| manualCmpPreview function| manualCmpResurface object| google_tag_topics_state object| Criteo object| nmmRefreshCounts function| N1t0Oo function| N1t0OI object| xop object| 5jqv25c5fk0 object| _aps boolean| apstagLOADED object| apscustom object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded function| ha object| cnvr_launcher_options function| ab3ZiD2 function| ab3ZiD3 function| xblocker number| google_unique_id function| qCZ52K function| qCZ52r boolean| DFPMessageEnabled object| sas object| apntag object| _ADAGIO object| PublisherCommonId object| googDdmPs object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __euidSecureSignalProvider object| __euid object| conversant object| publink_options object| coreid object| __id5_finalization_registry object| ID5 object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_159 object| Criteo_identitytag_159 object| criteo_pubtag_prebid_144 object| Criteo_prebid_144 object| ONFOCUS object| _33across

198 Cookies

Domain/Path Name / Value
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr-exp
Value: "2024-12-24 20:58:36"
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr
Value: 3
.3lift.com/sync Name: sync
Value: CgoIgAIQhbXCqr8yCgoIoQEQhbXCqr8yCgoI4gEQhbXCqr8yCgoI5gEQhbXCqr8yCgoIhwIQhbXCqr8yCgkIOhCFtcKqvzIKCQgbEIW1wqq_MgoKCIwCEIW1wqq_MgoKCKwCEIW1wqq_MgoJCF8QhbXCqr8y
ezgif.com/ Name: stpdOrigin
Value: {"origin":"direct"}
.ezgif.com/ Name: _sharedID
Value: 5df88fdb-b0c3-4a7a-bb27-bc5e6d775a1d
.ezgif.com/ Name: _sharedID_cst
Value: kSylLAssaw%3D%3D
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: ljt_reader
Value: J4aqABZHHOGmn5jHQQ-KEKG7
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.sharethrough.com/ Name: stx_user_id
Value: 1fbcd7f0-ecdf-4ffa-8308-a516ba656738
.3lift.com/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: tluid
Value: 1804902919947190017435
prebid.media.net/ Name: receive-cookie-deprecation
Value: 1
.a-mo.net/ Name: amuid2
Value: 985fdec6-87f4-4ae8-835e-a8062876f96c
.a-mo.net/ Name: pamuid2
Value: 985fdec6-87f4-4ae8-835e-a8062876f96c
.prebid.a-mo.net/ Name: psd_amuid2
Value: 985fdec6-87f4-4ae8-835e-a8062876f96c
.prebid.a-mo.net/ Name: sd_amuid2
Value: 985fdec6-87f4-4ae8-835e-a8062876f96c
.4dex.io/ Name: uids
Value: eyJ1aWRzIjp7ImFkYWdpbyI6eyJ1aWQiOiJiNWRjNmJiMi0zY2I3LTQ3NTUtODJjMC0zNWZhYjY0NjhhZWMiLCJleHBpcmVzIjoiMjAyNS0wMi0yMVQyMDo1ODozNS44MzA2MDcyNTVaIn19LCJiZGF5IjoiMjAyNC0xMi0yM1QyMDo1ODozNS44MjcxMTU2MTVaIn0=
.ezgif.com/ Name: cto_bidid
Value: 4WlNf19sMnAzSkNzRGtvcXYzdUMwJTJGNDNwajNpZmdUcTlEV0lITVNEJTJCMkFhTUdUU290Ym9GUmFiTDE1cXdKcE44RFJHZ3pYZmdQTXA4cElVbmhuQmRMUDF5eXclM0QlM0Q
.cootlogix.com/ Name: vdz_sync
Value: 3879576f-1f08-56da-d7c8-46300e2d92ce
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d99999
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: receive-cookie-deprecation
Value: 1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500070931%3B%24ql%3DHigh%3B%24qpc%3D61000%3B%24qt%3D35_866_22388t%3B%24dma%3D0%3B%24qo%3D3
.smartadserver.com/ Name: pid
Value: 1043720355458788004
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500070931%3B%24ql%3DHigh%3B%24qpc%3D61000%3B%24qt%3D35_866_22388t%3B%24dma%3D0%3B%24qo%3D3&c=1&l&lo&lt=638705843162826453&o=1
.amazon-adsystem.com/ Name: ad-id
Value: AzpuF1SApUK5pHB0dYEIgtk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ezgif.com/ Name: __gads
Value: ID=2abe36590a488876:T=1734987516:RT=1734987516:S=ALNI_MZPFHNbl6ZNQguBERin9bVoPuPRCw
.ezgif.com/ Name: __gpi
Value: UID=00000f7abbb44c1f:T=1734987516:RT=1734987516:S=ALNI_MYWc9D1CBqpYB_oh7RlDKOYazZ9gw
.ezgif.com/ Name: __eoi
Value: ID=7da85bfa1fe80eae:T=1734987516:RT=1734987516:S=AA-AfjaM5Euaiy8rXBrn5WKVL23a
.360yield.com/ Name: tuuid
Value: 865317df-4adf-48df-8511-4a4286bdf427
.360yield.com/ Name: tuuid_lu
Value: 1734987517
.a-mo.net/ Name: _sv3_0
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: S_g3KdCw3DO5YontvBzdBqZGYMoZjsn0-dCT011RezNr7zXK0a9N5-hEBfH37V-HCQO7onjbOIs69mLtFbqJdgsZOEarPYtBQsXqJ1Yjw1g.
