www.courttv.com Open in urlscan Pro
35.225.160.88  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://escapetv.com/tv-schedule/ HTTP 301
   http://www.escapetv.com/tv-schedule/ HTTP 301
   https://court.tv/2k HTTP 301
   https://www.courttv.com/mystery/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJmRSR5jWRygye51Q47p73k&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJmRSR5jWRygye51Q47p73k&google_cver=1&C=1

Request Chain 116

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YC0PWzX3O4HIWW3YX74PfwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGSwv--_uuwDjL7Om8WEMOE&google_cver=1

Request Chain 126

• https://hal90009.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=9b7804de5a&subid=&uid=db1f71737c64aa7f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjY7-Vw8tYNCZKMfU7_UP2NWJkAeBiOHUYPjEm9PSDPAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTiAU_QWEOZLQA7XS5hq78l6c4N7FTRGS434ZOEQab3eENFjv30SwNMrdcdE4CntDd7GeKryMGrmNO0LO4fO9lQ-CQX7QlPUnbJHN1FRSDkeTbFlwyZEQWvEMYANvrGZebx1Ws4OFwjVvNffjbJF-0eyrj2-SK4gkpQyHe3MYuWTxCNXIYLScD43QekuWj41-u299shi7UCCU4I5WzTmVjljEI5CvGEwdSKG1hqjZglbYJILa-W9Bg8o-Trv5xJ_4kwQyEWWHrEggTp5N_zn96YhZ1xGPGKuo-SREPwEg6zo6PzYYnABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoeCxd9vlLsLN2wFvj7nYEjQ%26sig%3DAOD64_3V5R3ukiLSvAxs2Jc6Cpd1guRMlg%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-BdvTh2weBsBxG8i4ZWUW4Cu1I5iR7iMyFqy40lgUuGvvzpsUi82XfRTUlmPos_pnbUPR8IYbLB4WOyC_vsXwCG1beLnjByUuk0_E7PCy8rRMy6h0zdw9nGI2BeLZmIzmgoqmmCgkRE8IVzJCVdJcDDmD5VIg%26cry%3D1%26dbm_d%3DAKAmf-DvaW7QT7yNz2ow1lrDNO0ZsnCYCiGLmgPbIkiYoK4nAGEtSWYF7i8XTMoJorV6LkHnkXZ-56KP9s2Y8Z7P5lfV5IT2gTPc5Enp7r4boO_raCzqXEV77ByKO0YXK9QvDvTtrpwbKS0nvaaCygvuFmgWhDYkTmqggsmKVBzuekHiyiLMRGVPBi13mkljuUoOR25KiuR00vqg2yAdlUfXUq4ToSvoSDf43mQd7CSgGb-0tl_iKKmOVxFuly9T-A3ViLr64u6slMmqeohsQk5iIEeyAonc4r6eB8npV170vlYqESh1OO4s_vY4lCc6k9o8numTONayHaup5pC0guLHHZYU57tIpypAFh_sXv-Iwofm6E7WmKLvicc8gtoiQJflMJePZcX8EsTzuYQv_aZh95E1NnLxx9jSC2keL37DUAAYB3jYd7uj1MQO2ULX5MXM54dFyAGQlgLh5gYlt2qQzqpSoscv1w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=5779663437274&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
• https://hal90009.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=9b7804de5a&subid=&uid=db1f71737c64aa7f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjY7-Vw8tYNCZKMfU7_UP2NWJkAeBiOHUYPjEm9PSDPAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTiAU_QWEOZLQA7XS5hq78l6c4N7FTRGS434ZOEQab3eENFjv30SwNMrdcdE4CntDd7GeKryMGrmNO0LO4fO9lQ-CQX7QlPUnbJHN1FRSDkeTbFlwyZEQWvEMYANvrGZebx1Ws4OFwjVvNffjbJF-0eyrj2-SK4gkpQyHe3MYuWTxCNXIYLScD43QekuWj41-u299shi7UCCU4I5WzTmVjljEI5CvGEwdSKG1hqjZglbYJILa-W9Bg8o-Trv5xJ_4kwQyEWWHrEggTp5N_zn96YhZ1xGPGKuo-SREPwEg6zo6PzYYnABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoeCxd9vlLsLN2wFvj7nYEjQ%26sig%3DAOD64_3V5R3ukiLSvAxs2Jc6Cpd1guRMlg%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-BdvTh2weBsBxG8i4ZWUW4Cu1I5iR7iMyFqy40lgUuGvvzpsUi82XfRTUlmPos_pnbUPR8IYbLB4WOyC_vsXwCG1beLnjByUuk0_E7PCy8rRMy6h0zdw9nGI2BeLZmIzmgoqmmCgkRE8IVzJCVdJcDDmD5VIg%26cry%3D1%26dbm_d%3DAKAmf-DvaW7QT7yNz2ow1lrDNO0ZsnCYCiGLmgPbIkiYoK4nAGEtSWYF7i8XTMoJorV6LkHnkXZ-56KP9s2Y8Z7P5lfV5IT2gTPc5Enp7r4boO_raCzqXEV77ByKO0YXK9QvDvTtrpwbKS0nvaaCygvuFmgWhDYkTmqggsmKVBzuekHiyiLMRGVPBi13mkljuUoOR25KiuR00vqg2yAdlUfXUq4ToSvoSDf43mQd7CSgGb-0tl_iKKmOVxFuly9T-A3ViLr64u6slMmqeohsQk5iIEeyAonc4r6eB8npV170vlYqESh1OO4s_vY4lCc6k9o8numTONayHaup5pC0guLHHZYU57tIpypAFh_sXv-Iwofm6E7WmKLvicc8gtoiQJflMJePZcX8EsTzuYQv_aZh95E1NnLxx9jSC2keL37DUAAYB3jYd7uj1MQO2ULX5MXM54dFyAGQlgLh5gYlt2qQzqpSoscv1w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=5779663437274&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

Request Chain 127

• https://hal900021.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=e95f27dc52&subid=&uid=1b6392ee8e7088db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-oV6Vw8tYNGZKMfU7_UP2NWJkAeBiOHUYIvY5umWCvAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTpAU_QwVtHBzrRsKwvabt1ZUmWCqAS7DGCi8MP0lufHfa4FVXDwpchMXiCM98P0v07Dh9sbUdDx4HTSKhjyU3lfsAA_7W7ziXHAkafLCzb_i6XopwaaX6xPYEyumL5ZdcOqszRB4nUYj62C7MbYOp6XcY9drrsaXU0GbB7HgCW5kxZTD1wFIWmX7g75N59GG0QPXEU2TT4k9N7lXn1jtR2qPORlWhEYQXbfT94KSLwWn-sUa8lVfuwUI2x7roAFKvnd4l7P9TVNBVC866igIjbC-D0Ir185D5SUTHft5rW5h6pc6D5kF_XDBrNwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoGQZJPRKNz6Csnl4frtvtYg%26sig%3DAOD64_13IwzhUh5Yb--yAIIOAjEJyKTviQ%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-D1C9Z3PnHgbYLzvppR-G10UyCR4TTRseOGmY0smibSkJzPqZ6MXCNaw2J0y2Xg8X5C8JSQjldrbm4qptHqsyOP5knI73T0qC8UfstyhSf9kN8aDQpb_ScTWHtswBlC_JGyRCasr-huEatqw_UawW3CQ6a-QA%26cry%3D1%26dbm_d%3DAKAmf-Cg8jqYXMI3x0l5MaL_t_CC_AFEoY8WKtAo3BuqmnxI5TGFgLOM1zY-5c-eMXnygud8a-34tzDLHwUHUKD0u5W3Bl0SRIf0Sc7XXTPFPma5PvoIE0SZdnH0mwQ22QP21plJgssvf1Z21MzGVxIv33pgBetIR-xsdT18O5DAbppQIGgy3dTGeJJWX4PdqdXxJGp4Uehh1G8_XvuPZF4JBRKwydTxeG6b-IeK-E28MpdEh-OvoyhSi6I6yEE2RmoCQz9Zhr4ehU-1EIZES18n7wnN_qNkF6k8iGe6Mh5OG5W9ld02F0XCu_fXSDXkw33ThnHFx8kBnlV1GTmo2zeSuPNHUJdvuXN7tVZf4g1QZOEuXUeTZJKYdlGLsbQTHRICQidFkuu0woMzHqXp4c6jqlUeKKNVzmC72augISoEsI6HVV5sIObSsTY__f_IdFNZPrGt7AoZ1W8MCLAV_nry9yVi7kBQgA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=9858424214854&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
• https://hal900021.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=e95f27dc52&subid=&uid=1b6392ee8e7088db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-oV6Vw8tYNGZKMfU7_UP2NWJkAeBiOHUYIvY5umWCvAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTpAU_QwVtHBzrRsKwvabt1ZUmWCqAS7DGCi8MP0lufHfa4FVXDwpchMXiCM98P0v07Dh9sbUdDx4HTSKhjyU3lfsAA_7W7ziXHAkafLCzb_i6XopwaaX6xPYEyumL5ZdcOqszRB4nUYj62C7MbYOp6XcY9drrsaXU0GbB7HgCW5kxZTD1wFIWmX7g75N59GG0QPXEU2TT4k9N7lXn1jtR2qPORlWhEYQXbfT94KSLwWn-sUa8lVfuwUI2x7roAFKvnd4l7P9TVNBVC866igIjbC-D0Ir185D5SUTHft5rW5h6pc6D5kF_XDBrNwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoGQZJPRKNz6Csnl4frtvtYg%26sig%3DAOD64_13IwzhUh5Yb--yAIIOAjEJyKTviQ%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-D1C9Z3PnHgbYLzvppR-G10UyCR4TTRseOGmY0smibSkJzPqZ6MXCNaw2J0y2Xg8X5C8JSQjldrbm4qptHqsyOP5knI73T0qC8UfstyhSf9kN8aDQpb_ScTWHtswBlC_JGyRCasr-huEatqw_UawW3CQ6a-QA%26cry%3D1%26dbm_d%3DAKAmf-Cg8jqYXMI3x0l5MaL_t_CC_AFEoY8WKtAo3BuqmnxI5TGFgLOM1zY-5c-eMXnygud8a-34tzDLHwUHUKD0u5W3Bl0SRIf0Sc7XXTPFPma5PvoIE0SZdnH0mwQ22QP21plJgssvf1Z21MzGVxIv33pgBetIR-xsdT18O5DAbppQIGgy3dTGeJJWX4PdqdXxJGp4Uehh1G8_XvuPZF4JBRKwydTxeG6b-IeK-E28MpdEh-OvoyhSi6I6yEE2RmoCQz9Zhr4ehU-1EIZES18n7wnN_qNkF6k8iGe6Mh5OG5W9ld02F0XCu_fXSDXkw33ThnHFx8kBnlV1GTmo2zeSuPNHUJdvuXN7tVZf4g1QZOEuXUeTZJKYdlGLsbQTHRICQidFkuu0woMzHqXp4c6jqlUeKKNVzmC72augISoEsI6HVV5sIObSsTY__f_IdFNZPrGt7AoZ1W8MCLAV_nry9yVi7kBQgA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=9858424214854&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

Request Chain 128

• https://hal900014.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=9973dd83ee&subid=&uid=817b9eb8dbd94df7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjKpdVw8tYNKZKMfU7_UP2NWJkAeBiOHUYMvAsePbBPAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTpAU_QPGXTLUhEitIdUX6dzuilN5R3NAaAo1978HQrmpkEjbJrFf3vLmLAz5MOlxDl3ddb6xak_5-iHmUJSx_C_-vxk2CViy12HgwncleC9tj_DqgB0umdVujyGB-_Um1e3uWofewakVfyew0apBbH2ULh2KF_e6WISVy_V672G3wwRyX95IjT4G8AslDBZZxuAHIxmNeX-SIUIX6XZdMbjPJLU7fmxxWAbfgMZ4cE0beyy_FMP8LzJhEEDLyxYLbZFOMcXj6DsgNr6yrBQypXLzY8EVrLZqY-kinJ1gwEJa6u4ckuRDQxPv8DwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRos1YRGeXjIgVMjrExqUMUmQ%26sig%3DAOD64_1UOHHrVGLKO8O92tkq9e-8DB7cZw%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-B47tBEQswJYfWTxch-C9ZFjH-1GUtChcoCxMT3YyMIH6tJETEF5repPXs8HiJO__zrokO_6dm4ei3U4or1jOoM4PPZvndJXP8qc2UJIK_w1VSrRrK85ifbe14bv7-OsX1MwoN3ydVhWFTSJNdsgLDRyfaRkw%26cry%3D1%26dbm_d%3DAKAmf-BkycnPgxZ59iP-Ir9DS47pGxbPzIusxmT9zoCsoE_2gNoXGMyKyH4Ulx_da00XqsvMGJMWhslNS3cm8CTaNlFWtwICUzG-hk3s4AzlXYUvQzx7vIdLdUJjminRxoVt2qck5PG0e7_vx-dwtLZYHVynsPu278toAv4rJqbKn0mp9dzB-p_qFCUGJTiNOpmCRZvUkUJbyyK6juob_tQjFkr5JypqqLqy-7_T12RVemKofQCQqIOrYNP03RD-DBvrIW3Ob6siY0Zdv-eAmsanaiO1y3StrtHu56iVIYultH5_QOanuN3t3Yn3KMRdo7zBU0fwQq9YUsWj2ILH0xh4MhNJA5bONNRd6UVuI8rmrikfaonvoun-pUwtyPEH9pixFTMzjmJTlMx79Zq35LrE_1pCsYRLUYQ07IzUly2a0yV26OflihjzWi6zNiw7sFNhc0WrAElFqshCz3bhtvh4QFdLgV7m1g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=801236138548&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
• https://hal900014.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=9973dd83ee&subid=&uid=817b9eb8dbd94df7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjKpdVw8tYNKZKMfU7_UP2NWJkAeBiOHUYMvAsePbBPAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTpAU_QPGXTLUhEitIdUX6dzuilN5R3NAaAo1978HQrmpkEjbJrFf3vLmLAz5MOlxDl3ddb6xak_5-iHmUJSx_C_-vxk2CViy12HgwncleC9tj_DqgB0umdVujyGB-_Um1e3uWofewakVfyew0apBbH2ULh2KF_e6WISVy_V672G3wwRyX95IjT4G8AslDBZZxuAHIxmNeX-SIUIX6XZdMbjPJLU7fmxxWAbfgMZ4cE0beyy_FMP8LzJhEEDLyxYLbZFOMcXj6DsgNr6yrBQypXLzY8EVrLZqY-kinJ1gwEJa6u4ckuRDQxPv8DwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRos1YRGeXjIgVMjrExqUMUmQ%26sig%3DAOD64_1UOHHrVGLKO8O92tkq9e-8DB7cZw%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-B47tBEQswJYfWTxch-C9ZFjH-1GUtChcoCxMT3YyMIH6tJETEF5repPXs8HiJO__zrokO_6dm4ei3U4or1jOoM4PPZvndJXP8qc2UJIK_w1VSrRrK85ifbe14bv7-OsX1MwoN3ydVhWFTSJNdsgLDRyfaRkw%26cry%3D1%26dbm_d%3DAKAmf-BkycnPgxZ59iP-Ir9DS47pGxbPzIusxmT9zoCsoE_2gNoXGMyKyH4Ulx_da00XqsvMGJMWhslNS3cm8CTaNlFWtwICUzG-hk3s4AzlXYUvQzx7vIdLdUJjminRxoVt2qck5PG0e7_vx-dwtLZYHVynsPu278toAv4rJqbKn0mp9dzB-p_qFCUGJTiNOpmCRZvUkUJbyyK6juob_tQjFkr5JypqqLqy-7_T12RVemKofQCQqIOrYNP03RD-DBvrIW3Ob6siY0Zdv-eAmsanaiO1y3StrtHu56iVIYultH5_QOanuN3t3Yn3KMRdo7zBU0fwQq9YUsWj2ILH0xh4MhNJA5bONNRd6UVuI8rmrikfaonvoun-pUwtyPEH9pixFTMzjmJTlMx79Zq35LrE_1pCsYRLUYQ07IzUly2a0yV26OflihjzWi6zNiw7sFNhc0WrAElFqshCz3bhtvh4QFdLgV7m1g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=801236138548&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

Request Chain 131

• https://ti.tradetracker.net/?c=31577&m=1646244&a=157788&r=57254600136788100044684011508009&t=html HTTP 302
• https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg

Request Chain 133

• https://www.awin1.com/cshow.php?s=2636829&v=12846&q=389131&r=566725&pref1=57254600136788100044684011508009&pv=1 HTTP 302
• https://www.zenaps.com/cshow.php?pvr=ae5e54a1-711d-11eb-b31b-692d0e6db9b7&v=12846&r=566725&q=389131&s=2636829&viewref=57254600136788100044684011508009&pv=1

Request Chain 134

• https://ti.tradetracker.net/?c=31577&m=1646244&a=157788&r=12872700133153000044682011508014&t=html HTTP 302
• https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg

Request Chain 136

• https://www.awin1.com/cshow.php?s=2636829&v=12846&q=389131&r=566725&pref1=12872700133153000044682011508014&pv=1 HTTP 302
• https://www.zenaps.com/cshow.php?pvr=ae5e2d90-711d-11eb-b31b-692d0e6db9b7&v=12846&r=566725&q=389131&s=2636829&viewref=12872700133153000044682011508014&pv=1

Request Chain 137

• https://ti.tradetracker.net/?c=31577&m=1646244&a=157788&r=50277100117794100044682011508021&t=html HTTP 302
• https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg

Request Chain 139

• https://www.awin1.com/cshow.php?s=2636829&v=12846&q=389131&r=566725&pref1=50277100117794100044682011508021&pv=1 HTTP 302
• https://www.zenaps.com/cshow.php?pvr=ae5e2d92-711d-11eb-a962-692d00fdee08&v=12846&r=566725&q=389131&s=2636829&viewref=50277100117794100044682011508021&pv=1

Request Chain 186

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELMKxa3gf4S1TWs47K4hZRc&google_cver=1&google_push=AQvitUJCC-DyEwC7N5vY3jH1pF5uy8ZSZTv6s00ZBBCWbfNGzqU3nTRRiRBkze3hVnj6eU6oInolHIti_pIpdb2YbNJlPsc8RmYw HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELMKxa3gf4S1TWs47K4hZRc&google_cver=1&google_push=AQvitUJCC-DyEwC7N5vY3jH1pF5uy8ZSZTv6s00ZBBCWbfNGzqU3nTRRiRBkze3hVnj6eU6oInolHIti_pIpdb2YbNJlPsc8RmYw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjBhYTU5ekkxTGNtYUM1&google_gid=CAESELMKxa3gf4S1TWs47K4hZRc&google_cver=1&google_push=AQvitUJCC-DyEwC7N5vY3jH1pF5uy8ZSZTv6s00ZBBCWbfNGzqU3nTRRiRBkze3hVnj6eU6oInolHIti_pIpdb2YbNJlPsc8RmYw

Request Chain 187

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEAYGNu2obJAAg0R7MbIcKqg&google_cver=1&google_push=AQvitUKCWsOpDC6_KZs6WvCVA9yGYV2BUL-lhVXtxy_EFsxaUVsnRs2ZxCW4nhUJ4lsyM27gfe4OqkXzQdQHFpoh341jwOnSajrD HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5S9yY698Rzi1b2Mvuvcbpw2&google_push=AQvitUKCWsOpDC6_KZs6WvCVA9yGYV2BUL-lhVXtxy_EFsxaUVsnRs2ZxCW4nhUJ4lsyM27gfe4OqkXzQdQHFpoh341jwOnSajrD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5S9yY698Rzi1b2Mvuvcbpw2&google_push=AQvitUKCWsOpDC6_KZs6WvCVA9yGYV2BUL-lhVXtxy_EFsxaUVsnRs2ZxCW4nhUJ4lsyM27gfe4OqkXzQdQHFpoh341jwOnSajrD&google_tc=

Request Chain 188

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELs24thbCtpDoyBaS4GwaSo&google_cver=1&google_push=AQvitUJDrHGq6gBlIEcTFUUirzQuh7nH2n0f-e5Cj6ENOYphosfJixOvVCepRKBsBEbGWFjKK6La-pVZiZLT06ZErNKptQb0P_A HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELs24thbCtpDoyBaS4GwaSo&google_cver=1&google_push=AQvitUJDrHGq6gBlIEcTFUUirzQuh7nH2n0f-e5Cj6ENOYphosfJixOvVCepRKBsBEbGWFjKK6La-pVZiZLT06ZErNKptQb0P_A&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YC0PXQGlxuayMTM1vQObQAAAByUAAAIB&google_gid=CAESELs24thbCtpDoyBaS4GwaSo&google_cver=1&google_push=AQvitUJDrHGq6gBlIEcTFUUirzQuh7nH2n0f-e5Cj6ENOYphosfJixOvVCepRKBsBEbGWFjKK6La-pVZiZLT06ZErNKptQb0P_A

Request Chain 189

• https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELBMe6NTcHIloon6_DyHW94&google_cver=1&google_push=AQvitUI6-fIc6q8LF4UWP5m0Y4eouAHR8FGVap4JIad_xjK9EUJP4zveEs8xFViPjgfiKhW9MvxX1s_772TgGnZiuPfM0RqpVee31A HTTP 302
• https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELBMe6NTcHIloon6_DyHW94&google_cver=1&google_push=AQvitUI6-fIc6q8LF4UWP5m0Y4eouAHR8FGVap4JIad_xjK9EUJP4zveEs8xFViPjgfiKhW9MvxX1s_772TgGnZiuPfM0RqpVee31A&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELBMe6NTcHIloon6_DyHW94&google_cver=1&google_push=AQvitUI6-fIc6q8LF4UWP5m0Y4eouAHR8FGVap4JIad_xjK9EUJP4zveEs8xFViPjgfiKhW9MvxX1s_772TgGnZiuPfM0RqpVee31A&apid=UPaef1bbb4-711d-11eb-ab73-06fdcdad5690 HTTP 302
• https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELBMe6NTcHIloon6_DyHW94&google_cver=1&google_push=AQvitUI6-fIc6q8LF4UWP5m0Y4eouAHR8FGVap4JIad_xjK9EUJP4zveEs8xFViPjgfiKhW9MvxX1s_772TgGnZiuPfM0RqpVee31A&apid=UPaef1bbb4-711d-11eb-ab73-06fdcdad5690&verify=true HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhZWYxYmJiNC03MTFkLTExZWItYWI3My0wNmZkY2RhZDU2OTA%3D&google_push=AQvitUI6-fIc6q8LF4UWP5m0Y4eouAHR8FGVap4JIad_xjK9EUJP4zveEs8xFViPjgfiKhW9MvxX1s_772TgGnZiuPfM0RqpVee31A

Request Chain 192

• https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHtN-EW6h_sPAdMDn4t_XCQ&google_cver=1&google_push=AQvitULoX5G4iOhw6K1a-aBSE1SAxF_l_FACWb14i-bOEZ7pEA5E_3t9OOBlW7epl5A8CvcaKq6UH33_wmlWPP1-3tZezI3IECco HTTP 302
• https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitULoX5G4iOhw6K1a-aBSE1SAxF_l_FACWb14i-bOEZ7pEA5E_3t9OOBlW7epl5A8CvcaKq6UH33_wmlWPP1-3tZezI3IECco&google_sc&google_hm=EBAQEA

Request Chain 194

• https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECccxVuydwdHplmqdjvJtxQ&google_cver=1&google_push=AQvitUJqbPiF3p571IxAwIcXtqtEJUbPa3-pUK-Ehz8NaTti3AApePU__z3SccHf50d6we-cSea12gMRK384bWZMSIOeiy6r7j9Osg HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECccxVuydwdHplmqdjvJtxQ&google_cver=1&google_push=AQvitUJqbPiF3p571IxAwIcXtqtEJUbPa3-pUK-Ehz8NaTti3AApePU__z3SccHf50d6we-cSea12gMRK384bWZMSIOeiy6r7j9Osg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJqbPiF3p571IxAwIcXtqtEJUbPa3-pUK-Ehz8NaTti3AApePU__z3SccHf50d6we-cSea12gMRK384bWZMSIOeiy6r7j9Osg&google_hm=mshb6sPDT0qywOgbaAJBvw==

Request Chain 195

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEIOlxYsvEb7BU0mkbgD7A8&google_cver=1&google_push=AQvitULc7rC7FWVaBh8SfRYABRJTB8T-AY9vDWnJkJYkZqewB8JbM5F6LwaPVQTN17mBk_e65y6iCATyX3aqiRq2F295Q5MAMlRxtg HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEIOlxYsvEb7BU0mkbgD7A8&google_cver=1&google_push=AQvitULc7rC7FWVaBh8SfRYABRJTB8T-AY9vDWnJkJYkZqewB8JbM5F6LwaPVQTN17mBk_e65y6iCATyX3aqiRq2F295Q5MAMlRxtg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxMzk4MjIxNzM3MjAxNDc5OA&google_push=AQvitULc7rC7FWVaBh8SfRYABRJTB8T-AY9vDWnJkJYkZqewB8JbM5F6LwaPVQTN17mBk_e65y6iCATyX3aqiRq2F295Q5MAMlRxtg

Request Chain 196

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJnY2RLDGXrxz_-25QFIfbw&google_cver=1&google_push=AQvitUIYavlVXGu50tDGx4FvqvYDhJdejoQhlLUKt9j9QMcC00xk2Z50393SI-1UQRrfrsRDQdcGkhhhskb9cCM1adykON1cYsrLMQ HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJnY2RLDGXrxz_-25QFIfbw&google_cver=1&google_push=AQvitUIYavlVXGu50tDGx4FvqvYDhJdejoQhlLUKt9j9QMcC00xk2Z50393SI-1UQRrfrsRDQdcGkhhhskb9cCM1adykON1cYsrLMQ&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j1xNGrPQTwiBI9pU-rjaSw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIYavlVXGu50tDGx4FvqvYDhJdejoQhlLUKt9j9QMcC00xk2Z50393SI-1UQRrfrsRDQdcGkhhhskb9cCM1adykON1cYsrLMQ

Request Chain 197

• https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIQ2o3AhJNrYUMdC0mALlFE&google_cver=1&google_push=AQvitUI8Ung6Zq_yyS396o958LMnHVzl6Ky3GSBoVJt6gd9PcmHJNlJXqQwEllHbyw0PoztWIywwYNh2UUmUvAEqqUAjur8LCKiKBw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUI8Ung6Zq_yyS396o958LMnHVzl6Ky3GSBoVJt6gd9PcmHJNlJXqQwEllHbyw0PoztWIywwYNh2UUmUvAEqqUAjur8LCKiKBw&google_hm=MzA2MTcyNjE0OTMwODk4MDE0MA%3D%3D

Request Chain 201

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJ0fUG62FxCHpLZDYUjy9uM&google_cver=1&google_push=AQvitUI5jRGnW6577fPDEQq01pNYtQkDcAk3ViH6fdF4O5OKm9NpzeDJxA0zYEgnUfFTZnCOgM57_rwgVPsIt_M892Vjeg4f8H9b HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUI5jRGnW6577fPDEQq01pNYtQkDcAk3ViH6fdF4O5OKm9NpzeDJxA0zYEgnUfFTZnCOgM57_rwgVPsIt_M892Vjeg4f8H9b

Request Chain 202

• https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEFA9tbrgDjomS5HhmVYOOHM&google_cver=1&google_push=AQvitULZdQH5EWwcsBIPlBbjLXLrZh3PAKI1gztc2fVLF7Ydxt6fG7fDeo7YWvaZiG0C5Nhv4p2sIp0PwflMCI6oW76y8Yw2y4M HTTP 302
• https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEFA9tbrgDjomS5HhmVYOOHM&google_cver=1&google_push=AQvitULZdQH5EWwcsBIPlBbjLXLrZh3PAKI1gztc2fVLF7Ydxt6fG7fDeo7YWvaZiG0C5Nhv4p2sIp0PwflMCI6oW76y8Yw2y4M&checkcookies=true HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=FmEhOA2dTHjH50FoyRVGpg&google_push=AQvitULZdQH5EWwcsBIPlBbjLXLrZh3PAKI1gztc2fVLF7Ydxt6fG7fDeo7YWvaZiG0C5Nhv4p2sIp0PwflMCI6oW76y8Yw2y4M

Request Chain 204

• https://rtb.openx.net/sync/dds?google_gid=CAESELaO1v5u7--P-qXAM4pHnuI&google_cver=1&google_push=AQvitULb8tC93a1d4F_-XXZWeikvicanqCejz_vPoIutpnl2UssjMiwGYj3X3C3Nbi-QK1CPViAMmwghfMpfhaEBwk-pifSmt3w HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESELaO1v5u7--P-qXAM4pHnuI&google_cver=1&google_push=AQvitULb8tC93a1d4F_-XXZWeikvicanqCejz_vPoIutpnl2UssjMiwGYj3X3C3Nbi-QK1CPViAMmwghfMpfhaEBwk-pifSmt3w&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULb8tC93a1d4F_-XXZWeikvicanqCejz_vPoIutpnl2UssjMiwGYj3X3C3Nbi-QK1CPViAMmwghfMpfhaEBwk-pifSmt3w&google_hm=rr2o6Td9wgksDqZRoG1fnw==

Request Chain 205

• https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK9lBgZRJibMHFRf6hYlL3g&google_cver=1&google_push=AQvitUKxRbuxA7-UvLPbMZ09cvfYhUZoJAB816yZZfZ7DzaRJNgrCfD9laoUP6NzpDd7I7clMm4BMzkWayDINw4Lry6vJUKrrPM HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-c4c56fa7-98e4-438f-b852-8893532636c1-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUKxRbuxA7-UvLPbMZ09cvfYhUZoJAB816yZZfZ7DzaRJNgrCfD9laoUP6NzpDd7I7clMm4BMzkWayDINw4Lry6vJUKrrPM%26google_hm%3DA8TFb6eY5EOPuFKIk1MmNsE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKxRbuxA7-UvLPbMZ09cvfYhUZoJAB816yZZfZ7DzaRJNgrCfD9laoUP6NzpDd7I7clMm4BMzkWayDINw4Lry6vJUKrrPM&google_hm=A8TFb6eY5EOPuFKIk1MmNsE