.adnxs.com/ Name: uuid2
Value: 379148967230319548
.yellowblue.io/ Name: wrvUserID
Value: acWciL-rk
.doubleclick.net/ Name: IDE
Value: AHWqTUktkXuuUeymui_7uRaSZMsSeW-1NJ5Ypj0lZLH-1GVWZa3moRWN2zepBhhc
.googleadservices.com/ Name: ar_debug
Value: 1
.a-mo.net/ Name: _sv3_3
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi4eC8VFS8oIeUagJ7YTOIMasdh5DEbZl4kH_CZjoJU-0cfYqQ
.a-mo.net/ Name: _sv3_14
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.casalemedia.com/ Name: CMPS
Value: 5035
.media.net/ Name: visitor-id
Value: 3779891196891134000V10
.casalemedia.com/ Name: CMID
Value: Z2nO-osFVZ8AAHMyA.SKiAAA
.casalemedia.com/ Name: CMPRO
Value: 4839
.media.net/ Name: data-g
Value: CAESEO8FvNfGrqSpj2uzQ_FwvBM~~9
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1NrKwMDcHkcZCfIa6fubGjk7xkRZJ3hbhAJQMXFIlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1NrKwMDcHkcZCfIa6fubGjk7xkRZJ3hbhAJQMXFIlAAAA
.3lift.com/ Name: tluidp
Value: 1804902919947190017435
.media.net/ Name: data-rk
Value: 5144588532887732883~~8
.zemanta.com/ Name: zuid
Value: eNTint9s_R6CGOTP4o_W
.ezgif.com/ Name: connectId
Value: {"ttl":86400000,"lastUsed":1734987520880,"lastSynced":1734987520880}
.contextweb.com/ Name: V
Value: dH1Fk6ADFvVz
.contextweb.com/ Name: VP
Value: part_dH1Fk6ADFvVz
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ff563a65806b3d76
.bidr.io/ Name: bito
Value: AAQ0AE7O054AABiMT4d-dw
.bidr.io/ Name: bitoIsSecure
Value: ok
.media.net/ Name: data-p
Value: dH1Fk6ADFvVz~~8
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1735867950667549031
.media.net/ Name: data-exp
Value: setstatuscode~~1
.outbrain.com/ Name: obuid
Value: d53f59c9-ee88-46d1-bc26-54c471482d68
.a-mx.com/ Name: amdt_t
Value: p::1734987522486
.a-mx.com/ Name: amuid2
Value: 985fdec6-87f4-4ae8-835e-a8062876f96c
.a-mo.net/ Name: _sv3_2
Value: 1
.media.net/ Name: data-ze
Value: d53f59c9-ee88-46d1-bc26-54c471482d68~~1
.a-mo.net/ Name: _sv3_4
Value: 1
cookies.nextmillmedia.com/ Name: NMUID
Value: ebed02ec-5061-413d-a3ed-679a51fd574d
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 71265840-0627-4C42-8252-E8118E92FCDB
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.tapad.com/ Name: TapAd_TS
Value: 1734987523921
.tapad.com/ Name: TapAd_DID
Value: 3d9c1099-2d77-48e2-ab76-167dfcf96234
.lijit.com/ Name: ljtrtbexp
Value: eJxdyrENwDAMA8FdVLsQLcsSvVqQ3QMkFVPe4y9rt4OKDRbmGraonspOdUENj3%2FYGrJfp4fXN7QOJKXcD46kILI%3D
.id5-sync.com/ Name: id5
Value: 599ac1c2-e6fb-7f6f-b285-5c0fc743f96c#1734987516658#3
.media.net/ Name: data-ttd
Value: 1a059d05-2b21-4bbc-81a4-73d39dea3edd~~1
.bidswitch.net/ Name: c
Value: 1734987524
.bidswitch.net/ Name: tuuid_lu
Value: 1734987524
.bidswitch.net/ Name: tuuid
Value: e956d046-38fa-4e19-bbe5-64f4a598c858
.mfadsrvr.com/ Name: ssh
Value: !bidswitch=1734987525
.quantserve.com/ Name: mc
Value: 6769cf05-3ee0d-1fba7-30a19
.media.net/ Name: data-bs
Value: e956d046-38fa-4e19-bbe5-64f4a598c858~~1
.rtb.mx/ Name: amuid2
Value: 985fdec6-87f4-4ae8-835e-a8062876f96c
.33across.com/ Name: 33x_ps
Value: u%3D212929219495362%3As1%3D1734987525649%3Ats%3D1734987525649
.rtb.mx/ Name: amdt_t
Value: p::1734987525724
pbs.nextmillmedia.com/ Name: grid
Value: eyJ1aWQiOiJjYmJiYjYzNS1lZGZjLTRiMzYtOTU0NS01OTI1ZTdkNDllYzAiLCJleHBpcmVzIjoiMjAyNS0wMS0wNlQyMDo1ODo0NS44OTY3OTgzMjNaIn0=
pbs.nextmillmedia.com/ Name: triplelift
Value: eyJ1aWQiOiIxODA0OTAyOTE5OTQ3MTkwMDE3NDM1IiwiZXhwaXJlcyI6IjIwMjUtMDEtMDZUMjA6NTg6NDUuODk3MDM1ODM1WiJ9
pbs.nextmillmedia.com/ Name: openx
Value: eyJ1aWQiOiJkNjVkNDBkNS0zOTk0LTAzZTktM2IxOC02NTdlODcxYmFjZmUiLCJleHBpcmVzIjoiMjAyNS0wMS0wNlQyMDo1ODo0NS44OTc2NjcxMjlaIn0=
pbs.nextmillmedia.com/ Name: sovrn