256 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.courttv.com/mystery/ Redirect Chain http://escapetv.com/tv-schedule/ http://www.escapetv.com/tv-schedule/ https://court.tv/2k https://www.courttv.com/mystery/	249 KB 47 KB	536ms 194ms	Document text/html	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / WP Engine Resource Hash 99325c32e269aff0ce5be97a09643f8ea1f2f8259646ebc3575c1b1e77450751 Request headers :method GET :authority www.courttv.com :scheme https :path /mystery/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server nginx date Wed, 17 Feb 2021 12:43:02 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding Accept-Encoding Accept-Encoding,Cookie link <https://www.courttv.com/?p=8835>; rel=shortlink x-powered-by WP Engine x-cacheable SHORT cache-control max-age=600, must-revalidate x-cache HIT: 6 x-cache-group normal access-control-allow-origin * content-encoding br Redirect headers Date Wed, 17 Feb 2021 12:43:01 GMT Server Apache/2.4.25 (Debian) Cache-Control no-cache Location https://www.courttv.com/mystery/ Set-Cookie XSRF-TOKEN=eyJpdiI6IjRwVE5EWXZROHpIYitWR3ZIOVJaUmc9PSIsInZhbHVlIjoiYUtoRnBQeXRZWTJBT1wvSytpTjVBcXE5dnRncmRhUVwvQWd5NVJadmI1azZuZjRZQW1ia0FOckRuTElOMTRLK3A2UHZtem9cL1d0SG1MM0R6K2g0MUpJNUE9PSIsIm1hYyI6IjQ5Y2M0MDFhNzdiNjMxZmVhNTVmNTIxNDA4ZThhYmI3NmJjNDI0MjFhNjM5MzFmNDExZDk3M2M1YTkwY2ZlZTkifQ%3D%3D; expires=Wed, 17-Feb-2021 14:43:01 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IitnV3BEemJwclwvSmdkK2NGVDdrcEZRPT0iLCJ2YWx1ZSI6ImVNa0ZWekFWcVhmSUlLTlpRSmhnNURsTElmZjNTRm5NRUNiWVlkS3VoNVwvK2JldG40b0lna29JM3RvU29aTTVRYXVkZXdlXC9seGZlQ29NSjBybHdmQlE9PSIsIm1hYyI6IjJkZmFhYWQ2OWQ2ZjhiMjgwMjYzNzcxY2MyNWYwNWE3ZTEwZmU2OWRlNTRjZWRlNmY0YmE2ZjUyNTY3YWNkMjIifQ%3D%3D; expires=Wed, 17-Feb-2021 14:43:01 GMT; Max-Age=7200; path=/; HttpOnly Content-Length 372 Connection close Content-Type text/html; charset=UTF-8
GET H2	200	glide.min.js Show response www.courttv.com/wp-content/themes/courttv/assets/scripts/	23 KB 7 KB	211ms 209ms	Script application/javascript	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-content/themes/courttv/assets/scripts/glide.min.js Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 9e317021dba8b47f0bfc560f5fd82249b17a59cfdd3e679117a97d7489f07340 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Tue, 16 Apr 2019 16:03:59 GMT server nginx etag W/"5cb5fcef-5b93" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	css fonts.googleapis.com/	9 KB 913 B	16ms 14ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9a5d8e43166ba229d520a23084c475784f46dc5b4d975cb6bc44fd7a93cef3af Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 17 Feb 2021 12:33:56 GMT server ESF date Wed, 17 Feb 2021 12:43:02 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 17 Feb 2021 12:43:02 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	97 KB 38 KB	35ms 32ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-130305334-1 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 83676a089f3a4bb502d2400ec65b1726cdeafaeede5cf0b2725d6917cecdc5f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39106 x-xss-protection 0 last-modified Wed, 17 Feb 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 17 Feb 2021 12:43:02 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	56 KB 19 KB	203ms 69ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software sffe / Resource Hash cd27853c2d35323d02385f65ab1e007f20b6e781949459bbed50b52f3c6aa85e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "786 / 466 of 1000 / last-modified: 1613563980" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19415 x-xss-protection 0 expires Wed, 17 Feb 2021 12:43:02 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	97 KB 38 KB	38ms 36ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-748509752 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f62eb63b47cdce0d367cd0e2b8da20328302e491d9cdea5f176a6af32f8a5441 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39132 x-xss-protection 0 last-modified Wed, 17 Feb 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 17 Feb 2021 12:43:02 GMT
GET H/1.1	200 OK	sp.js Show response includemodal.global.ssl.fastly.net/	40 KB 12 KB	111ms 33ms	Script application/javascript	151.101.1.194 FASTLY
General Check archive.org Show headers Download Go to Full URL https://includemodal.global.ssl.fastly.net/sp.js Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.194 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash faf8e200a89c7835182407efe1f962c7090c13e88d58889f2603c8ccb9a07061 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id obNVKzN.q9WcmtezTcnqciW8LgRIqTPH Content-Encoding gzip ETag "d157ee576fe8a4653c2c2a0ca124e16c" Age 3364 X-Cache HIT Connection keep-alive Content-Length 12145 x-amz-id-2 bCiIjyqqRnuSFUJc7LPFoRiIOqgGOr9xahRnexIa/3r/O6yxZSO701cJCf1yOfRJAZ7vgYM9gj4= X-Served-By cache-bma1624-BMA Last-Modified Tue, 16 Feb 2021 23:46:13 GMT Server AmazonS3 X-Timer S1613565782.362569,VS0,VE0 Date Wed, 17 Feb 2021 12:43:02 GMT Vary Accept-Encoding x-amz-request-id FS6N1QEX3W2S8S9Y Via 1.1 varnish Accept-Ranges bytes Content-Type application/javascript X-Cache-Hits 127
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	13 KB 5 KB	27ms 12ms	Script application/javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd4b42f7c8ddeeedbc0e556a5da8b647fd08c56a2ac3540b1e5a6d9342ba5c4f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 17 Feb 2021 12:43:02 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 DgCf/JQeR4+J+ZEYMfLA9Q== age 1246 vary Accept-Encoding content-length 4211 cf-request-id 08519d010700004de8e6392000000001 x-ms-lease-status unlocked last-modified Tue, 16 Feb 2021 14:16:03 GMT server cloudflare etag 0x8D8D285646BB5CA expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id d393dcd7-501e-0089-276f-0461c2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 622f977b3c434de8-FRA
GET H2	200	style.min.css www.courttv.com/wp-includes/css/dist/block-library/	52 KB 8 KB	224ms 222ms	Stylesheet text/css	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.4 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Fri, 24 Apr 2020 15:32:14 GMT server nginx etag W/"5ea3067e-d159" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	public.css www.courttv.com/wp-content/plugins/popups/public/assets/css/	5 KB 2 KB	230ms 228ms	Stylesheet text/css	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-content/plugins/popups/public/assets/css/public.css?ver=1.9.3.8 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 37c558263ba695539d83e2b57c33595763d1b7b36e27e4d2b0a654ef00027690 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Wed, 18 Mar 2020 14:54:26 GMT server nginx etag W/"5e723622-152d" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	sassy-social-share-public.css www.courttv.com/wp-content/plugins/sassy-social-share/public/css/	34 KB 10 KB	250ms 248ms	Stylesheet text/css	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.10 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 182cab990c2118fcdb18feab5115335e4eb4bc0b38bb30a36c4e73c92b080ea4 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Wed, 18 Mar 2020 14:54:26 GMT server nginx etag W/"5e723622-87d9" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	sassy-social-share-svg.css www.courttv.com/wp-content/plugins/sassy-social-share/admin/css/	109 KB 34 KB	287ms 285ms	Stylesheet text/css	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.10 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 9c19b3e7d4486f0d1c11fa6c3d628042a9a1cc5e386484e0cdeba44cbbe3a359 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Wed, 18 Mar 2020 14:54:26 GMT server nginx etag W/"5e723622-1b42e" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	style.css www.courttv.com/wp-content/themes/courttv/assets/styles/	221 KB 35 KB	344ms 342ms	Stylesheet text/css	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 1a51999759f909913f4dc9bb50a76772249d855b7d689c5eb90d9722f4c2c558 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Fri, 29 Jan 2021 15:22:56 GMT server nginx etag W/"60142850-375b6" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	jquery.js Show response www.courttv.com/wp-includes/js/jquery/	95 KB 34 KB	344ms 343ms	Script application/javascript	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Fri, 17 May 2019 04:25:54 GMT server nginx etag W/"5cde37d2-17a69" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	jquery-migrate.min.js Show response www.courttv.com/wp-includes/js/jquery/	10 KB 4 KB	344ms 343ms	Script application/javascript	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Fri, 20 May 2016 06:11:28 GMT server nginx etag W/"573eaa90-2748" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	logo.png www.courttv.com/wp-content/themes/courttv/assets/images/	199 KB 199 KB	202ms 202ms	Image image/png	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.courttv.com/wp-content/themes/courttv/assets/images/logo.png Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash a3361f79b74f12aa806b6610768e94729ff081765781608a05a5a1da9a5bd5da Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT last-modified Tue, 16 Apr 2019 16:03:58 GMT server nginx etag "5cb5fcee-31a19" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 203289
GET H2	200	29dda420-1f852776-ctvmystery_tag_wht_redprint.png storage.googleapis.com/www-courttv-uploads/2019/10/	282 KB 283 KB	138ms 117ms	Image image/png	2a00:1450:4001:82a::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/www-courttv-uploads/2019/10/29dda420-1f852776-ctvmystery_tag_wht_redprint.png Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash e07550e30a7784fff8d3d5c60c191db381fc8811d328248199167a4d13672a5b Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT age 0 x-guploader-uploadid ABg5-UyIJzQmYykE5PGOdehd_aBGAzBAJyr9EPABwvd74qnjmvYJRY57OLcioqCBYnIkkfmNVzbsL-MuZBr95SqM_e_wp4admQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-meta-object-id 11186 x-goog-stored-content-encoding identity alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 289012 x-goog-meta-file-hash 99325ccf0edb61d3c20ce260acee3158 last-modified Mon, 28 Oct 2019 18:13:56 GMT server UploadServer etag "ecded0abd774b00e829bdb8f5c654562" x-goog-hash crc32c=9Uuuyg==, md5=7N7Qq9d0sA6Cm9uPXGVFYg== x-goog-generation 1572286436018802 cache-control public, max-age=36000, must-revalidate x-goog-meta-source-id 7b86133e27035271f1470f704d2df81e x-goog-stored-content-length 289012 accept-ranges bytes content-type image/png expires Wed, 17 Feb 2021 22:43:02 GMT
GET H2	200	raphael.js Show response www.courttv.com/wp-content/themes/courttv/assets/scripts/js/	198 KB 41 KB	167ms 167ms	Script application/javascript	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-content/themes/courttv/assets/scripts/js/raphael.js Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 65c4431268f22adcbe127505057942a0a6612e1f00efadedd4137dc3d458cecf Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Tue, 24 Sep 2019 17:06:22 GMT server nginx etag W/"5d8a4d0e-3197f" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	jquery.usmap.js Show response www.courttv.com/wp-content/themes/courttv/assets/scripts/js/	93 KB 37 KB	190ms 190ms	Script application/javascript	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-content/themes/courttv/assets/scripts/js/jquery.usmap.js Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 7b61e800893eaceb5345bc043ba0e904318b070fa7e450d141856917e99fa44a Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Tue, 24 Sep 2019 17:06:22 GMT server nginx etag W/"5d8a4d0e-174cb" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	yt_icon_mono_dark.png www.courttv.com/wp-content/themes/courttv/assets/images/	7 KB 7 KB	165ms 164ms	Image image/png	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.courttv.com/wp-content/themes/courttv/assets/images/yt_icon_mono_dark.png Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash efb3f0dac77121383b036757455c96916485cb68e5d09739435912ddbd97086f Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:03 GMT last-modified Fri, 26 Jun 2020 01:06:52 GMT server nginx etag "5ef54a2c-1cfa" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 7418
GET H2	200	RSS_logo.png www.courttv.com/wp-content/themes/courttv/assets/images/	6 KB 6 KB	165ms 165ms	Image image/png	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.courttv.com/wp-content/themes/courttv/assets/images/RSS_logo.png Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash a8e377bf633316d36ccd65f78cc2599024505a3afc50c8bf93cde0b0fc78878a Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:03 GMT last-modified Tue, 03 Sep 2019 14:28:48 GMT server nginx etag "5d6e78a0-163f" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 5695
GET H2	200	public.js Show response www.courttv.com/wp-content/plugins/popups/public/assets/js/	29 KB 9 KB	194ms 192ms	Script application/javascript	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-content/plugins/popups/public/assets/js/public.js?ver=1.9.3.8 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 5881b4f2ae1a4f45ae43f7b68d1fde8de01885d0c05ba9e35d135bf21c6d3e8a Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Wed, 18 Mar 2020 14:54:26 GMT server nginx etag W/"5e723622-7526" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	sassy-social-share-public.js Show response www.courttv.com/wp-content/plugins/sassy-social-share/public/js/	43 KB 11 KB	205ms 203ms	Script application/javascript	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.10 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash d58ad6f49f6f268e1640104190bd2196306450aac1d7398cbda98e8330ab3a9b Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Fri, 29 May 2020 21:23:19 GMT server nginx etag W/"5ed17d47-ab5b" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	scripts.js Show response www.courttv.com/wp-content/themes/courttv/assets/scripts/	177 KB 53 KB	207ms 205ms	Script application/javascript	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-content/themes/courttv/assets/scripts/scripts.js?ver=1591713312 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash e73ddc73e4fed68aa9e8de011ff72d87979126c6e32f6069399a8c4aa682e866 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Tue, 09 Jun 2020 14:35:12 GMT server nginx etag W/"5edf9e20-2c335" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	wp-embed.min.js Show response www.courttv.com/wp-includes/js/	1 KB 951 B	194ms 192ms	Script application/javascript	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-includes/js/wp-embed.min.js?ver=5.4.4 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Sat, 26 Oct 2019 00:17:07 GMT server nginx etag W/"5db39083-59a" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	api.js Show response www.google.com/recaptcha/	922 B 673 B	15ms 15ms	Script text/javascript	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onloadCallbackFooterCaptcha&render=explicit Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7fa290bbee0ff136eab2a15a19c1f327eb4538c5693553105277600eb89284cc Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 581 x-xss-protection 1; mode=block expires Wed, 17 Feb 2021 12:43:02 GMT