Value: eyJ1aWQiOiJKNGFxQUJaSEhPR21uNWpIUVEtS0VLRzciLCJleHBpcmVzIjoiMjAyNS0wMS0wNlQyMDo1ODo0NS44OTg0NTU5MjdaIn0=
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 82837955-02ee-5266-ac3c-e33acb552c3c
.betweendigital.com/ Name: ss
Value: 1
.adsrvr.org/ Name: TDID
Value: d61f5e5f-0b48-49d1-ade5-b4ceca30de6f
.betweendigital.com/ Name: ut
Value: Z2nPBgAF49Bw9pIfy_ASBCXTfJs2USWoDrPipA==
.simpli.fi/ Name: suid
Value: 9BEF8337442A40638675069A00DCE4F1
.w55c.net/ Name: wfivefivec
Value: 6FWxkAYE1TpPvM5
.criteo.com/ Name: uid
Value: a684b10d-c801-43fd-b762-dfb623864d0f
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.w55c.net/ Name: matchmedianet
Value: 5
.ezgif.com/ Name: cto_bundle
Value: 7A6OYF9SYnlmTHJRQ2c1aEt4WUZuQ2lmeDdBb0hZM2lCNE5wNVhaSWRRdEJ5Mk9URUdqVjVWT2Z0eml3RFdGN0ZxTE9HUlZnVHg0NnhWRTRYS2cyYnJSdGZTQ1VDbHZaRUxqSmNEOHhDUjRnZ0lLNVoyVzFud2J1Ukh0M0phWHF3OGRtalBmRUNoUEVtWENielhDWEhKaVluWVElM0QlM0Q
.media.net/ Name: data-xu
Value: 6FWxkAYE1TpPvM5~~8
.doubleclick.net/ Name: DSID
Value: NO_DATA
.yieldmo.com/ Name: yieldmo_id
Value: Vz3VcwwlL1wSws5w9T1Z%7C1734912000000%7C0
.smaato.net/ Name: SCMsas
Value: c0e91bef0c
.rubiconproject.com/ Name: khaos
Value: M51IS0HB-23-GB43
.rubiconproject.com/ Name: khaos_p
Value: M51IS0HB-23-GB43
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
cookies.nextmillmedia.com/ Name: syncedBidders
Value: {"openx":1,"triplelift":1,"yieldmo":1}
cookies.nextmillmedia.com/ Name: lastSync
Value: 2024-12-23 20:58:48
.c.bing.com/ Name: MR
Value: 0
pbs.nextmillmedia.com/ Name: yieldmo
Value: eyJ1aWQiOiJWejNWY3d3bEwxd1N3czV3OVQxWiIsImV4cGlyZXMiOiIyMDI1LTAxLTA2VDIwOjU4OjQ4LjMyODY1NDk0NVoifQ==
.bing.com/ Name: MUID
Value: 2BF41D6319496EF702DC083D18D96F4B
.media.net/ Name: data-c-ts
Value: 1734987528
.ctnsnet.com/ Name: cid_86178b415b154a6080780ad70b9c7e8e
Value: 1
.semasio.net/ Name: SEUNCY
Value: CF03B863553C947E
.media.net/ Name: data-c
Value: e81b6d6f-2278-4889-8080-4f01d1f3555d~~1
.quantserve.com/ Name: sp
Value: CggIknESAxCZDgoJCIKtAxIDEJkO
.linkedin.com/ Name: li_sugr
Value: 92013480-7356-46ea-a863-b481b18786dc
.linkedin.com/ Name: bcookie
Value: "v=2&04cd001b-e313-44bf-8998-51735e3486c8"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3489:u=1:x=1:i=1734987529:t=1735073929:v=2:sig=AQHijhWiOI_zQsD49ZNTyy3afSjenTgL"
.adfarm1.adition.com/ Name: UserID1
Value: 7451714696055945582
.adsby.bidtheatre.com/ Name: __kuid
Value: 96248c29-d55b-4e50-a063-f9e3ff0dc093.504201529
.nrich.ai/ Name: _nauid
Value: 5c1e172a-ffce-45d8-a4be-e223c0e31e1f
.zeotap.com/ Name: zc
Value: 7c29964c-760c-488a-4c05-3d01b146f676
prebid-stag.setupad.net/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiMTczNTg2Nzk1MDY2NzU0OTAzMSIsImV4cGlyZXMiOiIyMDI1LTAxLTA2VDIwOjU4OjUwLjIzMzIwNDk4NFoifSwibWVkaWFuZXQiOnsidWlkIjoiMzc3OTg5MTE5Njg5MTEzNDAwMFYxMCIsImV4cGlyZXMiOiIyMDI1LTAxLTA2VDIwOjU4OjQzLjkyNTQ0MDg5NloifSwib3BlbngiOnsidWlkIjoiZDY1ZDQwZDUtMzk5NC0wM2U5LTNiMTgtNjU3ZTg3MWJhY2ZlIiwiZXhwaXJlcyI6IjIwMjUtMDEtMDZUMjA6NTg6NDEuNTEwNTY3MDY3WiJ9LCJzbWFydGFkc2VydmVyIjp7InVpZCI6IjEwNDM3MjAzNTU0NTg3ODgwMDQiLCJleHBpcmVzIjoiMjAyNS0wMS0wNlQyMDo1ODo0My4yMzQyNjIzNzJaIn0sInNvdnJuIjp7InVpZCI6Iko0YXFBQlpISE9HbW41akhRUS1LRUtHNyIsImV4cGlyZXMiOiIyMDI1LTAxLTA2VDIwOjU4OjQ0LjMzNzk4NTA4MVoifX19
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 4b084e15d64b669ac724c8b59b807be0
.pubmatic.com/ Name: DPSync4
Value: 1736121600%3A226_227_245_197_219
.pubmatic.com/ Name: SyncRTB4
Value: 1736121600%3A161_176_233_238_203_251_88_270_166_55_46_22_214_8_165_99_201_56_81_264_249_3_266_21_54_234_71_220_13_271_254%7C1735516800%3A2_15_223%7C1740096000%3A69%7C1735776000%3A63%7C1736208000%3A35
.mathtag.com/ Name: uuid
Value: 5b1d6769-cf0b-4400-a6cb-140de9279671
.yahoo.com/ Name: A3
Value: d=AQABBAvPaWcCEK_zo4nUhaT_hDFFTlF5qvMFEgEBAQEga2dzZwAAAAAA_eMAAA&S=AQAAAjXBbef_SvJdYY-RsihrQ2E
.eskimi.com/ Name: __eConsent
Value: 1
.eskimi.com/ Name: __eDId
Value: ae4a0079-07ac-4d86-b9d2-863638832921
.tribalfusion.com/ Name: ANON_ID
Value: alnoeUtZdPuum7SpHmS7u1MdHjg5bZatlG8m4xmwPj
.onaudience.com/ Name: done_redirects147
Value: 1
.media.net/ Name: data-r1
Value: OPTOUT~~9
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: pi
Value: 156011:4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1735009133980
.onaudience.com/ Name: cookie
Value: 1c5afce2d06a5ce8
.onaudience.com/ Name: done_redirects252
Value: 1
.id5-sync.com/ Name: 3pi
Value: 112#1734987534114#-404062350#CF03B863553C947E|19#1734987530778#-2087340536|3#1734987531585#-1518829982|1221#1734987534382#-972747390|264#1734987526442#-596399983#d61f5e5f-0b48-49d1-ade5-b4ceca30de6f|104#1734987534382#-1497453853#e956d046-38fa-4e19-bbe5-64f4a598c858|10#1734987526714#728139880#1735867950667549031|285#1734987533267#-82656624#M51IS0HB-23-GB43
.pxl.iqm.com/ Name: mnet
Value: MTczNjE5NzEzNTM4MQ==
.pxl.iqm.com/ Name: roqad
Value: MTczNjE5NzEzNTM4MQ==
.pxl.iqm.com/ Name: liveramp
Value: MTczNjE5NzEzNTM4MQ==
.pxl.iqm.com/ Name: semcasting
Value: MTczNjE5NzEzNTM4MQ==
.openx.net/ Name: i
Value: c411f0e3-59d5-0c63-2f85-c20afed2a521|1734987535
.openx.net/ Name: pd
Value: v2|1734987520.1.14|iyvQgevNgun0.gqwksLmOsfgi.j8fcvSiSnswL
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: 016337c2-f927-4e93-b4b5-e6d43e12c774
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmxiaWFuamRhamy6C8E3NrUwMgYAVAsB9yAAAAA
.media.net/ Name: data-iqm
Value: 016337c2-f927-4e93-b4b5-e6d43e12c774~~3
.pxl.iqm.com/ Name: indexch
Value: MTczNjE5NzEzNTg2Ng==
.pxl.iqm.com/ Name: adx
Value: MTczNjE5NzEzNTkyMw==
.tremorhub.com/ Name: tvid
Value: bcca0cd3db464a63a4c0303809361b9f
.tremorhub.com/ Name: tv_UIIQ
Value: 016337c2-f927-4e93-b4b5-e6d43e12c774
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-295be490-3861-5704-4c57-69d2cd0201ef.TpylbHNbI0UNXPGDsz3dn6%2BfsYtSgI2ZDNSEDlboF7A
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-295be490-3861-5704-4c57-69d2cd0201ef.TpylbHNbI0UNXPGDsz3dn6%2BfsYtSgI2ZDNSEDlboF7A
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKVvkkDhhVwRMV2nSzQIB7x-7Tg8.5yPLJOirHlQ2HEyIcSIBLdRDUvgF86b39AU5MU00iLs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKVvkkDhhVwRMV2nSzQIB7x-7Tg8.5yPLJOirHlQ2HEyIcSIBLdRDUvgF86b39AU5MU00iLs
.smaato.net/ Name: SCMaps
Value: 13c73ebf8b
.smaato.net/ Name: SCMsovrn
Value: e42430e9f0
.smaato.net/ Name: SCM
Value: c0e91bef0c
.smaato.net/ Name: SCMtapad
Value: c0e91bef0c
.smaato.net/ Name: SCM1001145
Value: c0e91bef0c
.smaato.net/ Name: SCMinf
Value: c0e91bef0c
.aniview.com/ Name: 1_C_212
Value: 016337c2-f927-4e93-b4b5-e6d43e12c774
sync.aniview.com/ Name: 1_C_212
Value: 016337c2-f927-4e93-b4b5-e6d43e12c774
.dotomi.com/ Name: DotomiTest
Value: 11312a6570da15c8
.blismedia.com/ Name: b
Value: 6769CF11FF0E0B3489ED61D5_
.infolinks.com/ Name: SAMUSERCOOKIE
Value: c0e91bef0c
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICHYxMhK-MprKnWMTh6moNyeVwisSQD_kbpE9mA_4gyWEGcYBCCRnqe7BjABOgSAOSS3QgTzGCgr.2AgaduT58Ljm3eDZc8auUqOEbVlcsloSvvAHk2RRDBA
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICHYxMhK-MprKnWMTh6moNyeVwisSQD_kbpE9mA_4gyWEGcYBCCRnqe7BjABOgSAOSS3QgTzGCgr.2AgaduT58Ljm3eDZc8auUqOEbVlcsloSvvAHk2RRDBA
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCLTczOzT59E9EAUSFwoIcHVibWF0aWMSCwi-tM2R1OfRPRAFEhYKB3J1Ymljb24SCwiqr8bs1OfRPRAFGAEgAigCMgsI2rDX9-rn0T0QBTgBWgd4a3N3OWxhYAI.