GET H2	200	ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Show response d2s8wlbatk24s7.cloudfront.net/service/js/	43 KB 15 KB	45ms 11ms	XHR application/javascript	2600:9000:2127:e800:d:77c3:2dc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Requested by Host: includemodal.global.ssl.fastly.net URL: https://includemodal.global.ssl.fastly.net/sp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e800:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 3bc8272dbdfde67348adf76fafb2623694fa0c712c5bbd0f57205d71a1634c7d Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 11:37:00 GMT content-encoding gzip server nginx/1.10.3 (Ubuntu) age 3961 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type application/javascript access-control-allow-origin * access-control-max-age 14400 cache-control public, max-age=14400 x-cache Hit from cloudfront x-amz-cf-pop PRG50-C1 access-control-allow-headers * x-amz-cf-id qkjYrYnXhj3EOmacCjnggQlcrbNwQcnqAKtc8EWnkA3zLWeJ2514gg== via 1.1 e3568b144ae2b93deb0c17907b662ac2.cloudfront.net (CloudFront)
GET H2	200	da940c29-1e1e-4231-b743-6d32862ead06.json Show response cdn.cookielaw.org/consent/da940c29-1e1e-4231-b743-6d32862ead06/	2 KB 2 KB	23ms 11ms	XHR application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/da940c29-1e1e-4231-b743-6d32862ead06/da940c29-1e1e-4231-b743-6d32862ead06.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb81770aefbbcef513e630b24adf6c51f522f4fcceffa48ad86cb0859e31b685 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 17 Feb 2021 12:43:02 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 CxBEb2B2QbWBD6k9wtZPRw== age 5876 vary Accept-Encoding content-length 1090 cf-request-id 08519d01e200004dee7b11e000000001 x-ms-lease-status unlocked last-modified Mon, 14 Dec 2020 21:48:04 GMT server cloudflare etag 0x8D8A079EFA15222 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 9f79612d-901e-0094-1d27-04b828000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 622f977c9d424dee-FRA
GET H2	200	wp-emoji-release.min.js Show response www.courttv.com/wp-includes/js/	14 KB 5 KB	165ms 165ms	Script application/javascript	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.4 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:03 GMT content-encoding br last-modified Tue, 05 Nov 2019 22:04:02 GMT server nginx etag W/"5dc1f1d2-364d" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	197 B 550 B	29ms 15ms	Script text/javascript	2606:4700:10::6814:b944 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b25aa5eb92fee08d51add083e5c4fa22516e9d1ab61179734fbb1e27fb7f8063 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 622f977e2e974ddc-FRA cf-request-id 08519d02da00004ddcb9844000000001
GET H/1.1	200 OK	index.html Show response players.brightcove.net/6009760719001/ZMxpke9Sz_default/ Frame 0D77	749 KB 200 KB	5918ms 412ms	Document text/html	23.218.209.37 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.218.209.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-209-37.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash bb9c8918378758d1257e974a5e5b2b4b9117fed9692e0732377b3a83e70d4a9f Request headers Host players.brightcove.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.courttv.com/mystery/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.courttv.com/mystery/ Response headers Content-Length 203902 x-amz-id-2 qFyeTkUibsJnzU71TDNaukO6RReWvDYQSxQc0pyb2OqaZtsZ1U3uafDH3lKuy6ch4XhVLaAHGPY= x-amz-request-id B46A634DD050D930 x-amz-replication-status COMPLETED Last-Modified Thu, 11 Feb 2021 19:10:22 GMT ETag "2ecf168f40b8cca8a0c20f5561853372" Content-Encoding gzip x-amz-version-id SPBWqMGGHZBXrL_dVALU8O4t637LwBVB Server AmazonS3 Accept-Ranges bytes X-Served-By cache-dca17775-DCA X-Cache-Hits 1 X-Timer S1613161096.220626,VS0,VE1 Vary Accept-Encoding X-BCOV-Response-Mode 1 Cache-Control public, max-age=300 Date Wed, 17 Feb 2021 12:43:08 GMT Connection keep-alive Content-Type text/html; charset=utf-8
GET H2	200	logo_triangle.svg www.courttv.com/wp-content/themes/courttv/assets/images/	277 B 440 B	202ms 202ms	Image image/svg+xml	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.courttv.com/wp-content/themes/courttv/assets/images/logo_triangle.svg Requested by Host: www.courttv.com URL: https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash dae6d3024bc5b1b3b44ab5730771adde9390932a7e8cd5ef9868af430aab8fff Request headers Referer https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br last-modified Tue, 16 Apr 2019 16:03:58 GMT server nginx etag W/"5cb5fcee-115" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	spotlight_background.jpg www.courttv.com/wp-content/themes/courttv/assets/images/	32 KB 32 KB	202ms 201ms	Image image/jpeg	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.courttv.com/wp-content/themes/courttv/assets/images/spotlight_background.jpg Requested by Host: www.courttv.com URL: https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 54a7bff5b26c567322fb1fe9943ee02dbfbcb62fbe0a49d37ed4b60f593fa8e7 Request headers Referer https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT last-modified Tue, 16 Apr 2019 16:03:58 GMT server nginx etag "5cb5fcee-7f84" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 32644
GET H2	200	482b7c23-escape_bg_investigation_crimescenetape_8bit.png storage.googleapis.com/www-courttv-uploads/2019/09/	1 MB 1 MB	121ms 121ms	Image image/png	2a00:1450:4001:82a::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/www-courttv-uploads/2019/09/482b7c23-escape_bg_investigation_crimescenetape_8bit.png Requested by Host: www.courttv.com URL: https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash f42ffc180b5be9c5f2b2a3966e609510904244144d54fc8b1c0bb794a2d45e6d Request headers Referer https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT age 0 x-guploader-uploadid ABg5-UwuLynepOfljTwA0qh5yQ7A6m1rgZN_gGNEPRyaO-NN2KAX0yewKz5D-JJlUHP86mPZLU9x8neNGnhLg9dp971rhQQlVQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-meta-object-id 6810 x-goog-stored-content-encoding identity alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1276761 x-goog-meta-file-hash 4da086fe08bde31056bb3a249904013c last-modified Wed, 11 Sep 2019 14:45:20 GMT server UploadServer etag "c626313015749f65852d543466764f0e" x-goog-hash crc32c=925iDg==, md5=xiYxMBV0n2WFLVQ0ZnZPDg== x-goog-generation 1568213120929156 cache-control public, max-age=36000, must-revalidate x-goog-meta-source-id 61dc1f6b1d2efadfafda39545fc47284 x-goog-stored-content-length 1276761 accept-ranges bytes content-type image/png expires Wed, 17 Feb 2021 22:43:02 GMT
GET H2	200	ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2 fonts.gstatic.com/s/robotocondensed/v19/	11 KB 11 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.courttv.com Referer https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 15 Feb 2021 13:34:30 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:08:42 GMT server sffe age 169712 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10968 x-xss-protection 0 expires Tue, 15 Feb 2022 13:34:30 GMT
GET H2	200	ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2 fonts.gstatic.com/s/robotocondensed/v19/	11 KB 11 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.courttv.com Referer https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Feb 2021 15:40:24 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:08:47 GMT server sffe age 594158 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10996 x-xss-protection 0 expires Thu, 10 Feb 2022 15:40:24 GMT
GET H2	200	foundation-icons.woff www.courttv.com/wp-content/themes/courttv/assets/styles/fonts/	31 KB 32 KB	200ms 198ms	Font font/woff	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-content/themes/courttv/assets/styles/fonts/foundation-icons.woff Requested by Host: www.courttv.com URL: https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec Request headers Origin https://www.courttv.com Referer https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT last-modified Tue, 16 Apr 2019 16:03:59 GMT server nginx etag "5cb5fcef-7d14" vary Accept-Encoding content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 32020
GET H2	200	ALRiyer-Regular_lc.ttf www.courttv.com/wp-content/themes/courttv/assets/styles/fonts/	375 KB 375 KB	200ms 199ms	Font application/octet-stream	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-content/themes/courttv/assets/styles/fonts/ALRiyer-Regular_lc.ttf Requested by Host: www.courttv.com URL: https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 4a3008de071af3fcc985c89c93e1b28b11edae785123612fec7479a014b3ee16 Request headers Origin https://www.courttv.com Referer https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT last-modified Tue, 16 Apr 2019 16:03:59 GMT server nginx etag "5cb5fcef-5da04" vary Accept-Encoding content-type application/octet-stream access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 383492
GET H3-Q050	200	ieVg2ZhZI2eCN5jzbjEETS9weq8-19eDtCYobdNZUSdy4Q.woff2 fonts.gstatic.com/s/robotocondensed/v19/	12 KB 13 KB	36ms 21ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v19/ieVg2ZhZI2eCN5jzbjEETS9weq8-19eDtCYobdNZUSdy4Q.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 25a61efc9132a8d3af1e776da2853b37894e975553c2f029f10e42a19aa2b6b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.courttv.com Referer https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 11 Feb 2021 09:19:59 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:08:47 GMT server sffe age 530583 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12544 x-xss-protection 0 expires Fri, 11 Feb 2022 09:19:59 GMT
GET H3-Q050	200	ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9QPFUew.woff2 fonts.gstatic.com/s/robotocondensed/v19/	12 KB 12 KB	23ms 22ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v19/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9QPFUew.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e58e3184f269e1dbd8e247942242824cf71d306b91b66841f9e119c6af572115 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.courttv.com Referer https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 15 Feb 2021 12:26:28 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:08:37 GMT server sffe age 173794 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12660 x-xss-protection 0 expires Tue, 15 Feb 2022 12:26:28 GMT
GET H2	200	60a6601a-021621_unsolved_web.jpg storage.googleapis.com/www-courttv-uploads/2021/02/	45 KB 46 KB	421ms 421ms	Image image/jpeg	2a00:1450:4001:82a::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/www-courttv-uploads/2021/02/60a6601a-021621_unsolved_web.jpg Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 513d7ae2873a8cf1a4a96aa1958ff44c5ecc7f6c2caf569503238d09f66fdcb5 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT x-guploader-uploadid ABg5-UyhVzxloIo47O47YTSvDNnA6EkSte83-3RU-lwqFxcPM4qYUEtBs2RK-18tHB1oLXGeMQvrHix4tJ9GOq8HCVwcTBFUUw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-meta-object-id 38449 x-goog-stored-content-encoding identity alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46509 x-goog-meta-height 720 x-goog-meta-file-hash d41d8cd98f00b204e9800998ecf8427e last-modified Wed, 17 Feb 2021 11:34:03 GMT server UploadServer etag "52efdeda8550b2f493df14d6f6f8cd31" x-goog-hash crc32c=CL5YPg==, md5=Uu/e2oVQsvST3xTW9vjNMQ== x-goog-generation 1613561643908241 x-goog-meta-width 1280 cache-control public, max-age=36000, must-revalidate x-goog-meta-source-id f29a8a4d18ac5abdb616670b03285b05 x-goog-stored-content-length 46509 accept-ranges bytes content-type image/jpeg expires Wed, 17 Feb 2021 22:43:02 GMT
GET H2	200	6c9b124f-poster-image-2021-02-16t184753.872.jpg storage.googleapis.com/www-courttv-uploads/2021/02/	95 KB 95 KB	119ms 118ms	Image image/jpeg	2a00:1450:4001:82a::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/www-courttv-uploads/2021/02/6c9b124f-poster-image-2021-02-16t184753.872.jpg Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash a7d42e09d30ab8e4ee2cd316945ab352d8d163f346e24d6f9641c5e40cd8341a Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT age 0 x-guploader-uploadid ABg5-UzHDHKcaaZ8XdFZWRv_HrbBSrxHj-2sjl_zqGZk1Tr_8t2YYEnUsq_Cqaq-px73SOhER9W2l10Ab2vIE0NN-so x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-meta-object-id 38431 x-goog-stored-content-encoding identity alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 97124 x-goog-meta-height 720 x-goog-meta-file-hash d41d8cd98f00b204e9800998ecf8427e last-modified Wed, 17 Feb 2021 01:48:29 GMT server UploadServer etag "fc8861a18159f2d7bd24a8bef636896a" x-goog-hash crc32c=QtV16g==, md5=/IhhoYFZ8te9JKi+9jaJag== x-goog-generation 1613526509718035 x-goog-meta-width 1280 cache-control public, max-age=36000, must-revalidate x-goog-meta-source-id 1fa7e7bc00105f30be10ca2b1e89643d x-goog-stored-content-length 97124 accept-ranges bytes content-type image/jpeg expires Wed, 17 Feb 2021 22:43:02 GMT
GET H2	200	35bec7e8-poster-image-2021-02-16t182346.602.jpg storage.googleapis.com/www-courttv-uploads/2021/02/	55 KB 55 KB	120ms 119ms	Image image/jpeg	2a00:1450:4001:82a::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/www-courttv-uploads/2021/02/35bec7e8-poster-image-2021-02-16t182346.602.jpg Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash fced58954ea320455ddf4057825344e4236c1ea4fe219b7f0d81ab464fad0054 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT age 0 x-guploader-uploadid ABg5-UxrvEQqoLTHVgyGm1NllKqb3nZ93z_ylsC-5060rmaR3Alur4pLQJxKWvFwz0tKCDNlQyy5DUwkQ5aYJDRUBRI x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-meta-object-id 38428 x-goog-stored-content-encoding identity alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 56409 x-goog-meta-height 720 x-goog-meta-file-hash d41d8cd98f00b204e9800998ecf8427e last-modified Wed, 17 Feb 2021 01:23:58 GMT server UploadServer etag "e77665f8f592d6f8e6b29819203154b4" x-goog-hash crc32c=9BZfSA==, md5=53Zl+PWS1vjmspgZIDFUtA== x-goog-generation 1613525038810788 x-goog-meta-width 1280 cache-control public, max-age=36000, must-revalidate x-goog-meta-source-id a7962ca2eca62d42b3c83b582527396b x-goog-stored-content-length 56409 accept-ranges bytes content-type image/jpeg expires Wed, 17 Feb 2021 22:43:02 GMT
GET H2	200	6a421923-021521_springsteen_web.jpg storage.googleapis.com/www-courttv-uploads/2021/02/	376 KB 377 KB	126ms 125ms	Image image/jpeg	2a00:1450:4001:82a::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/www-courttv-uploads/2021/02/6a421923-021521_springsteen_web.jpg Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 7030edde5bbd78dee72e39c7112ffca4c594af0edcb7d56d11788c2c19e4015d Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT age 0 x-guploader-uploadid ABg5-UyBj5Xj6ZrTNYH7cCImSHWDbr6jZ6DSSqFvBhU7FFhvqXYcRQHN8XmmP9YHlH1JUSL70PRrl-i4fz3LivY9N6c x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-meta-object-id 38381 x-goog-stored-content-encoding identity alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 385094 x-goog-meta-height 720 x-goog-meta-file-hash d41d8cd98f00b204e9800998ecf8427e last-modified Tue, 16 Feb 2021 12:04:17 GMT server UploadServer etag "b8e941fc37d8a99ea94218d18c57b1ae" x-goog-hash crc32c=mJfClA==, md5=uOlB/DfYqZ6pQhjRjFexrg== x-goog-generation 1613477057590666 x-goog-meta-width 1280 cache-control public, max-age=36000, must-revalidate x-goog-meta-source-id 8a36aa4509cfad72efbd98a9db1a1040 x-goog-stored-content-length 385094 accept-ranges bytes content-type image/jpeg expires Wed, 17 Feb 2021 22:43:02 GMT