.media.net/ Name: data-r
Value: M51IS0HB-23-GB43~~1
.lijit.com/ Name: ljtrtb
Value: eJyNjsFOAzEMRP8l51qyHTtxuCW7CeVQIQTi3nazEuIOEoh%2Fx%2BULuM57M5rvwOEulNaHxZhFuAqmaCkrplIR16XLoHAIau5l4qQmCJg4gyzCYKwM3YisFx7L2tzl5O4smjaUBNH2M8ikApfLVEiyy1mLXc0nD0GKu9uRxnuq6%2Fh4%2FfKM8DZAKDEzRlVRy2aI4szQ0Unp4RmPDTjCfZP417kdnMIScZYdPcr0%2F8um7tb6hLXnR1Sptb2dXmSD7TP8%2FALLK0Dk
.primis.tech/ Name: csuuid
Value: 6769cf1314911
.bfmio.com/ Name: __191_cid
Value: 016337c2-f927-4e93-b4b5-e6d43e12c774
.bfmio.com/ Name: __io_cid
Value: 3371bcdca8fad05637d8ad77199768445188b098
.ipredictive.com/ Name: cu
Value: 583ccdc7-357c-4b35-83e5-0ca70753fd8f|1734987539825
.pxl.iqm.com/ Name: telaria
Value: MTczNjE5NzE0MDE1MA==
lwadm.com/ Name: uid
Value: ba901ec9-be45-44f0-b7e5-a9765c2f2a4b
.adnxs.com/ Name: icu
Value: ChgIuJJ8EAoYAiACKAIwlp6nuwY4AkACSAIQlp6nuwYYAQ..
.criteo.com/ Name: cto_bundle
Value: PQzwM18lMkY1YW9mbHNQWTJROTZJODR0b2duSCUyRmVielptVDBSSHZHZHRmQlhMQXN1Z2g3T3RrV1BhelNNUzRmbkNLJTJGcXJmWGZ1ODdYYU90ZXVQSXpVZ3JPWW4ycHB0UTBtM2Q5dzRaMXFFYXBsN1Mya0oycVlXVjR6bzRTbVE2NEZ2dFo3WjJXJTJGU2w4TnUxclpGUmJCdGRsSHlsQSUzRCUzRA
.smartadserver.com/ Name: csync
Value: 80:s3wJH-YtDxOoeFpDtS8SF-MpXhGoeA9HtHIJbPho|154:016337c2-f927-4e93-b4b5-e6d43e12c774
.prebid.a-mo.net/ Name: __amc
Value: 2_1734987515_1734987542
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1vhr|4is.0.CAESEBp_XoQEfY7SF2jbIr82a2o|7TY.0|7dW.0.1|2N.0.AQAJ1Z-pGnuR4wIVNly4AQEBAQEBAQCS9FGlPQEBAJL0UaU9|3oy.0|7dN.0.AAQ0AE7O054AABiMT4d-dw
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1vhr|4is.0.CAESEBp_XoQEfY7SF2jbIr82a2o|7TY.0|7dW.0.1|2N.0.AQAJ1Z-pGnuR4wIVNly4AQEBAQEBAQCS9FGlPQEBAJL0UaU9|3oy.0|7dN.0.AAQ0AE7O054AABiMT4d-dw
.rubiconproject.com/ Name: audit_p
Value: 1|Dx9X17/EDKkXsRCv5fPNFxN/gDMo4VJtUSdZIFoNR6h+4SNCS7h+Y3uywGl+pIqho+3WQimawe9CqQ3+tQhlLHMDvubSxZCG6XkpxWjLVqCNnIU/ufZ6D9ES+wzatrvcSZxjaBSpj0Oz5tji6ylRYwMhllK4WBpn
.rubiconproject.com/ Name: audit
Value: 1|Dx9X17/EDKkXsRCv5fPNFxN/gDMo4VJtUSdZIFoNR6h+4SNCS7h+Y3uywGl+pIqho+3WQimawe9CqQ3+tQhlLHMDvubSxZCG6XkpxWjLVqCNnIU/ufZ6D9ES+wzatrvcSZxjaBSpj0Oz5tji6ylRYwMhllK4WBpn
.pxl.iqm.com/ Name: equativ
Value: MTczNjE5NzE0MjU5Mg==
.go.sonobi.com/ Name: __uis
Value: c0d2c6d2-38f9-4da4-9033-2b4067a621f2
.go.sonobi.com/ Name: HAPLB8G
Value: s86181|Z2nPG
.media.net/ Name: data-so
Value: 97aa8dee-4076-427d-aee2-a836730d06af~~9
.rqtrk.eu/ Name: browser_id
Value: d7b1c8fa-60e4-4ab6-9c58-471af3a11e33

16 Console Messages

Source Level URL
Text
javascript error URL: https://ezgif.com/
Message:
Access to fetch at 'https://i.connectad.io/api/v2' from origin 'https://ezgif.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://i.connectad.io/api/v2
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://ezgif.com/
Message:
Access to fetch at 'https://i.connectad.io/api/v2' from origin 'https://ezgif.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://i.connectad.io/api/v2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ezgif.com/
Message:
Access to fetch at 'https://i.connectad.io/api/v2' from origin 'https://ezgif.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://i.connectad.io/api/v2
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://ezgif.com/
Message:
Access to fetch at 'https://i.connectad.io/api/v2' from origin 'https://ezgif.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://i.connectad.io/api/v2
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
9a37fdd55ce2aa37122daeaab6087163.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
adx.adform.net
adx.g.doubleclick.net
ap.lijit.com
api.btloader.com
bidder.criteo.com
bt.dns-finder.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cadmus.script.ac
cat.nl3.eu.criteo.com
cdn-geuw1-xch.media.net
cdn-ima.33across.com
cdn.ampproject.org
cdn.connectad.io
cdn.doubleverify.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.euid.eu
cdn.prod.uidapi.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
cmp.setupcmp.com
cms.quantserve.com
config.aps.amazon-adsystem.com
connectid.analytics.yahoo.com
contextual.media.net
cookies.nextmillmedia.com
dis.criteo.com
eb2.3lift.com
equativ-match.dotomi.com
exchange.cootlogix.com
ezgif.com
fonts.googleapis.com
fonts.gstatic.com
gce-nl-sync.bidswitch.net
ghent-gce-nl.bidswitch.net
googleads.g.doubleclick.net
grid-mercury.criteo.com
gum.criteo.com
hblg.media.net
hbx.media.net
i.connectad.io
ib.adnxs.com
id.a-mx.com
id5-sync.com
image2.pubmatic.com
image8.pubmatic.com
img.buymeacoffee.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
lwadm.com
match.adsrvr.org
media.grid.bidswitch.net
mp.4dex.io
node.setupad.com
oa.openxcdn.net
onetag-sys.com
pagead2.googlesyndication.com
pbs-cs.yellowblue.io
pbs.nextmillmedia.com
pool.admedo.com
prebid-stag.setupad.net
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
qsearch-a.akamaihd.net
report2.hb.brainlyads.com
rt.marphezis.com
rtb-csync.smartadserver.com
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
script.4dex.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
setupad-d.openx.net
ssbsync-global.smartadserver.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stpd.cloud
sync-tm.everesttech.net
sync.a-mo.net
sync.cootlogix.com
sync.crwdcntrl.net
sync.mathtag.com
tagan.adlightning.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
u.openx.net
uipglob.semasio.net
ups.analytics.yahoo.com
warp.media.net
www.google.com
www.googleadservices.com
x.bidswitch.net
adx.g.doubleclick.net
bidder.criteo.com
btlr.sharethrough.com
cat.nl3.eu.criteo.com
googleads.g.doubleclick.net
i.connectad.io
lwadm.com
oa.openxcdn.net
pagead2.googlesyndication.com
pbs.nextmillmedia.com
pool.admedo.com
prebid.a-mo.net
prg.smartadserver.com
rt.marphezis.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
tags.crwdcntrl.net
www.google.com
104.18.22.145
104.18.26.193
104.18.29.101
104.18.30.49
104.22.53.173
104.22.55.206
104.22.75.216
104.26.2.199
104.26.5.6
13.248.245.213
13.32.27.108
13.32.47.193
130.211.23.194
130.211.44.5
142.132.249.108
142.250.184.194
142.250.185.163
142.250.185.225
142.250.185.226
142.250.185.97
142.250.185.98
15.204.162.83
15.204.46.102
151.101.129.229
151.101.194.49
159.89.25.223
162.19.138.119
162.19.138.120
163.5.194.34
163.5.194.35
172.217.16.194
172.217.16.202
172.64.153.78
172.67.38.106
172.67.68.162
172.67.69.19
172.67.75.241
178.250.1.11
178.250.1.3
178.250.1.56
178.250.1.57
178.250.1.59
178.250.1.6
178.250.1.9
18.195.178.170
18.245.31.92
18.66.102.21
18.66.128.208
18.66.147.69
18.66.186.105
185.64.191.210
185.64.191.214
188.114.96.3
188.166.203.175
195.138.255.24
2.16.168.108
2.20.245.134
209.38.48.20
216.200.232.253
216.58.206.33
216.58.206.38
216.58.206.70
23.215.23.172
23.52.120.27
24.144.114.245
3.124.64.248
3.167.231.151
3.33.220.150
3.69.226.21
3.72.6.211
34.120.63.153
34.248.76.113
34.96.70.87
34.98.64.218
35.214.136.108
35.214.200.194
35.214.230.116
35.227.252.103
37.157.4.29
37.157.5.141
37.252.171.52
46.228.174.115
51.178.195.213
51.178.195.216
51.89.9.253
51.89.9.254
52.17.32.26
52.51.134.92
52.95.126.138
54.217.95.60
54.77.101.113
54.84.92.154
63.215.202.146
69.173.144.165
77.243.51.121
79.127.227.46
87.248.119.252
89.149.193.80
89.207.16.137
91.228.74.200
0146b623d89e25ec60c9eb0e7573c8719296b6e4a721e6d63126279b1fc4dc64
0464f45b495a5aac8d0e6edd4cc000fef4d3f90187ba1a7b7faf39cf4087085f
04c7f536471e1a16bb37c13fb4959de30d7e897ba4f6d66335b3c25d26289616
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05641f224ff2c2e33678f83185ad208bc5ee4ebc6a3211ed72016f988b38d4d6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
0878caf45ab3e9900e069b7be7d430ca6a3ccd3f8ce3fe3a08632c5a6f3a3ce7
0a03164063d2254b66872fee2b70d1b5882a8db44e0ce5598e98fe555ecd62e0
0fa865e924e65d0c9f6820a2673597415051118726d2a0e44dfd686ac45255f1