GET H2	200	201086f2-021521_unsolved_web.jpg storage.googleapis.com/www-courttv-uploads/2021/02/	248 KB 248 KB	120ms 119ms	Image image/jpeg	2a00:1450:4001:82a::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/www-courttv-uploads/2021/02/201086f2-021521_unsolved_web.jpg Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash b4728df66af027680a9339f5b55ab42e49e73a27a1be3b0fa5ced6c688a8a8b9 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT age 0 x-guploader-uploadid ABg5-UyPeiQ1tpdygaAbIZKkuycMPIAl5BjnM_3IdWkm4sph4VwClPqZxFdOU_KTqWDZ3Pcn8K_NRFTdo-3_TLFfd6iVzl9l2g x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-meta-object-id 38382 x-goog-stored-content-encoding identity alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 253839 x-goog-meta-height 720 x-goog-meta-file-hash d41d8cd98f00b204e9800998ecf8427e last-modified Tue, 16 Feb 2021 12:04:19 GMT server UploadServer etag "42255b89885260f3c3f7c882acf75bd3" x-goog-hash crc32c=XJv7nA==, md5=QiVbiYhSYPPD98iCrPdb0w== x-goog-generation 1613477059817390 x-goog-meta-width 1280 cache-control public, max-age=36000, must-revalidate x-goog-meta-source-id 24897bc4512bca16ea7e7780ebaeab02 x-goog-stored-content-length 253839 accept-ranges bytes content-type image/jpeg expires Wed, 17 Feb 2021 22:43:02 GMT
GET H2	200	4c7ea5d7-ap20184598972905-125x125.jpg storage.googleapis.com/www-courttv-uploads/2020/07/	9 KB 10 KB	347ms 346ms	Image image/jpeg	2a00:1450:4001:82a::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/www-courttv-uploads/2020/07/4c7ea5d7-ap20184598972905-125x125.jpg Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 0d065036f5586cdcdee342dbc75f58ab09e12b8752c452c68777cb3671aa451a Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT x-guploader-uploadid ABg5-Uwa630mzB-JYCPlnow_MYPYMlkNKYEavHG5My0JRFAyi1ZsGI8m8fAEwvdMClco_dbEXMj7XFRNOjDEmINhubq9ciprrg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 last-modified Fri, 03 Jul 2020 01:44:48 GMT x-goog-stored-content-encoding identity alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9590 x-goog-meta-height 125 x-goog-meta-file-hash d41d8cd98f00b204e9800998ecf8427e x-goog-meta-child-of 25464 server UploadServer etag "85d84890c72d9737ccfced661cd9f32b" x-goog-hash crc32c=TEJdPQ==, md5=hdhIkMctlzfM/O1mHNnzKw== x-goog-generation 1593740688375830 x-goog-meta-width 125 cache-control public, max-age=36000, must-revalidate x-goog-stored-content-length 9590 accept-ranges bytes content-type image/jpeg expires Wed, 17 Feb 2021 22:43:02 GMT
GET H2	200	e604fbaf-gary-zerola_boston-pd-125x125.jpg storage.googleapis.com/www-courttv-uploads/2021/01/	3 KB 3 KB	360ms 359ms	Image image/jpeg	2a00:1450:4001:82a::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/www-courttv-uploads/2021/01/e604fbaf-gary-zerola_boston-pd-125x125.jpg Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 7a304dd592871a317c105b102bbdfc730f0bbd9d59cc6d320c4132d9b8c6a9bc Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT x-guploader-uploadid ABg5-Uy2XLTX5ZkH0ejOQ26r2BhDL1vuGQoAMj44AMqmd0p2PD_fjra8gMCLvNh3xRceZe2d43EuSTsE66GNBGbPYxnAK9APsw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 last-modified Tue, 26 Jan 2021 18:53:52 GMT x-goog-stored-content-encoding identity alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3097 x-goog-meta-height 125 x-goog-meta-file-hash d41d8cd98f00b204e9800998ecf8427e x-goog-meta-child-of 37162 server UploadServer etag "90bff8b5e64c4bcc945744468fea2304" x-goog-hash crc32c=tgZoug==, md5=kL/4teZMS8yUV0RGj+ojBA== x-goog-generation 1611687232007381 x-goog-meta-width 125 cache-control public, max-age=36000, must-revalidate x-goog-stored-content-length 3097 accept-ranges bytes content-type image/jpeg expires Wed, 17 Feb 2021 22:43:02 GMT
GET H2	200	add1304c-ap20198713798529-125x125.jpg storage.googleapis.com/www-courttv-uploads/2020/07/	10 KB 10 KB	371ms 369ms	Image image/jpeg	2a00:1450:4001:82a::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/www-courttv-uploads/2020/07/add1304c-ap20198713798529-125x125.jpg Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 268cc0f550bac9f4430041cb047b3e4203dbc53c01d87858a1a4d6123a6331c2 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT x-guploader-uploadid ABg5-UxO45EdHcH_OvNVaWODJctntnsiLyLybe7QRA86H-3Jz3ufOGpGCt3v6W_-4hDG8spEPWBFm0X_pnW4gxAd8WGBQNIBlg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 last-modified Fri, 17 Jul 2020 00:52:48 GMT x-goog-stored-content-encoding identity alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10430 x-goog-meta-height 125 x-goog-meta-file-hash d41d8cd98f00b204e9800998ecf8427e x-goog-meta-child-of 26367 server UploadServer etag "9a35c5d4bc452c634fcb008553455129" x-goog-hash crc32c=uqTedg==, md5=mjXF1LxFLGNPywCFU0VRKQ== x-goog-generation 1594947168276538 x-goog-meta-width 125 cache-control public, max-age=36000, must-revalidate x-goog-stored-content-length 10430 accept-ranges bytes content-type image/jpeg expires Wed, 17 Feb 2021 22:43:02 GMT
GET H2	200	fe54c269-ap21043015304187-125x125.jpg storage.googleapis.com/www-courttv-uploads/2021/02/	23 KB 23 KB	394ms 393ms	Image image/jpeg	2a00:1450:4001:82a::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/www-courttv-uploads/2021/02/fe54c269-ap21043015304187-125x125.jpg Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 1f8ed466c18a8071400828d76aa15e4d02d42ecba2d812af51a5046a61d49ccb Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT x-guploader-uploadid ABg5-UysW3TlLqBmTh2Not-zuthTc60Uf9HDZi1WsMgPQzBv2jgy4lxOZlnhVK1jr5iLbfkdpXPzx5djGZBBN3rhI8q4sIN7Dg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 last-modified Wed, 17 Feb 2021 11:42:25 GMT x-goog-stored-content-encoding identity alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23377 x-goog-meta-height 125 x-goog-meta-file-hash d41d8cd98f00b204e9800998ecf8427e x-goog-meta-child-of 38457 server UploadServer etag "d635156a5c837db8697f4fc3103822fa" x-goog-hash crc32c=i31guQ==, md5=1jUValyDfbhpf0/DEDgi+g== x-goog-generation 1613562145598178 x-goog-meta-width 125 cache-control public, max-age=36000, must-revalidate x-goog-stored-content-length 23377 accept-ranges bytes content-type image/jpeg expires Wed, 17 Feb 2021 22:43:02 GMT
GET H2	200	917da412-ap21045109944671-125x125.jpg storage.googleapis.com/www-courttv-uploads/2021/02/	17 KB 18 KB	249ms 248ms	Image image/jpeg	2a00:1450:4001:82a::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/www-courttv-uploads/2021/02/917da412-ap21045109944671-125x125.jpg Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 6bb080688637e008714a407e34df8d9c1d31bf610691485f9f8db10c27e43ca2 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT x-guploader-uploadid ABg5-UzOlbv4gj0umt7nQqZFe8B-rns41btiPTD8DB9y_MuP0xjkm1YTu_TC5UBRGeAyrgwAWx0601nBePqoeCqG4ak x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 last-modified Wed, 17 Feb 2021 11:38:03 GMT x-goog-stored-content-encoding identity alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17847 x-goog-meta-height 125 x-goog-meta-file-hash d41d8cd98f00b204e9800998ecf8427e x-goog-meta-child-of 38452 server UploadServer etag "8d8856988b13ed706e1a3a58f4c62fd5" x-goog-hash crc32c=XbM+rA==, md5=jYhWmIsT7XBuGjpY9MYv1Q== x-goog-generation 1613561883302760 x-goog-meta-width 125 cache-control public, max-age=36000, must-revalidate x-goog-stored-content-length 17847 accept-ranges bytes content-type image/jpeg expires Wed, 17 Feb 2021 22:43:02 GMT
GET H2	200	ALRiyer-Bold_lc.ttf www.courttv.com/wp-content/themes/courttv/assets/styles/fonts/	370 KB 370 KB	224ms 223ms	Font application/octet-stream	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-content/themes/courttv/assets/styles/fonts/ALRiyer-Bold_lc.ttf Requested by Host: www.courttv.com URL: https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 830b98751b84de16e8fd56e1e7aa1cac98eb9280553634f9b1f56cfac61f5a1d Request headers Origin https://www.courttv.com Referer https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT last-modified Tue, 16 Apr 2019 16:03:59 GMT server nginx etag "5cb5fcef-5c664" vary Accept-Encoding content-type application/octet-stream access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 378468
GET H2	200	Gotham-Book.ttf www.courttv.com/wp-content/themes/courttv/assets/styles/fonts/	68 KB 68 KB	223ms 223ms	Font application/octet-stream	35.225.160.88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.courttv.com/wp-content/themes/courttv/assets/styles/fonts/Gotham-Book.ttf Requested by Host: www.courttv.com URL: https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.160.88 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 88.160.225.35.bc.googleusercontent.com Software nginx / Resource Hash 34418a63e3adbb89e7042a9657c6a8fc96c05f888958960a48e6249bb78bf48c Request headers Origin https://www.courttv.com Referer https://www.courttv.com/wp-content/themes/courttv/assets/styles/style.css?ver=1605901200 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT last-modified Mon, 05 Aug 2019 21:42:55 GMT server nginx etag "5d48a2df-11024" vary Accept-Encoding content-type application/octet-stream access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 69668
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-130305334-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Feb 2021 21:33:27 GMT server Golfe2 age 6946 date Wed, 17 Feb 2021 10:47:16 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18980 expires Wed, 17 Feb 2021 12:47:16 GMT
GET H3-Q050	200	js Show response www.googletagmanager.com/gtag/	97 KB 39 KB	54ms 38ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-748509752&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-130305334-1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5b27ae8ba5a944dad30c8b376e8db654ee87e17609a16335542fb79941ebd3b1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39104 x-xss-protection 0 last-modified Wed, 17 Feb 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 17 Feb 2021 12:43:02 GMT
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.10.0/	356 KB 78 KB	12ms 10ms	Script application/javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 17 Feb 2021 12:43:02 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Bh9exWOPGIwRshWljrtlEw== age 7437548 vary Accept-Encoding content-length 79698 cf-request-id 08519d033100004de8c1af2000000001 x-ms-lease-status unlocked last-modified Mon, 23 Nov 2020 02:33:28 GMT server cloudflare etag 0x8D88F582961DDDE expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 1f098869-501e-00cd-4b85-c1bdae000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=691200 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 622f977eb9854de8-FRA expires Thu, 25 Feb 2021 12:43:02 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	31 KB 12 KB	80ms 80ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-748509752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash 11e4390972243444bef13a861d73eed252a6d4c9cc43e98a7e4e19bceb46bee8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:02 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 12360 x-xss-protection 0 server cafe etag 195370021859676167 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Wed, 17 Feb 2021 12:43:02 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 66 B	13ms 13ms	XHR text/plain	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j88&a=178190813&t=pageview&_s=1&dl=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ul=en-us&de=UTF-8&dt=Court%20TV%20Mystery%20-%20Court%20TV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=830828138&gjid=948710919&cid=1687552973.1613565783&tid=UA-130305334-1&_gid=6593686.1613565783&_r=1&gtm=2ou230&z=736697195 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:02 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.courttv.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 85 B	16ms 16ms	XHR text/plain	2a00:1450:400c:c0c::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-130305334-1&cid=1687552973.1613565783&jid=830828138&gjid=948710919&_gid=6593686.1613565783&_u=IEBAAUAAAAAAAC~&z=413994019 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 17 Feb 2021 12:43:02 GMT content-type text/plain access-control-allow-origin https://www.courttv.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	en.json Show response cdn.cookielaw.org/consent/da940c29-1e1e-4231-b743-6d32862ead06/e767f314-4a2b-48cf-980e-b7450ace8c66/	45 KB 11 KB	14ms 13ms	Fetch application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/da940c29-1e1e-4231-b743-6d32862ead06/e767f314-4a2b-48cf-980e-b7450ace8c66/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25be17a380e71e7aa5f8b7f24a72ea3d22af26f9cb9e9b96a45e5db39552bff4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 17 Feb 2021 12:43:02 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 G1pUm02lHXzRKQYNh63xVA== age 5875 vary Accept-Encoding content-length 11027 cf-request-id 08519d03cc00004deec720f000000001 x-ms-lease-status unlocked last-modified Mon, 14 Dec 2020 21:48:20 GMT server cloudflare etag 0x8D8A079F8E6AF65 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 6ba91999-c01e-0122-5f27-04f085000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 622f977fa9eb4dee-FRA
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/748509752/	2 KB 1 KB	19ms 17ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/748509752/?random=1613565783110&cv=9&fst=1613565783110&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&tiba=Court%20TV%20Mystery%20-%20Court%20TV&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d41564ed45809db62d7164adec96b66552e0638a1c1bd8fcf1d0dc3c8cfca9f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:03 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 1030 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	pubads_impl_2021021101.js Show response securepubads.g.doubleclick.net/gpt/	289 KB 101 KB	153ms 83ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software sffe / Resource Hash a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:03 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 11 Feb 2021 09:38:54 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 103545 x-xss-protection 0 expires Wed, 17 Feb 2021 12:43:03 GMT
GET H2	200	otFloatingRoundedIcon.json Show response cdn.cookielaw.org/scripttemplates/6.10.0/assets/	15 KB 4 KB	13ms 12ms	Fetch application/json	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otFloatingRoundedIcon.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3dfd9318ac9833404cef0cf1ca95052b24543c99123a98c0fe05fc82c4d2f29 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 17 Feb 2021 12:43:03 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 YFNnA+Er73PvCqp5KyWf9g== age 4600440 vary Accept-Encoding content-length 4052 cf-request-id 08519d047800004deeae941000000001 x-ms-lease-status unlocked last-modified Thu, 03 Dec 2020 02:42:51 GMT server cloudflare etag 0x8D8973521335D93 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id b93928c9-b01e-00a1-0753-db167d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=691200 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 622f9780cbbd4dee-FRA expires Thu, 25 Feb 2021 12:43:03 GMT
GET H2	200	otPcPanel.json Show response cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/	47 KB 12 KB	11ms 11ms	Fetch application/json	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/otPcPanel.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1aa0d7fcdeb8bc386934c5d3fd9a3f991fbaa2816e4a1cbd2ee559ad1c3c26b5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 17 Feb 2021 12:43:03 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 4PM3Bylp9SSYzZHAheKFFw== age 4600440 vary Accept-Encoding content-length 11339 cf-request-id 08519d047800004deed6bff000000001 x-ms-lease-status unlocked last-modified Thu, 03 Dec 2020 02:42:53 GMT server cloudflare etag 0x8D89735222A6F89 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id bea0f128-301e-0011-5253-dbeffd000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=691200 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 622f9780cbbe4dee-FRA expires Thu, 25 Feb 2021 12:43:03 GMT
GET H2	200	otCookieSettingsButton.json Show response cdn.cookielaw.org/scripttemplates/6.10.0/assets/	5 KB 2 KB	12ms 11ms	Fetch application/json	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otCookieSettingsButton.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 17 Feb 2021 12:43:03 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 0TIfq4DA+dnrjtaD3i6fiw== age 5576478 vary Accept-Encoding content-length 2178 cf-request-id 08519d047800004deeb726a000000001 x-ms-lease-status unlocked last-modified Thu, 03 Dec 2020 02:42:52 GMT server cloudflare etag 0x8D8973521BF3D68 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 65940cd7-301e-0173-7a72-d2ee70000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=691200 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 622f9780cbbf4dee-FRA expires Thu, 25 Feb 2021 12:43:03 GMT
GET H3-Q050	200	/ www.google.com/pagead/1p-user-list/748509752/	42 B 89 B	21ms 19ms	Image image/gif	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/748509752/?random=1613565783110&cv=9&fst=1613563200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&tiba=Court%20TV%20Mystery%20-%20Court%20TV&async=1&fmt=3&is_vtc=1&random=4136235133&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/748509752/	42 B 154 B	21ms 20ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/748509752/?random=1613565783110&cv=9&fst=1613563200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&tiba=Court%20TV%20Mystery%20-%20Court%20TV&async=1&fmt=3&is_vtc=1&random=4136235133&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/	332 KB 129 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onloadCallbackFooterCaptcha&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c1c07ebcbd346b8d5b9a33219fce562ae37d9885563f6dabae6cd104bfd54827 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.courttv.com Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 11:50:08 GMT content-encoding gzip x-content-type-options nosniff age 3175 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 132389 x-xss-protection 0 last-modified Mon, 01 Feb 2021 05:06:45 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 17 Feb 2022 11:50:08 GMT
GET H2	200	show_companion_ad.js Show response pagead2.googlesyndication.com/pagead/	15 KB 7 KB	30ms 6ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_companion_ad.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a1538e3b9cb885329d7ec37ef73e34053f4b55174a738028bd62a83e25d48c9d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:24:10 GMT content-encoding gzip x-content-type-options nosniff age 1133 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 6355 x-xss-protection 0 server cafe etag 18225610270060991024 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Wed, 17 Feb 2021 13:24:10 GMT
GET H2	200	integrator.js Show response adservice.google.se/adsid/	109 B 803 B	77ms 28ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.se/adsid/integrator.js?domain=www.courttv.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 17 Feb 2021 12:43:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 243 B	30ms 29ms	Script application/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.courttv.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 17 Feb 2021 12:43:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H3-Q050	200	ads Show response securepubads.g.doubleclick.net/gampad/	52 KB 21 KB	507ms 506ms	XHR text/plain	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=697673073157683&correlator=983979424685818&output=ldjh&impl=fifs&hxva=1&scor=4038532447089309&eid=21068529%2C21068773%2C21068891&vrg=2021021101&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210217&iu_parts=6088%2Ckatz%2Ccourttv%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90%2C300x250%2C300x250&prev_scp=pos%3Dabove%7C%7C&cookie_enabled=1&bc=31&abxe=1&lmt=1613565783&dt=1613565783553&dlt=1613565782259&idt=1253&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C1022%2C1022&adys=9563%2C1048%2C2731&adks=2585059976%2C1797937698%2C1797946745&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90%7C379x7747%7C379x7747&msz=970x90%7C379x362%7C379x282&ga_vid=1687552973.1613565783&ga_sid=1613565784&ga_hid=178190813&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash 34c6100331d21a5ee5eb98497d3afc929854fcd04ffd2c3e1efe641bf2070564 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20960 x-xss-protection 0 google-lineitem-id -1,-1,-1 pragma no-cache server cafe google-creative-id -1,-1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.courttv.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/	0 0	50ms 14ms	Other text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	33ms 6ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H3-Q050	200	anchor Show response www.google.com/recaptcha/api2/ Frame 744A	20 KB 11 KB	30ms 29ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&co=aHR0cHM6Ly93d3cuY291cnR0di5jb206NDQz&hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&size=normal&cb=szh4bhkhbl1l Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/recaptcha__en.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f75d4aad097715bd44d2026fb621e7be53bd6fb9957c46f2114f1a4e0285ffbd Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-W/LVCUpHGcb0TYRX+3MTgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&co=aHR0cHM6Ly93d3cuY291cnR0di5jb206NDQz&hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&size=normal&cb=szh4bhkhbl1l pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.courttv.com/mystery/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.courttv.com/mystery/ Response headers content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Wed, 17 Feb 2021 12:43:03 GMT content-security-policy script-src 'report-sample' 'nonce-W/LVCUpHGcb0TYRX+3MTgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 10900 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	styles__ltr.css www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/ Frame 744A	50 KB 25 KB	46ms 32ms	Stylesheet text/css	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&co=aHR0cHM6Ly93d3cuY291cnR0di5jb206NDQz&hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&size=normal&cb=szh4bhkhbl1l Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&co=aHR0cHM6Ly93d3cuY291cnR0di5jb206NDQz&hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&size=normal&cb=szh4bhkhbl1l User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:01:23 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 01 Feb 2021 05:06:45 GMT server sffe age 2500 vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25479 x-xss-protection 0 expires Thu, 17 Feb 2022 12:01:23 GMT
GET H3-Q050	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/ Frame 744A	332 KB 130 KB	39ms 24ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&co=aHR0cHM6Ly93d3cuY291cnR0di5jb206NDQz&hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&size=normal&cb=szh4bhkhbl1l Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c1c07ebcbd346b8d5b9a33219fce562ae37d9885563f6dabae6cd104bfd54827 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&co=aHR0cHM6Ly93d3cuY291cnR0di5jb206NDQz&hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&size=normal&cb=szh4bhkhbl1l User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:15:17 GMT content-encoding gzip x-content-type-options nosniff age 1666 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 132389 x-xss-protection 0 last-modified Mon, 01 Feb 2021 05:06:45 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 17 Feb 2022 12:15:17 GMT
GET H3-Q050	200	iFuYXzaRoMyE7CFu6agOO-iTCjIGlRZi5EIKUZwuR_U.js Show response www.google.com/js/bg/ Frame 744A	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/bg/iFuYXzaRoMyE7CFu6agOO-iTCjIGlRZi5EIKUZwuR_U.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/recaptcha__en.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 885b985f3691a0cc84ec216ee9a80e3be8930a3206951662e4420a519c2e47f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&co=aHR0cHM6Ly93d3cuY291cnR0di5jb206NDQz&hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&size=normal&cb=szh4bhkhbl1l User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 11 Feb 2021 17:44:35 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 09 Feb 2021 09:00:00 GMT server sffe age 500308 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6321 x-xss-protection 0 expires Fri, 11 Feb 2022 17:44:35 GMT
GET H3-Q050	200	webworker.js www.google.com/recaptcha/api2/ Frame 744A	102 B 218 B	20ms 16ms	Other text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&co=aHR0cHM6Ly93d3cuY291cnR0di5jb206NDQz&hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&size=normal&cb=szh4bhkhbl1l Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 050be014144f5a95d8be13335084810c845e1e74e93337420cb3f2960f976966 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&co=aHR0cHM6Ly93d3cuY291cnR0di5jb206NDQz&hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&size=normal&cb=szh4bhkhbl1l User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:04 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Wed, 17 Feb 2021 12:43:04 GMT
GET H3-Q050	200	container.html Show response 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 3AE1	6 KB 3 KB	46ms 27ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-37/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.courttv.com/mystery/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.courttv.com/mystery/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 2973 date Wed, 17 Feb 2021 12:43:03 GMT expires Thu, 17 Feb 2022 12:43:03 GMT last-modified Thu, 21 Nov 2019 16:01:11 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	container.html Show response 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 5A4C	6 KB 3 KB	32ms 30ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-37/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.courttv.com/mystery/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.courttv.com/mystery/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 2973 date Wed, 17 Feb 2021 12:43:03 GMT expires Thu, 17 Feb 2022 12:43:03 GMT last-modified Thu, 21 Nov 2019 16:01:11 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	container.html Show response 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0470	6 KB 3 KB	22ms 21ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-37/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.courttv.com/mystery/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.courttv.com/mystery/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 2973 date Wed, 17 Feb 2021 12:43:03 GMT expires Thu, 17 Feb 2022 12:43:03 GMT last-modified Thu, 21 Nov 2019 16:01:11 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	74 KB 28 KB	57ms 14ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1082b879cd43a0dec9ab3cc9ae2ddad7426c64e73fed45067c89afcac5bdd227 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:04 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1613161064837431" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28346 x-xss-protection 0 expires Wed, 17 Feb 2021 12:43:04 GMT
GET H3-Q050	200	bframe Show response www.google.com/recaptcha/api2/ Frame 55F7	7 KB 1 KB	22ms 21ms	Document text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&cb=n4rq06cuxjl4 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/recaptcha__en.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5913b0a7d1ffe4e0529b1d105e3343a7467c05d622e59ab469fecbb534a03a07 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-kvmMs8uTSQywDAqTuwPaTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/bframe?hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&cb=n4rq06cuxjl4 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.courttv.com/mystery/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.courttv.com/mystery/ Response headers content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Wed, 17 Feb 2021 12:43:04 GMT content-security-policy script-src 'report-sample' 'nonce-kvmMs8uTSQywDAqTuwPaTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1124 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	pw.js Show response includemodal.global.ssl.fastly.net/ Frame 3AE1	30 KB 10 KB	34ms 33ms	Script application/javascript	151.101.1.194 FASTLY
General Check archive.org Show headers Download Go to Full URL https://includemodal.global.ssl.fastly.net/pw.js Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.194 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 27e9100386cf03bf50c519679aa12750adedb30bec5badf18a3b5a16de7c6f93 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id dD6vMY7gqnfNRXFLRvp_xnKBLHCbBaxT Content-Encoding gzip ETag "36df19b2956e21c45e1a9955d508f561" Age 3292 X-Cache HIT Connection keep-alive Content-Length 9795 x-amz-id-2 j45Z00BoclZYukFZLsSbEGdoTzTix+ieLymMDpPUT1TFeZFREHpc+lBbMZri1e+4uc4wa/dB4VE= X-Served-By cache-bma1624-BMA Last-Modified Sat, 06 Feb 2021 08:01:45 GMT Server AmazonS3 X-Timer S1613565784.412196,VS0,VE0 Date Wed, 17 Feb 2021 12:43:04 GMT Vary Accept-Encoding x-amz-request-id 35AC5831E1231BF8 Via 1.1 varnish Accept-Ranges bytes Content-Type application/javascript X-Cache-Hits 63