0fbad98c4cc343f2f9e81db59790b5ec8ccce43f65e2ca1250e367f1c4ae967c
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
11832e87d6a77300825114c96b7093fd938840715cdfa4dd974831e595b6d2ad
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
18fb9d34a9b863ee64252af10235533897c31e27b436c912546348b7f3a22b02
1cd4b624e1efa8e43c4b661c3c4c77ec818403e8d4cfdb82941ea81be9f4cc3c
1f401a0aa1a29dfb0aa99b9ef4bcbe8fc0e1fd923fea6108a609c7e3bf34f706
21076b493c1724fe2057ecefcc5da5375b83f8ee2f203c8c4313c12fee8d08be
21ffbfaa7d715837deb3d6bc06f4b05ddc2938ef43363d4b78cba3e188c7df47
22e881cb8b8a492792e3c45a5cb3a55a9bf2d4a139e34fab89afdaf536923fda
255b0d922ff5d3a1f30d95b3fd9ea6579af06638f597e2049ab1a96308ca294b
2685c503016f3a30a187d0a46e2c6869eb5193c25c0414a5914d04b6f59bb32f
29d1d62bf17b4a1975fb3d9e1daea3ac47edf5cd8ed78155faa03afa03aa9d56
2cd9586c225fc8d671973eb1ddd294a7b2f319d28badbf534ccb28eea7a5fd9f
303f225bfafe4c6cfbecd3de821c6835b76e5bdecc8f3402ae2ed88d26787cb1
30ecc4cd36aa5d13b26bfdf89c9b0c41af9a3311985c0c878bcc687b9f55986a
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
32dc682b52595d2020b907e8081b2b75eef4d198ffc75cbe6b74efcc4490e103
33b3ab17ec4aae944b94479613ad39785eeaa56aaa676bb5f2583cab222bb85b
3500da2dd1fda2744f584b33b4c64a0d489bacf5dc379720194147b669ed8860
37c56c6468d613b3d7ba2bafbf52099d398defa05420167652b7cadbb7faa075
3852506fd12a0bace7e8d5a6ce2db9f43fe80090ab44f408cfb4b2aefa5941ff
39761e2a7cb0e42a8b09fbbf0d2c4cd9fb0c1568c045b1c5e387177dda8ff064
39eccff87303e4def8d131109b031c3a973ed7163d9739eabdbdb1f5b710ec73
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3b9767e5d0bea4d284bb1e624cc6ee3244b13efedfe5424eb5140ef326511eb7
3d49ae8fb5513116d0f019c5e73e2326eac2d5e3792978cff0ff2f53ec2fe793
3eb612344effe8db5868a280112365ff61e4a43c65e348db722d001ed3ae67dd
3ed88758ccb25e90632c0be31e0da154191ec2f3665e2b5644d37b09d49c6a90
3fd1021543260dafbc39f57fb21eecbcb4ed61169313aa829b3acba38c26e7d7
40a16bedbbe07b392979218e2d4b2056b61090500d00ecf265301a1c9a8e6a8a
40d8a22356302e16e75a6b1f532709d010995a68a806383342d1f8a282c22121
41be84e243d99ac7fdd5161f2f8e0b0668f2b8083fe141b5edbaf8e232becbdc
41cc11557fd30c42c6fdacbacbd588a6d91aa70a37a7efbab2540f207e7e8a3d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46348bf466224f50e75a82c10ff7b5c9450efbf6a14e9d7582d69ad54cb4305d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec06c61acd5576a642e16fc4b292466cafba177e6220215cb4cfeeb3c08fa7f
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
52dfbd181cd8f02932abe5ecffd87ce5f66474322c78515384fd832b0acb8836
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e3f98152c82de13f4f4babb602109cb7363ae7454cb8a5a71898ef527adf38
56351c084d8d56437d41f1e58b7eb184b563871e88bab60f6b15486c39f13996
58895985b3a78fed02da3b4239e96347e2983322764d70a296a5663edea4d3ca
5bdef9757c929e2f3e2126d2389f53af6c2284bcb6a13cbcd9e0d4776d889209
5d8dac2d4ae43a0b541c160f30e8238951b42b13bb5f01ca2697271b3a804ad2
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b
65ba3ca03bce492b4d30fbd8b1c102bb6fe30f59c7525c350fe4426117dbec0e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
699c77e9de27eb363f0b2b37999d76ba14051d19bbb19d8a4e0f370203203fb3
6a15e2eca7310303fb05e0f66f5d3f3b72b005160e138d88508780f3f4768bf2
6ce248bc1bbb0b8eabea8634d363fa1487eb05840a831a85db7628233bdceb5a
6d83b7257de49bf7e63ab2ee0e146b25c30e48754b43260324da0e910fc3e1a3
6fc46942ddf1f8238f149e98aea324f60a2bcda3f302cea3b73d262692bb369f
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
70828b7f8598af62ea6955f5436866a5edcef2397e982fa334861b8d0432ec83
70fee922218a67fda3635615f2b1e7d2af2b1832cdd6df452759672368312351
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
7294c522539a9853213df2d0d99c8979b9bdc74ba3cac2fc8a0a9cb473099937
77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79a637a66b13d11bf515b67d16c27a6cf4db76960aa1766581625d4dc24ef82c