GET H3-Q050	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 4495	510 B 921 B	60ms 40ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY78rPkAEwAQ&v=APEucNXmevSlmV63OL6c5aOjUQGMZwtI9IqG-lIOxrDFIoBGctg67aXf_sQh2wcHobtaRKPr7Dki-AFm4LJQSBH6Q0Ic6i3hbWQygPEOEG8jykpfZ2m4RHTnENTf4WottT0iUn0tjyVM6umvQAC1FtFLDth8mk0eVnlzdY0kj5AgJY-zrSW6RKfSDEtO8R4QailDYOZO8gzKUheGWN8IC3Kzrq4irm4Fxw Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CN-KGhCn9EsY78rPkAEwAQ&v=APEucNXmevSlmV63OL6c5aOjUQGMZwtI9IqG-lIOxrDFIoBGctg67aXf_sQh2wcHobtaRKPr7Dki-AFm4LJQSBH6Q0Ic6i3hbWQygPEOEG8jykpfZ2m4RHTnENTf4WottT0iUn0tjyVM6umvQAC1FtFLDth8mk0eVnlzdY0kj5AgJY-zrSW6RKfSDEtO8R4QailDYOZO8gzKUheGWN8IC3Kzrq4irm4Fxw pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUlW5ccL-zynMcg7w7uEGZgceXSDr_mf4fBjhwnNTyTu9UWymLbPfIng8fOs Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Wed, 17 Feb 2021 12:43:04 GMT server cafe cache-control private content-length 236 x-xss-protection 0 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 3AE1	22 KB 11 KB	72ms 54ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8ecjpEJdrc-OTg05XyWP0BNWEA3pySaAImwpTbW8X4E2zumbPPfL6XCWc6-UNp8uNNUNaRZT0v3-lkNni-3KcpGv_f34xD0B4kRLqkiB7uMD00JRrHwwcy-YPMLlISdQQAQAbd5ShBwBadc0JSGka5iEP7w&cry=1&dbm_d=AKAmf-B9BRICkk0hBBOunGtZFtBb9dX1Pq0oxAxWkh31iHZcZ7XPhfEcqzBPiDWXEQHXsy9jUBQ0s5Zz5ev70gDmupvdELEMvrUMgdDN8eGUNIUK5FrMegJxhbYHGTUwLixpUF2Kz4rSOA8g3AOUoiiE7YXpBw8bN105aPKgTpiY0bh7WXXIiE6OMtDU-K_916y0NFtse85gkGlTbxKobp2k70O3bfnt_Mhjb5GftH4BUQrGQMnob8DyjyeMeI4dp3fz3nCdDhzy8TB9mQpO-j5x7PaugUgUnXp7eWvm0uAcyLMAgnSzvPWxSYGiJ3mQ2XVgVbznfXZojHI40YDChbr0Tcxarnf4eqUTlE0FLbuZi7vhdTWcDoxKkzNt6v-eD-BZ1RJqkVTzap_3CtExWQhNIt_WEY8qEd1gt3uqoOn8GBt9EbbdIviCWA-Ujl473fmaIIFBitJhLuGBzQ4YeK8tMw1_W_SbHwPap9q4dCNtKhpnK7IaXkQ1I1nBED3muX9tt-UYPzazmjalaswT2-wNaealaxAJEfG2ts18g7WI3cevkF5qt5HWhWOe9DBIQAiYgZbLfV93pcLrT3s8q1pKF1B9CFc7e2Hu2lNmVlDxcoVw9kwCLoMuOzCpHHT8hydeqz8BzUkehUdaGqzCgA11B6_MatehsnvXHnlS0Dm0hVf9FTxkAEwWAam5r34pXkkqD4f9VvVkVzZI7A0Hr3bWUPLt2gk9M4_x6kUDwgIQF8AUJBgaNaRSZTJ9-WoXS2uAodgG2vlXQK9wq6oAcRXN_nJm7ItBgenAkEewah8pGbQjZ2deYXZuaHzGLZ9Ia8BcFtdOS3-LbtcfozV2Bf2jayNjD9SM7uN1MtW74C196RDOCS5hZIWUD1yz9unLtesfs0aveOG8FyYiTfCxyVrVO8hMkZPqFoZPPYX4nt78UWZVkWjNww-5j49ouVFMs43hArkv0VS0eITEc0DuExvDbo8GzTXDj8Lskq18tajq0nCGkUqDRoxxTc_q35zq_C4DDgeKXeD7JI9DTy9mLN_oCiEKA_Syid5OS0-aiPdSzI4vNZUAq9LKcghcJcnc1hXRBtAYIP2zELQYZ9tb7ciZc0lLzXqwU5V2Vy8_tEgLTaJUvynqn0-zaMQAgnlgYeso1oF811MQscwtL_-XVIYII7kSYx2qtcZrZvaG-bd_xJr7RBDHdVou4P0ldNsrA5_52nn8mvG5mSizk0LrO0FpVZMIVf3BQCzOaP0sgoRV973AnzJ7zgKkeqGddlKYVvVonoHfaBUkn9v8_S9jFe3EWwAFY3ToWU0Z0-pa-NPujKzG4MRVbi96We-0-0Tt09D5JGwbpKZpXCGm96BUcMMEoX7TTI7D-fSvM2hDyIXjffr9-sziA3idmc-tULT_KE55xrQuM7GPyfuC3rmmne5eyPr7UtyQOn5MjfRi0SbEvcnmylb1dwKVhsGgsfvD9NV9QCvGGYYEZdnhnGL-Wcz6snRqijAgZxO1K4GhZPZ17JCWN2zL3JdSLWQ_eV-Ldaav-kyWA2C-4JDuRrX-2eyaeAh1ltnCma6774gqcPqaRlHdZvD5sfGG5s3lnrY4lO7SAWUd4vMd8xbKUpiJbFfdwO9i9LFUrvkCVjihTyIG_tHQ2sVIAZRhk2xDftFRbOlVxgdRMOhHj6O6nDxj7s_aWcEBncZm0YFPthIjtGyEYYLQ0JFJ6KXzPR5sFrKkQ-8C2MgLyY_BcDQu-MvmZ9_UXHtppc9Ikz1PGCwDL1OwwC2b0L5Z37hjorjluly4iHObH0UHOv3jjXLQCb1akZEy9Cjj-Z8kFUCa3U5mEWIUWvCfcPhvGLihybnTUXXEz7nh1LDucF0wsFy8CX3IUSp3B5MusVk-7VXce_IiZgNxGjzVDhionmNLT1Zexg7EpbSHkFcFoMmWPflVdbkNZCp1CThCE-LnNxExU5g2_-_iVHnWuYMwae0odHUzAWrv6YNWcUVmRA7zXtwaXKPUwl3xkB3EA0WfRxH5c_bip8NJ6FVqSXBRb8HmOwWV2JW24W75_-FvuhIPVG-vAD2GaXh_vgPLU95_Bd0i2ub_doboEEok74ViBeG5SBCgfmW5oQEHs1fs8iuCI6tL6TSxNjpFH6QH-LMVQP2uF-JtdDStGQJKSgdBAhTBObANDBvgDVTBZSSfVqFISekzN2r1xLpux02gcUmSY-CHnwi6LF__vrODh6qO5UT3GxJlToUU_OHXbvWI0xkI_xlvmGOvg2KUJ7EQQQo-j0wrXKSUiKy_P-vbeZVillSjmZy69OxrhyCyFV6hwhDhfXC_30kFdz8VhSCdO9AAI9toKXPPuYX7LoQWkYeqrfI_tnFyq6i7_E6cfy7HoJPJkeuluGSEtIMplKlUTzxK3udN9oIq15L2eNk4MbkFouCWxUOm_673S8GlqdY9p2Y3zUJKHJlhdf5ansI_4gOdXGRVhtMyhDWyrPYVuhbFEsYw_S223fNTDh_otvnanrEIc_Vp5WV3Khi38f6afY_zqpivKoCTEv26vNd_OeJuZvQmVz6_HC5tUDpYhZ97kgCfFL_X2H_mO1YQpsh_pckJ3KHljm8QUXRKfVDsTOV8Ipm8SKb2e0rJfjruC6f_h6Oeh78_kGmsAh_9q-mqIb2JY01X8AfDX9PLU1Mpi4gdTwtLNE7Y4LiqXd_eVFihEYDXZcy1SUYo08BVkGvSILyazQZSTPcWOtuedIEz9pAGufCsW6Wmx34xkEw8sS_YJEF49gRl0W060-l1R6glej7uvjoF8GgmKxjkgN_nTOLSFbMetJmKgNIQhszt94NKuoCoQJ67S-CHzWqNACVCjpbQyDGaxX2wkysbSMDLEIdcvx3fzZg5x8NwGYX2e30k3G3tlGas23ruZLjSFibXotBiJqW1hg678mgq3gP5emYTdsu5s9SWTVLU_qBU8bSIGdtlIWgvGzDIFjKgqGKq8eJhwlEsPbfLVzSh0WOfnGXix5na50FdPIYq-hMwjMnCYSaxmFiK_2Gjo7vQrOMuRgPVCT0Q95nv15uISUZvWqEll-wNMdH195qQQCv8PFVTMcAF8giaS7eI9DMjKlwb3IoMCcUm2_5lqd0J17OW983gTE3wk5Gz4h7rsODXEARubw7t&cid=CAASEuRoeCxd9vlLsLN2wFvj7nYEjQ Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fffb92982c11fb45255ddf92f2e52a2ac021359f1043369061eaac6165c007ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:04 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 11250 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3AE1	42 B 165 B	71ms 55ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C4aproOc95-KXJuwDE9BN_lJbN6Rmh0Ziq1PuCB58RGMYvzIqd7P2Gw4FKC8C9C4NVU0zAxflwENhMykM1nXRv9aGD2PvvAgmjpvFwBwe2_V-lOo8 Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:04 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 3AE1	3 KB 2 KB	48ms 30ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:05:34 GMT content-encoding gzip x-content-type-options nosniff age 2250 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1546 x-xss-protection 0 server cafe etag 8852521427838746165 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 03 Mar 2021 12:05:34 GMT
GET H3-Q050	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 3AE1	107 KB 33 KB	50ms 36ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 44f4c4b4880af1f974aae99eb91e9fd77179ddc4d35f959159740f149804bc1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:04 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1613161046593140" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33368 x-xss-protection 0 expires Wed, 17 Feb 2021 12:43:04 GMT
GET H3-Q050	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 3AE1	14 KB 6 KB	49ms 32ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:16:20 GMT content-encoding gzip x-content-type-options nosniff age 1604 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6139 x-xss-protection 0 server cafe etag 15217341015479086142 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 03 Mar 2021 12:16:20 GMT
GET H3-Q050	204	l www.google.com/ads/measurement/ Frame 3AE1	0 0	14ms 14ms	Image text/html	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPOoZs6DIrqUDbatmg4PEZYTyr0AcziKcNIYLoxPoFlmfuC9bT5qIiItKF1XTI0nT4B-ojZ-IQU8gaiWVPkb1WjWgrsQ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H/1.1	200 OK	pw.js Show response includemodal.global.ssl.fastly.net/ Frame 5A4C	30 KB 10 KB	58ms 37ms	Script application/javascript	151.101.1.194 FASTLY
General Check archive.org Show headers Download Go to Full URL https://includemodal.global.ssl.fastly.net/pw.js Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.194 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 27e9100386cf03bf50c519679aa12750adedb30bec5badf18a3b5a16de7c6f93 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id dD6vMY7gqnfNRXFLRvp_xnKBLHCbBaxT Content-Encoding gzip ETag "36df19b2956e21c45e1a9955d508f561" Age 3292 X-Cache HIT Connection keep-alive Content-Length 9795 x-amz-id-2 j45Z00BoclZYukFZLsSbEGdoTzTix+ieLymMDpPUT1TFeZFREHpc+lBbMZri1e+4uc4wa/dB4VE= X-Served-By cache-bma1624-BMA Last-Modified Sat, 06 Feb 2021 08:01:45 GMT Server AmazonS3 X-Timer S1613565784.460679,VS0,VE0 Date Wed, 17 Feb 2021 12:43:04 GMT Vary Accept-Encoding x-amz-request-id 35AC5831E1231BF8 Via 1.1 varnish Accept-Ranges bytes Content-Type application/javascript X-Cache-Hits 64
GET H3-Q050	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 69E4	0 140 B	49ms 30ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNXQarYupHJuh52clD5DBE9lYhUz8KIz6-2b7SSISF9gHxZ0fA-_NWD-h6Oa35CNK33TzuKpEr7W8bxuwvTFi4Qcb23KaqQCV50ifrlZsEg0uu-8ustJ2nQ0GsCKbx6YqKpRR1lf-uG9gvnBj6fKR7C4QPLDkwPqnU-kETtfci2pp0rrM2CNBdFLk5aFHx0YshohWlnk82IyHbYSrfCBjwxC-w3wug Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNXQarYupHJuh52clD5DBE9lYhUz8KIz6-2b7SSISF9gHxZ0fA-_NWD-h6Oa35CNK33TzuKpEr7W8bxuwvTFi4Qcb23KaqQCV50ifrlZsEg0uu-8ustJ2nQ0GsCKbx6YqKpRR1lf-uG9gvnBj6fKR7C4QPLDkwPqnU-kETtfci2pp0rrM2CNBdFLk5aFHx0YshohWlnk82IyHbYSrfCBjwxC-w3wug pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff date Wed, 17 Feb 2021 12:43:04 GMT server cafe content-length 0 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Wed, 17-Feb-2021 12:58:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" expires Wed, 17 Feb 2021 12:43:04 GMT cache-control private
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 5A4C	22 KB 11 KB	41ms 39ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTNqExPAsqxv4-X-5XiLSYAwzBwXVMEQWkdp6geggFyO8jISAcl5FChQLHdo_AcYUdsFTHu_gY0V_qV2bnH3UVY0R0ISXEuTPudTziHq4vJpdxwbrwStXFx20zsmnR3kasQIHD5a4eBGEDKabWCV7oUVlBPg&cry=1&dbm_d=AKAmf-CJmRr7T7XekZNjMe2P4TySb6Pv8JDeJey33e0uwbUpQYbnmKSAz1o3aJVTjEtJ2mECpDmf5Rr8tNFI83EXvtdQ-cMK3qqua70Bd8h2sqBBgbyCVfHBSnCEFWTQto47lkCaqEd9V4m5UDPV3lGOaIpVAlp0Vc43PkrPh2QqUn-FPlEjNNdSIAVaBsDlGpuekAUwxOADTu3es4fx1P5MmHHDv_YxKpU2E2l20F-B0VZab_Iy8H2_dCT2jvqNB_APOuKpKO-nq93r9Ov2e8rD0uZ0biO1RdDnJy5Lth9l00XwPoqSPcC98TSvkShDMerOtFlNbN_YjmZjmpeuMxmZya9f5SLbtVbRkAyb9jhoJC27c6ZVR14Mw0NC2Xwl3lPegEmW9VJ51sVt_UuhwrUqnCKeacr-2Xmrosvk3x2t_aadK439EtyQEwqTpppG-4mrO05GNKqOkO-z6_pKi6pLuTZlIQoC76AJBrUAOfTTiXXUQ4ZYcPtZIpLkA7xwmaUSkLFiINMpveWJG51lr_s1p5lF4QFHCUyUK3Wh2KS4NEBY6oPIZP0epv8E5CywAUOVmI17Wz4lPhMhCX8ObxXZKLgs_XYZVhif-SQOrB-V3IGorPChPh2lFu9MwZpBsE0pjjh4eXmsNxWyumAqNjKTvX4vAdePkrm5hDrylA64pPocbygR_jZktNdIptEb-mO0zm18kiXww0NIYr44G90wmy5mYMb3lEmp_YaMF1orP0GWlxnTbLKN9-08rl3pmIa0-KNFUExtYfiJaPEaN6kpbUdFChZUl0nLjW2nCJLvjdfHUc_b_kxgKcFskrTQPU30Jj6lrQICDvJHs0-3ot5nJ9CzROZdBMitRmtEW1yOggoT3ZNRVERFkNv2e-dZe2XcveMQR3vydweOFxZhO21NJcKiMSeGg_h5LsxWDLP0PjjBQt8bqrrvJN3yw78h5lKej-wzY4J-gopvfL_ecP6sjpUg0ZyXuCjGCB8mYMQS98_XpEihJeYppFfmPrm-UbgzOLnqLLqTDKZf5X6njU1hBk7VzuCd4_2nzsqNaCj1VzJz7zf0FiDDcaUIjy5ni5tsH2Jh3PQOtx-fy4bpZ2_r3L1UyjmeJCSvU2rSgxI9hKORpxW8EJ91d08s4U8rKc9jucunYXBhUptuj78LzleOWOzOntiruH_tVRAs-B6lNmKj5QQU6da9y63oKzZNJSizEvCLTKjUM_PRJU41UsyLLP6Vaq63UuqhazbVv-1e1_C0woQWJjoyWVDwATugDv6-mrZPUSaEqh8BxQ4OCnhHobncHlh5-B2gonMP4raoy6XxJd3Mlvs1q-kgjpAd7J2mQMM4XoDxLMiJunzBI8P46SfXhqN0NaktTajPaw9N18hndixnESDIxgqhlhTsAO7svGY2Fat6ka1X453GxS0V4ukkaOrygbCzEISU6NOfXOJDLtIu2xYqpZpdoE80HwXYrPqxWmZkBKS0qv7vcIIiKtPNkEq9FcTU7kvjxXuEoIvQyUt3Bo_2TNJ-GLJRxogSvUcGIOu2QOCfHxOf5PWkf9XR4qQauOVhKbGr0yphPdBpkvvdOPxDNv_VTDO5y73GClUW8rPy48xek_15iRWx6yPi1y0ic7dkrN7Mfc9fz3dLhl7EvcA12CVxCFYMSDxHb6MIdBGk0_Bi7ilu4h8FIL2bpUTLUSu4gJ8zdQoaB9DSuNt1m3GZT9nuz1AyhIS_PDxQVgZFGc_3KoPPRDHB3Fki0fOmgq2eZSnzbDj0v1DygW6uvjzYSQfcuGiTXLwFePYYr2acU79QH9Kf8DF0o8mOII_GIGJct7g3M_qJ9fSclvPb54sRkd7Jxnw8aC61r6Yx--6QzLWVj430DT7YYg0ppxsmrlOuitE3VCvHpTXKPwdewsuqGF5CojAwPM_FokNDs94FbQnur6oDZ6SOeW7J6SizIOFb6xnvpHart509DhEpMy90k009cNwMu2Hy4IwEKOh3iZ58Z-qtN__FwPXAE4ZiYutofel0HlxG1lolI-OJyRCxLrZFlPgYfae670dlz_oSrclzY1mkdJfi3nbO4QXqetOANZ4RKkLAiHW3DXy6yfNO4J2dYX_EjUthpTVSO9KiEyyOoQxXHXkHyAvOEnGQCaAw9VJKxV957nNaTadNe5ce_51Q4bodVLCjD48gBTfKFS7K18SlXUcnefqi5SLnHwP0S3Pc2awgQ1QEEe9_-1j-Eb_SNOs3AQDtdfiAszSDIW1gW2grv4vx2P7ZvHoDyXJg_PtI6inxfAjHQLbbLVfQamLfcyX1YBoJK4AaDigkTOyB3Fjb8nnlCL8GyQCVY2PSyyegkDH_z-RTR7lKHhSay5_D_q3dfOeU6yGNY2zpz_b3Lr17sspNIdhPRG0zRalE0wRtB9dpxEb78817LVRFtmMRkYuz5PH-JuksmBIjCpbNVJa6iLWMJHWroU0qKVljiLoX8AYkJsclJtD7_joLtGatdXhh_pe0UtgXQV1mmN7Uuvh8V1xy45K_mk20cqkvXIiDPQc11VSrdlC2UCEr-DeBQsHPArUd3uClB2f8o37BplowQBmmhXcOnJywHCEDt3TcJ9vnvZnLY2WC6l0o81ZHKcrDT95IS--SedGsYS8ytgRY1i5EU7Hr2j6w1XTy16sCs_4Lv7rLBPZgcmqK9h0iCY3YSoLp4eSeJ9tGMI-6r_PUS5pFtk6bmDS5EP-F26yVtloi-o5CUY-1NUalDFcgnMpezzUM3GUZAxveqH9abve9Udnfw7lbEsfWji3hMm2S40iLh55yLtIBGltU4IlaRQ1qzsQqwkA7VJ5iaa-huKYY_hwOb5OXvFMPrK6bdzk02Bn0Zq_7beCfBMYqy-hVhdzZjoQkhrimnMSunjJOO5tN5AuyftPvKxo8JjvEV8AOmmZulJJgsCpprV17hmH3Zk3RBesHZjYHEuzbuqaHTM-0ef1PQE1Ol1KI6iSX3waa_2GLNe30RNqI0h_qsiY0x0KOtB3zFJyTGoUrcLIkc5vdZEoDvzAm5GclIWKh0wUcgitcuSNhNJrbfeY0d2ujAaa9OVXblsEOD2OZh5CBYwcJkJEy4AZ3FqtdYNBrGLVngfsrTnK6XAAMaGeiSRcB-BazYV4bdlyy2-R5y4KSiM60hu5sz9yptoq0NQ&cid=CAASEuRoGQZJPRKNz6Csnl4frtvtYg Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 367a9ebe67f2829497673a5cc3f861054a00b26b1d33b05908e30824f3aeda15 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:04 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 11174 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5A4C	42 B 173 B	88ms 33ms	Image image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CW4VezqCKHE1XlaYcMjgn3TwkSFfgwVZ6RMCN0CUiRPFPILWPLoyjm1vTZxmLN6AzE9AKUJ-P0HJyoOB4ddh4YZruxg-izoCqQ4Uh2xiDCwxaLMgE Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:04 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 5A4C	3 KB 2 KB	26ms 10ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:05:34 GMT content-encoding gzip x-content-type-options nosniff age 2250 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1546 x-xss-protection 0 server cafe etag 8852521427838746165 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 03 Mar 2021 12:05:34 GMT
GET H3-Q050	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 5A4C	107 KB 33 KB	47ms 31ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 44f4c4b4880af1f974aae99eb91e9fd77179ddc4d35f959159740f149804bc1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:04 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1613161046593140" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33368 x-xss-protection 0 expires Wed, 17 Feb 2021 12:43:04 GMT
GET H3-Q050	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 5A4C	14 KB 6 KB	28ms 12ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:16:20 GMT content-encoding gzip x-content-type-options nosniff age 1604 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6139 x-xss-protection 0 server cafe etag 15217341015479086142 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 03 Mar 2021 12:16:20 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 5A4C	0 0	69ms 13ms	Image text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZjtqvnBhCySUR9S4X5JPuvVaHTAsQmq3JGzgb-b1LMUzq4m4Hg0Z0ld7YtrQZlxo1KhP5vpz5v0Wwp1WdA_6_-tmGiA Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H/1.1	200 OK	pw.js Show response includemodal.global.ssl.fastly.net/ Frame 0470	30 KB 10 KB	89ms 33ms	Script application/javascript	151.101.1.194 FASTLY
General Check archive.org Show headers Download Go to Full URL https://includemodal.global.ssl.fastly.net/pw.js Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.194 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 27e9100386cf03bf50c519679aa12750adedb30bec5badf18a3b5a16de7c6f93 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id dD6vMY7gqnfNRXFLRvp_xnKBLHCbBaxT Content-Encoding gzip ETag "36df19b2956e21c45e1a9955d508f561" Age 3292 X-Cache HIT Connection keep-alive Content-Length 9795 x-amz-id-2 j45Z00BoclZYukFZLsSbEGdoTzTix+ieLymMDpPUT1TFeZFREHpc+lBbMZri1e+4uc4wa/dB4VE= X-Served-By cache-bma1637-BMA Last-Modified Sat, 06 Feb 2021 08:01:45 GMT Server AmazonS3 X-Timer S1613565785.524663,VS0,VE0 Date Wed, 17 Feb 2021 12:43:04 GMT Vary Accept-Encoding x-amz-request-id 35AC5831E1231BF8 Via 1.1 varnish Accept-Ranges bytes Content-Type application/javascript X-Cache-Hits 51
GET H3-Q050	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame B326	0 23 B	42ms 28ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY0KC1DTAB&v=APEucNVY_htd8vKeUpb7XOXHVtT8JuMvYnNyKzlOpN48-GMJDSfQJKQpecXvZa8DpFZCFTKjPKqzvHH2VcwTMuDyZuR0tSJXVipBZqdSX-ijV5pNQ6JMTvwfPljRU9Z7KiVDzEVPuWzN7R05T7jzz0dEiLydYUdnSZ1Q4-qWUlMzf--wJZD2kB8tczv3pSJ3HRU3OvsGZf6ZDUZlcb5b-z2LB_JhOonQRg Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CN-KGhCn9EsY0KC1DTAB&v=APEucNVY_htd8vKeUpb7XOXHVtT8JuMvYnNyKzlOpN48-GMJDSfQJKQpecXvZa8DpFZCFTKjPKqzvHH2VcwTMuDyZuR0tSJXVipBZqdSX-ijV5pNQ6JMTvwfPljRU9Z7KiVDzEVPuWzN7R05T7jzz0dEiLydYUdnSZ1Q4-qWUlMzf--wJZD2kB8tczv3pSJ3HRU3OvsGZf6ZDUZlcb5b-z2LB_JhOonQRg pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff date Wed, 17 Feb 2021 12:43:04 GMT server cafe content-length 0 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Wed, 17-Feb-2021 12:58:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" expires Wed, 17 Feb 2021 12:43:04 GMT cache-control private