7d0ee335c95a73d2e86a8e641cadab3ab4a84cfa91bb91ad11ce726e3d4e6ab2
7d219cea3316552d5927b5b7528f1192223374dd1b9dd58c48e5de057af6e3f1
7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049
8006523641cfe7752eff7fab6bb5a7f7d0881ac0d494447eb8541e5f645d2edc
830ba20e0e0e758cf569820bff18cffb3771de3d3e04d68c0da7614e79159a1c
83a43074cbfc09a8e880a0ea1ba4a5ec68c6ea056a64fca64376801deb9c3b47
85e5a9f43c6c5b674b2419fc09752be28f9ff8a35bd3a01601440a32cc797fe1
88f2c3032acee707763768b61142e23b900f03794f41842ee2baf7bbb373034e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cb3f57ac157ae625fe7feb5c9e4e8c7fc311b0f9726164804b012424355be74
8dad0fd4b35f81cc6817f7dec2b229cb8d0c612c77cecffdce3eeb537113b045
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
95d7a628dccc8580bb87e11944d5ddfc905e689cb2aaeaba2411caf9a3dbac18
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
98c79672b8786441b288bd5f5a9e03c663183ec6956660761be5fecce64ddc96
99213d768d6455dbb83b4001abe2186369222dc8d5b7b2fb05ecf356f7145f2e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e2a011a107f231abac42cf9ea5a846a2db73770befbbf491a1f3b7dfd43600
9c234a39335c68efa876173f1af885a07eb982fde169e3627c70956ba0088313
9d1d1bb67c19e34a317d4203cbafbd741d5f6ff8aa939b0dd00c454aa47e77b3
9e396e1693459828e5b5a7d9fc56d457337684e201e87c31fe55c5d6127928c2
9f18c71a79bca371f0378d87de0a9b5db5a0512622598032e69e056dcf586cd9
9f8b434d07c98cc197e8bfd78b8856621b78c7688f212187b63aeaf3a5ea5eb3
9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39
a021e373ab74d3f6e2266741c0f44e06c538243c2f9e4970cbdcaa8bf59bee37
a14228359e146bc5a1ace01f3f9fb68f3af5a855402642bdd83d689b328fcd4d
a459671e942df3b23f3a05ada202bd12080e55f42d02bd8c728785d4b11f3a2e
a60da17e604513faddba0e77401d065569caa5f512779940946432b0191d5ff7
a630283e4ddd0138e64af0f31c3fe0bcda33f91bb9289519d0d9d5d273e6765d
a73f5986eb985871284e6e216372de3505634a97229de643216728d0fbfd6227
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adc1343b1ab3af7c3e8991fba0648333f4ef87d7a13368862981a68fac3e2172
aeca388c050eeef22aa2607bde8e15da0a5582432f1564f6011913983de040f6
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
b011b2167c7f14ba42b07011683f6e6779010cab9f86782377fabe7bb207ced9
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bcb6cde5027e74974f308a98fc2204be4857d7f1e153fed4ea4d04367c735e18
be79d518d4832fb0246d8c568109ea92b01dce7492f67a0a44a386bb3f383690
be918810309cae7d75e4b2f42b9a8a162218f92919b5954eaad9f6d2ba56e6dc
c16a9eab9e77015fe2ca80a734da377b3b8772719b2570a2e6271c5164c14f39
c1c06b07fad921a15171f632a645f7c4b73702affd726049e1584b136f8c64fc
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c37221724906b297161691c9bd0dd38701b30985fa9e5c516fe53cfe501e0e94
c453dedc4a5af386de9c52ac739c4584e27301f5efb41cc341e67d5c039e4e09
c4c7b263d669970cf411f115c63fba308aeb27a3f2883ab5afdd28d1b72745bb
ca37167d58a2a54e37c1c5a97a2bc2ab7e66a823fc4df6c8afbc0828adb8fcc3
caedd5996d7dc602f7942b2d8782b71bc6030d239d16daf5fbef8f37afa25378
ccccd1ac635a1c1b6855ba9e05331a84335a034a4c431322d95817ba2e32756a
cea0b96d663393b7e25c6c3a778922ba6a9febc96915bc7bca8661462178a21d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d22438a908fb754c1bd6e2f368e8f43bcc5092c126b5688d0cc14b0804727585
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dd449afb2d762c6d43e9231f9bec690301917d86c2fd570e21878f9f6512158d
e1532073da3bed0b820e926ee1550e654deff46082917bc1c5f580a73b13bf3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00ea01b2e0e88e4b989b3b70ea62ec4996e4e859df2a8878bcb8a2fba1dd82f
f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e
f11217557e220125bac26a3c36d809c7f1a31fc1f840463f20df50f56bf1ff3e
f1268384eab0b669597a10e50e4011fa2cd35105667a1b880b4210a567bc5bae
f925e2f42ae2bbf3f9b7147f9865fc5239a041f9d013efd8fd09d90942181d83
fd1d417e12a738e10dc85b3adc57e1c31520570cc9de74ec6b132d43dfc244f2
ff99f1c735cb544c31b2b7b0d0921dd70888693219749c3105bdd56a9d341f7d