GET H3-Q050	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 0470	22 KB 11 KB	57ms 42ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtU1zDzCdij9cDrU73kFIl_5wdF4fBGCZk7VZbS-tL4jbY5btWOqNtw77ELMs94OlGm_CArRHioV-Oelm8NOM_rjJWI_HJcdYPwTpP8p-aIHDg8UjE5BGnxWoKom8mfBoJC4W6CzFvk2g9QV2oFnZ32USLwg&cry=1&dbm_d=AKAmf-APuiKWwzBW1my99wKpXXvWDkP_cY9axwxZKIRDXFZ85lyBkIyF3zJDMUCWvdiWIpy1UQYeiOqTza0AwkBWXMkzaTZcorD-Irwl4MhvAz97ng51ZIt2Vu8ZZNeSBnypzYSuSxSLd1Ya4BxE6z1ZFIg42k9qIl4PDYCzv4sz0IjVHBI6_CCeR1oP-MAFpfMAUnLWI6UaAY-8gaVhGJddBTYkYi3OQbthZMorI-Uu6HURJhH-j0uHx5cacmzRIdu9uKQKu-fz8-fEgulsAiES--TRP1MGztq5RjWfJzKQaRyIdsi8MahaVxcYnLwYhIpSZEOB52MlfybPCSrMdaZVM-m-1uJYIIxqCufqTOLeB75gcVoHdEoqpbTqM-C6QFkcry7Vp_Kj4OowRfKHeAICcQJMDt2fhqDaoGucSmxV8P4ufeOqopuAfTlxLNpuvjvatpUqWob03fqNtxJMDiLmf4XZ_Y6nWNhsIr6NIeHXHw6kitubMprHVbfxsTpMf62gNqxXHbIterZUn_Zuv-Vx3p0KCVfwLSsBKV_IqThX3pksSCENQYWSVm2yWcdiGXwtQbAYt5jtf7ZxmXdIhuOM_X9N5NJi4bXOPAurE3NFdCiXL19Tm6SbnzIo-M1RjWNcmFuD61zSat3-IFdG5FX4wDkjOjFSD4bnjvYLtKOKALfHEb1UTdWmnYf_uR6r6tQWBmKTaIBOTo9pmaAWiLiA_Dym1kPLr1iA2Ocjj8ExIOb7fzNKNW8f8ray0SLtJxwKDrHUELB17kpowIwXdsElZrTnYzzzjz7cYI6DOFUP-OjOny_nNWJnxKTYpC212FLKaDFVYUu35V6g9V8quBNDsrc-OY-mGfVdJFVyRbTK76BjcHsDEf77_NPY--w_Mh-wQ_6VpbBUMXwS0iiMwLyuN2pxw7DT3YTW8Sd9-zzrc3j-lDv1jOvOUpKdt921Ehbyj126Rwv1LszbCPWmd9NkWw50ywzlKmtHblR6H0K3LEsq_KCrVeXygJ2mxBsZkAPVGwxhc6__ZcivIYXuAQqcfeIV2H8tI4aoHAEr0kVUfWAvKKDtGWh0bedhZm01BpedjhEbfquAtbUJ9yoshKn5uD69AcKHvq65O-iP2KDIzYMqkWKMiQt6yCusuBgwGTwl6DiKDhWEi-etCce_1nuQADiw0qOEHeCkIDwNu80ugFCbo3fKsoLRIAK2AjgiWeiEkO_2pZ53B3S7ehXLYlou9V6MvsgUpaUaGKCnqxCfqpC661uifrz6kADcaystaDMSufCvEutUJuz_GugDeuhIYebA28sxcl3jkg8DuoUadlifuVavQxwkrogXOHylX6BwcuqFAmkHvDoOOBNx0Ga9Nee-_aQROkYD1VbZiSc9ffXV5Sp54ZttSNW-4Gyvwr97tVktOhDpk9Uz4SUbCXt1xOuN-R9eek2fAL0eyI4QdTjsob-mpRY7VEqdNWdMnpVC7PxPiPdghO84OEIXqn1Gaya8Pf-6YgNRe7QDTx3EuAGAOgojP6qXJavJPbKaaBQm6LXzvP5fNSvv-5g3sS8hAEH4-JFNE4U22HfiZUSwgnrK2XwOjZJaJvCGq48QtAvbIsXkKCPASobpHC7QH_Iq3s4b5gRCVJCqpzv_LLcZkVe2VSOxjo_aFcbLcncEJvV6DL4icrnijFiIybZFR-aoQm4I2lM7ZN9_hWYa0bymj3_PRxqamg0dUXPHkbgPSKijc8bogBVJq3j8PHdEYjbp3tEowKMsh2oTTdRQKlX6M1SjmVZcof3Jy5bykwfLbbZIa7TVYINeeO0CXlh7ZcrnAjslv8HvWON2crVwXKqktAYApBkGLD8jPt9pHL4v2QUyq-iPhLNdUhfIQuUUmoIxXNs2aj4fUNiDk7ESkgNifN5dIfHvnvqYjjy1wLCSCBTgHXL4kYmf3qAC_Al8X4L4NWhDtOBQpMZ1yuToqRL9URIi5HFN0dp75i7X2yOZBXtBQNf7wN1uYelmiDx9GDEjBzAT3TxewY9w6qjY6ozEM252_fiACpTYOF4jzmh047NdIa6c0vdSeutPPbwR55nYKDoSP9BrqxIkdY3hNccSD8Gii8NASdZaYQ0NXZnITwVjdDSYJRd3qSbSyN6mdRNbiw8knSRHA3yWVzI1mvIosTLfzOVQbFUBkM7KrH02vkVGF5xoaOsH7yX9-2cU5s_NRdBfQKVf_3QWdqqh-r0jLHqzKP7zR7ELEczLKpM5-uKBX-JV02ifqpG1M_95X14aDRndZa-q3KNEgP37GyJN-Opf_HbqMDGa7bSrkHKyFw5RjKeNWWj-s6ztn6LRzIj6dGfuYyizLPo8XQzKvzybgEYhk3mh6ybtq2KqsBzLD0jc62kVZXYGRr7x5p8zxoUDd5NqEBjVuHTQjKjuFjTmgaiNFadAHDLs4Rg4jf1u-lO1sYBxmqKZ8Q6glzjKYWT2qBXwsYA0unGqnhibUzdlqeQAnOEEatdDXya3s6yjYxbbSQLQnFTGJi5YRxwq4BPMIxTgcTtVR8y1Fs7XHKnJjRcqiGa8el-qsAwIAGSam-EgkgZZXKyDxvgcO9GfIURf2J3giGpJ4rgAxWUihpD4PMx678kmndssKeqmVfR0lGbZ-dtSvOYsL7L9sXPlgwFjRNuCwNFnA0quLR4gYEfaTKv8q2jX1f09AYbeKjieof6zxlLIe0Z07AhVagXC7uyAQ9GpF-TmGK3q-_9zRjcNI02B169ooT-upOCshPdFQiwiIUtjsvFXJLEFu9ZoFvjlm5GGBicptlSOvlwg3h6-rBRExdd8XBlIRp9OZpOiOwvRxiZgE2JSuYCJQTUq_iJr6vKllmbrUsXnCMYwgHbaESYCL3N2gU2wENyxk6RJZxDOgsnuFysQ9DP081GW8Ax1RFTfYxgox-PoGcYoUwUPmiVAogjrtk4qsAIwRkXNe02Fdo7TrQYciJis0B6MoAe5SrfwsuNugzWz0aYO8k7Muc4pjKTN_j6Sybq2OGVyeTbNdt5aKcnBO2Ho3XYEIpRnlMIFPV1OOhiHDW0x4hvC7M_mwY4-KMNFzBqEEBXS3rVv9cQKz2GUxr2w_mNBJJynQnrmQthbbe9ZCQVibJv1Pz1hUq68UBV9qfQLXC1VhAQ1JofkKhhZeQIpY3TtA15UHIw2t52w4-zL3vD2iNF80RpCqfvA83k&cid=CAASEuRos1YRGeXjIgVMjrExqUMUmQ Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8b4d860070382ce7ca332c149aa70a5f0eec58540a50349703760108207e4f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:04 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 11196 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0470	42 B 65 B	84ms 40ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DulW6MaxM3SFM3zumPF5nHhnH1c0gfZRT6QO2YThZ0K1HyjIO1M_sZAs0qEpibsHB0vM7F2d8XJ464-J9Fa6Fr96804tzvrmRW1q2MJmKAsKQ6qpQ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:04 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 0470	3 KB 2 KB	23ms 11ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:05:34 GMT content-encoding gzip x-content-type-options nosniff age 2250 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1546 x-xss-protection 0 server cafe etag 8852521427838746165 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 03 Mar 2021 12:05:34 GMT
GET H3-Q050	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0470	107 KB 33 KB	42ms 30ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 44f4c4b4880af1f974aae99eb91e9fd77179ddc4d35f959159740f149804bc1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:04 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1613161046593140" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33368 x-xss-protection 0 expires Wed, 17 Feb 2021 12:43:04 GMT
GET H3-Q050	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 0470	14 KB 6 KB	23ms 12ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:16:20 GMT content-encoding gzip x-content-type-options nosniff age 1604 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6139 x-xss-protection 0 server cafe etag 15217341015479086142 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 03 Mar 2021 12:16:20 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 0470	0 0	62ms 13ms	Image text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYdeHptjtf3CuNq5Dtv8OhONiMB3k8PBiSDxHRWkM7LzZvFmwHNl2qzNRqfn7ciyQxP0DB4Dz5TfM1Avxef1NYUPj1NQ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	styles__ltr.css www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/ Frame 55F7	50 KB 25 KB	22ms 2ms	Stylesheet text/css	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&cb=n4rq06cuxjl4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/recaptcha/api2/bframe?hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&cb=n4rq06cuxjl4 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 11:14:39 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 01 Feb 2021 05:06:45 GMT server sffe age 5305 vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25479 x-xss-protection 0 expires Thu, 17 Feb 2022 11:14:39 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/ Frame 55F7	332 KB 129 KB	28ms 0ms	Script text/javascript	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&cb=n4rq06cuxjl4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c1c07ebcbd346b8d5b9a33219fce562ae37d9885563f6dabae6cd104bfd54827 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/recaptcha/api2/bframe?hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&k=6LfHYQAVAAAAAJ9yZPvPCuWkNa1DpKjYEorFwLqj&cb=n4rq06cuxjl4 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:00:05 GMT content-encoding gzip x-content-type-options nosniff age 2579 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 132389 x-xss-protection 0 last-modified Mon, 01 Feb 2021 05:06:45 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 17 Feb 2022 12:00:05 GMT
GET H3-Q050	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 3AE1	23 KB 9 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8ecjpEJdrc-OTg05XyWP0BNWEA3pySaAImwpTbW8X4E2zumbPPfL6XCWc6-UNp8uNNUNaRZT0v3-lkNni-3KcpGv_f34xD0B4kRLqkiB7uMD00JRrHwwcy-YPMLlISdQQAQAbd5ShBwBadc0JSGka5iEP7w&cry=1&dbm_d=AKAmf-B9BRICkk0hBBOunGtZFtBb9dX1Pq0oxAxWkh31iHZcZ7XPhfEcqzBPiDWXEQHXsy9jUBQ0s5Zz5ev70gDmupvdELEMvrUMgdDN8eGUNIUK5FrMegJxhbYHGTUwLixpUF2Kz4rSOA8g3AOUoiiE7YXpBw8bN105aPKgTpiY0bh7WXXIiE6OMtDU-K_916y0NFtse85gkGlTbxKobp2k70O3bfnt_Mhjb5GftH4BUQrGQMnob8DyjyeMeI4dp3fz3nCdDhzy8TB9mQpO-j5x7PaugUgUnXp7eWvm0uAcyLMAgnSzvPWxSYGiJ3mQ2XVgVbznfXZojHI40YDChbr0Tcxarnf4eqUTlE0FLbuZi7vhdTWcDoxKkzNt6v-eD-BZ1RJqkVTzap_3CtExWQhNIt_WEY8qEd1gt3uqoOn8GBt9EbbdIviCWA-Ujl473fmaIIFBitJhLuGBzQ4YeK8tMw1_W_SbHwPap9q4dCNtKhpnK7IaXkQ1I1nBED3muX9tt-UYPzazmjalaswT2-wNaealaxAJEfG2ts18g7WI3cevkF5qt5HWhWOe9DBIQAiYgZbLfV93pcLrT3s8q1pKF1B9CFc7e2Hu2lNmVlDxcoVw9kwCLoMuOzCpHHT8hydeqz8BzUkehUdaGqzCgA11B6_MatehsnvXHnlS0Dm0hVf9FTxkAEwWAam5r34pXkkqD4f9VvVkVzZI7A0Hr3bWUPLt2gk9M4_x6kUDwgIQF8AUJBgaNaRSZTJ9-WoXS2uAodgG2vlXQK9wq6oAcRXN_nJm7ItBgenAkEewah8pGbQjZ2deYXZuaHzGLZ9Ia8BcFtdOS3-LbtcfozV2Bf2jayNjD9SM7uN1MtW74C196RDOCS5hZIWUD1yz9unLtesfs0aveOG8FyYiTfCxyVrVO8hMkZPqFoZPPYX4nt78UWZVkWjNww-5j49ouVFMs43hArkv0VS0eITEc0DuExvDbo8GzTXDj8Lskq18tajq0nCGkUqDRoxxTc_q35zq_C4DDgeKXeD7JI9DTy9mLN_oCiEKA_Syid5OS0-aiPdSzI4vNZUAq9LKcghcJcnc1hXRBtAYIP2zELQYZ9tb7ciZc0lLzXqwU5V2Vy8_tEgLTaJUvynqn0-zaMQAgnlgYeso1oF811MQscwtL_-XVIYII7kSYx2qtcZrZvaG-bd_xJr7RBDHdVou4P0ldNsrA5_52nn8mvG5mSizk0LrO0FpVZMIVf3BQCzOaP0sgoRV973AnzJ7zgKkeqGddlKYVvVonoHfaBUkn9v8_S9jFe3EWwAFY3ToWU0Z0-pa-NPujKzG4MRVbi96We-0-0Tt09D5JGwbpKZpXCGm96BUcMMEoX7TTI7D-fSvM2hDyIXjffr9-sziA3idmc-tULT_KE55xrQuM7GPyfuC3rmmne5eyPr7UtyQOn5MjfRi0SbEvcnmylb1dwKVhsGgsfvD9NV9QCvGGYYEZdnhnGL-Wcz6snRqijAgZxO1K4GhZPZ17JCWN2zL3JdSLWQ_eV-Ldaav-kyWA2C-4JDuRrX-2eyaeAh1ltnCma6774gqcPqaRlHdZvD5sfGG5s3lnrY4lO7SAWUd4vMd8xbKUpiJbFfdwO9i9LFUrvkCVjihTyIG_tHQ2sVIAZRhk2xDftFRbOlVxgdRMOhHj6O6nDxj7s_aWcEBncZm0YFPthIjtGyEYYLQ0JFJ6KXzPR5sFrKkQ-8C2MgLyY_BcDQu-MvmZ9_UXHtppc9Ikz1PGCwDL1OwwC2b0L5Z37hjorjluly4iHObH0UHOv3jjXLQCb1akZEy9Cjj-Z8kFUCa3U5mEWIUWvCfcPhvGLihybnTUXXEz7nh1LDucF0wsFy8CX3IUSp3B5MusVk-7VXce_IiZgNxGjzVDhionmNLT1Zexg7EpbSHkFcFoMmWPflVdbkNZCp1CThCE-LnNxExU5g2_-_iVHnWuYMwae0odHUzAWrv6YNWcUVmRA7zXtwaXKPUwl3xkB3EA0WfRxH5c_bip8NJ6FVqSXBRb8HmOwWV2JW24W75_-FvuhIPVG-vAD2GaXh_vgPLU95_Bd0i2ub_doboEEok74ViBeG5SBCgfmW5oQEHs1fs8iuCI6tL6TSxNjpFH6QH-LMVQP2uF-JtdDStGQJKSgdBAhTBObANDBvgDVTBZSSfVqFISekzN2r1xLpux02gcUmSY-CHnwi6LF__vrODh6qO5UT3GxJlToUU_OHXbvWI0xkI_xlvmGOvg2KUJ7EQQQo-j0wrXKSUiKy_P-vbeZVillSjmZy69OxrhyCyFV6hwhDhfXC_30kFdz8VhSCdO9AAI9toKXPPuYX7LoQWkYeqrfI_tnFyq6i7_E6cfy7HoJPJkeuluGSEtIMplKlUTzxK3udN9oIq15L2eNk4MbkFouCWxUOm_673S8GlqdY9p2Y3zUJKHJlhdf5ansI_4gOdXGRVhtMyhDWyrPYVuhbFEsYw_S223fNTDh_otvnanrEIc_Vp5WV3Khi38f6afY_zqpivKoCTEv26vNd_OeJuZvQmVz6_HC5tUDpYhZ97kgCfFL_X2H_mO1YQpsh_pckJ3KHljm8QUXRKfVDsTOV8Ipm8SKb2e0rJfjruC6f_h6Oeh78_kGmsAh_9q-mqIb2JY01X8AfDX9PLU1Mpi4gdTwtLNE7Y4LiqXd_eVFihEYDXZcy1SUYo08BVkGvSILyazQZSTPcWOtuedIEz9pAGufCsW6Wmx34xkEw8sS_YJEF49gRl0W060-l1R6glej7uvjoF8GgmKxjkgN_nTOLSFbMetJmKgNIQhszt94NKuoCoQJ67S-CHzWqNACVCjpbQyDGaxX2wkysbSMDLEIdcvx3fzZg5x8NwGYX2e30k3G3tlGas23ruZLjSFibXotBiJqW1hg678mgq3gP5emYTdsu5s9SWTVLU_qBU8bSIGdtlIWgvGzDIFjKgqGKq8eJhwlEsPbfLVzSh0WOfnGXix5na50FdPIYq-hMwjMnCYSaxmFiK_2Gjo7vQrOMuRgPVCT0Q95nv15uISUZvWqEll-wNMdH195qQQCv8PFVTMcAF8giaS7eI9DMjKlwb3IoMCcUm2_5lqd0J17OW983gTE3wk5Gz4h7rsODXEARubw7t&cid=CAASEuRoeCxd9vlLsLN2wFvj7nYEjQ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1bbb1cf040948bea2829656ed20814d5ecabdeb106bff79cad43af8e6ed78161 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:20:35 GMT content-encoding gzip x-content-type-options nosniff age 1349 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 8953 x-xss-protection 0 server cafe etag 10862945726693812791 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 03 Mar 2021 12:20:35 GMT
GET H3-Q050	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 3AE1	41 KB 15 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8ecjpEJdrc-OTg05XyWP0BNWEA3pySaAImwpTbW8X4E2zumbPPfL6XCWc6-UNp8uNNUNaRZT0v3-lkNni-3KcpGv_f34xD0B4kRLqkiB7uMD00JRrHwwcy-YPMLlISdQQAQAbd5ShBwBadc0JSGka5iEP7w&cry=1&dbm_d=AKAmf-B9BRICkk0hBBOunGtZFtBb9dX1Pq0oxAxWkh31iHZcZ7XPhfEcqzBPiDWXEQHXsy9jUBQ0s5Zz5ev70gDmupvdELEMvrUMgdDN8eGUNIUK5FrMegJxhbYHGTUwLixpUF2Kz4rSOA8g3AOUoiiE7YXpBw8bN105aPKgTpiY0bh7WXXIiE6OMtDU-K_916y0NFtse85gkGlTbxKobp2k70O3bfnt_Mhjb5GftH4BUQrGQMnob8DyjyeMeI4dp3fz3nCdDhzy8TB9mQpO-j5x7PaugUgUnXp7eWvm0uAcyLMAgnSzvPWxSYGiJ3mQ2XVgVbznfXZojHI40YDChbr0Tcxarnf4eqUTlE0FLbuZi7vhdTWcDoxKkzNt6v-eD-BZ1RJqkVTzap_3CtExWQhNIt_WEY8qEd1gt3uqoOn8GBt9EbbdIviCWA-Ujl473fmaIIFBitJhLuGBzQ4YeK8tMw1_W_SbHwPap9q4dCNtKhpnK7IaXkQ1I1nBED3muX9tt-UYPzazmjalaswT2-wNaealaxAJEfG2ts18g7WI3cevkF5qt5HWhWOe9DBIQAiYgZbLfV93pcLrT3s8q1pKF1B9CFc7e2Hu2lNmVlDxcoVw9kwCLoMuOzCpHHT8hydeqz8BzUkehUdaGqzCgA11B6_MatehsnvXHnlS0Dm0hVf9FTxkAEwWAam5r34pXkkqD4f9VvVkVzZI7A0Hr3bWUPLt2gk9M4_x6kUDwgIQF8AUJBgaNaRSZTJ9-WoXS2uAodgG2vlXQK9wq6oAcRXN_nJm7ItBgenAkEewah8pGbQjZ2deYXZuaHzGLZ9Ia8BcFtdOS3-LbtcfozV2Bf2jayNjD9SM7uN1MtW74C196RDOCS5hZIWUD1yz9unLtesfs0aveOG8FyYiTfCxyVrVO8hMkZPqFoZPPYX4nt78UWZVkWjNww-5j49ouVFMs43hArkv0VS0eITEc0DuExvDbo8GzTXDj8Lskq18tajq0nCGkUqDRoxxTc_q35zq_C4DDgeKXeD7JI9DTy9mLN_oCiEKA_Syid5OS0-aiPdSzI4vNZUAq9LKcghcJcnc1hXRBtAYIP2zELQYZ9tb7ciZc0lLzXqwU5V2Vy8_tEgLTaJUvynqn0-zaMQAgnlgYeso1oF811MQscwtL_-XVIYII7kSYx2qtcZrZvaG-bd_xJr7RBDHdVou4P0ldNsrA5_52nn8mvG5mSizk0LrO0FpVZMIVf3BQCzOaP0sgoRV973AnzJ7zgKkeqGddlKYVvVonoHfaBUkn9v8_S9jFe3EWwAFY3ToWU0Z0-pa-NPujKzG4MRVbi96We-0-0Tt09D5JGwbpKZpXCGm96BUcMMEoX7TTI7D-fSvM2hDyIXjffr9-sziA3idmc-tULT_KE55xrQuM7GPyfuC3rmmne5eyPr7UtyQOn5MjfRi0SbEvcnmylb1dwKVhsGgsfvD9NV9QCvGGYYEZdnhnGL-Wcz6snRqijAgZxO1K4GhZPZ17JCWN2zL3JdSLWQ_eV-Ldaav-kyWA2C-4JDuRrX-2eyaeAh1ltnCma6774gqcPqaRlHdZvD5sfGG5s3lnrY4lO7SAWUd4vMd8xbKUpiJbFfdwO9i9LFUrvkCVjihTyIG_tHQ2sVIAZRhk2xDftFRbOlVxgdRMOhHj6O6nDxj7s_aWcEBncZm0YFPthIjtGyEYYLQ0JFJ6KXzPR5sFrKkQ-8C2MgLyY_BcDQu-MvmZ9_UXHtppc9Ikz1PGCwDL1OwwC2b0L5Z37hjorjluly4iHObH0UHOv3jjXLQCb1akZEy9Cjj-Z8kFUCa3U5mEWIUWvCfcPhvGLihybnTUXXEz7nh1LDucF0wsFy8CX3IUSp3B5MusVk-7VXce_IiZgNxGjzVDhionmNLT1Zexg7EpbSHkFcFoMmWPflVdbkNZCp1CThCE-LnNxExU5g2_-_iVHnWuYMwae0odHUzAWrv6YNWcUVmRA7zXtwaXKPUwl3xkB3EA0WfRxH5c_bip8NJ6FVqSXBRb8HmOwWV2JW24W75_-FvuhIPVG-vAD2GaXh_vgPLU95_Bd0i2ub_doboEEok74ViBeG5SBCgfmW5oQEHs1fs8iuCI6tL6TSxNjpFH6QH-LMVQP2uF-JtdDStGQJKSgdBAhTBObANDBvgDVTBZSSfVqFISekzN2r1xLpux02gcUmSY-CHnwi6LF__vrODh6qO5UT3GxJlToUU_OHXbvWI0xkI_xlvmGOvg2KUJ7EQQQo-j0wrXKSUiKy_P-vbeZVillSjmZy69OxrhyCyFV6hwhDhfXC_30kFdz8VhSCdO9AAI9toKXPPuYX7LoQWkYeqrfI_tnFyq6i7_E6cfy7HoJPJkeuluGSEtIMplKlUTzxK3udN9oIq15L2eNk4MbkFouCWxUOm_673S8GlqdY9p2Y3zUJKHJlhdf5ansI_4gOdXGRVhtMyhDWyrPYVuhbFEsYw_S223fNTDh_otvnanrEIc_Vp5WV3Khi38f6afY_zqpivKoCTEv26vNd_OeJuZvQmVz6_HC5tUDpYhZ97kgCfFL_X2H_mO1YQpsh_pckJ3KHljm8QUXRKfVDsTOV8Ipm8SKb2e0rJfjruC6f_h6Oeh78_kGmsAh_9q-mqIb2JY01X8AfDX9PLU1Mpi4gdTwtLNE7Y4LiqXd_eVFihEYDXZcy1SUYo08BVkGvSILyazQZSTPcWOtuedIEz9pAGufCsW6Wmx34xkEw8sS_YJEF49gRl0W060-l1R6glej7uvjoF8GgmKxjkgN_nTOLSFbMetJmKgNIQhszt94NKuoCoQJ67S-CHzWqNACVCjpbQyDGaxX2wkysbSMDLEIdcvx3fzZg5x8NwGYX2e30k3G3tlGas23ruZLjSFibXotBiJqW1hg678mgq3gP5emYTdsu5s9SWTVLU_qBU8bSIGdtlIWgvGzDIFjKgqGKq8eJhwlEsPbfLVzSh0WOfnGXix5na50FdPIYq-hMwjMnCYSaxmFiK_2Gjo7vQrOMuRgPVCT0Q95nv15uISUZvWqEll-wNMdH195qQQCv8PFVTMcAF8giaS7eI9DMjKlwb3IoMCcUm2_5lqd0J17OW983gTE3wk5Gz4h7rsODXEARubw7t&cid=CAASEuRoeCxd9vlLsLN2wFvj7nYEjQ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 15:12:33 GMT content-encoding gzip x-content-type-options nosniff age 77431 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Feb 2022 15:12:33 GMT
GET H3-Q050	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 5A4C	23 KB 9 KB	13ms 6ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTNqExPAsqxv4-X-5XiLSYAwzBwXVMEQWkdp6geggFyO8jISAcl5FChQLHdo_AcYUdsFTHu_gY0V_qV2bnH3UVY0R0ISXEuTPudTziHq4vJpdxwbrwStXFx20zsmnR3kasQIHD5a4eBGEDKabWCV7oUVlBPg&cry=1&dbm_d=AKAmf-CJmRr7T7XekZNjMe2P4TySb6Pv8JDeJey33e0uwbUpQYbnmKSAz1o3aJVTjEtJ2mECpDmf5Rr8tNFI83EXvtdQ-cMK3qqua70Bd8h2sqBBgbyCVfHBSnCEFWTQto47lkCaqEd9V4m5UDPV3lGOaIpVAlp0Vc43PkrPh2QqUn-FPlEjNNdSIAVaBsDlGpuekAUwxOADTu3es4fx1P5MmHHDv_YxKpU2E2l20F-B0VZab_Iy8H2_dCT2jvqNB_APOuKpKO-nq93r9Ov2e8rD0uZ0biO1RdDnJy5Lth9l00XwPoqSPcC98TSvkShDMerOtFlNbN_YjmZjmpeuMxmZya9f5SLbtVbRkAyb9jhoJC27c6ZVR14Mw0NC2Xwl3lPegEmW9VJ51sVt_UuhwrUqnCKeacr-2Xmrosvk3x2t_aadK439EtyQEwqTpppG-4mrO05GNKqOkO-z6_pKi6pLuTZlIQoC76AJBrUAOfTTiXXUQ4ZYcPtZIpLkA7xwmaUSkLFiINMpveWJG51lr_s1p5lF4QFHCUyUK3Wh2KS4NEBY6oPIZP0epv8E5CywAUOVmI17Wz4lPhMhCX8ObxXZKLgs_XYZVhif-SQOrB-V3IGorPChPh2lFu9MwZpBsE0pjjh4eXmsNxWyumAqNjKTvX4vAdePkrm5hDrylA64pPocbygR_jZktNdIptEb-mO0zm18kiXww0NIYr44G90wmy5mYMb3lEmp_YaMF1orP0GWlxnTbLKN9-08rl3pmIa0-KNFUExtYfiJaPEaN6kpbUdFChZUl0nLjW2nCJLvjdfHUc_b_kxgKcFskrTQPU30Jj6lrQICDvJHs0-3ot5nJ9CzROZdBMitRmtEW1yOggoT3ZNRVERFkNv2e-dZe2XcveMQR3vydweOFxZhO21NJcKiMSeGg_h5LsxWDLP0PjjBQt8bqrrvJN3yw78h5lKej-wzY4J-gopvfL_ecP6sjpUg0ZyXuCjGCB8mYMQS98_XpEihJeYppFfmPrm-UbgzOLnqLLqTDKZf5X6njU1hBk7VzuCd4_2nzsqNaCj1VzJz7zf0FiDDcaUIjy5ni5tsH2Jh3PQOtx-fy4bpZ2_r3L1UyjmeJCSvU2rSgxI9hKORpxW8EJ91d08s4U8rKc9jucunYXBhUptuj78LzleOWOzOntiruH_tVRAs-B6lNmKj5QQU6da9y63oKzZNJSizEvCLTKjUM_PRJU41UsyLLP6Vaq63UuqhazbVv-1e1_C0woQWJjoyWVDwATugDv6-mrZPUSaEqh8BxQ4OCnhHobncHlh5-B2gonMP4raoy6XxJd3Mlvs1q-kgjpAd7J2mQMM4XoDxLMiJunzBI8P46SfXhqN0NaktTajPaw9N18hndixnESDIxgqhlhTsAO7svGY2Fat6ka1X453GxS0V4ukkaOrygbCzEISU6NOfXOJDLtIu2xYqpZpdoE80HwXYrPqxWmZkBKS0qv7vcIIiKtPNkEq9FcTU7kvjxXuEoIvQyUt3Bo_2TNJ-GLJRxogSvUcGIOu2QOCfHxOf5PWkf9XR4qQauOVhKbGr0yphPdBpkvvdOPxDNv_VTDO5y73GClUW8rPy48xek_15iRWx6yPi1y0ic7dkrN7Mfc9fz3dLhl7EvcA12CVxCFYMSDxHb6MIdBGk0_Bi7ilu4h8FIL2bpUTLUSu4gJ8zdQoaB9DSuNt1m3GZT9nuz1AyhIS_PDxQVgZFGc_3KoPPRDHB3Fki0fOmgq2eZSnzbDj0v1DygW6uvjzYSQfcuGiTXLwFePYYr2acU79QH9Kf8DF0o8mOII_GIGJct7g3M_qJ9fSclvPb54sRkd7Jxnw8aC61r6Yx--6QzLWVj430DT7YYg0ppxsmrlOuitE3VCvHpTXKPwdewsuqGF5CojAwPM_FokNDs94FbQnur6oDZ6SOeW7J6SizIOFb6xnvpHart509DhEpMy90k009cNwMu2Hy4IwEKOh3iZ58Z-qtN__FwPXAE4ZiYutofel0HlxG1lolI-OJyRCxLrZFlPgYfae670dlz_oSrclzY1mkdJfi3nbO4QXqetOANZ4RKkLAiHW3DXy6yfNO4J2dYX_EjUthpTVSO9KiEyyOoQxXHXkHyAvOEnGQCaAw9VJKxV957nNaTadNe5ce_51Q4bodVLCjD48gBTfKFS7K18SlXUcnefqi5SLnHwP0S3Pc2awgQ1QEEe9_-1j-Eb_SNOs3AQDtdfiAszSDIW1gW2grv4vx2P7ZvHoDyXJg_PtI6inxfAjHQLbbLVfQamLfcyX1YBoJK4AaDigkTOyB3Fjb8nnlCL8GyQCVY2PSyyegkDH_z-RTR7lKHhSay5_D_q3dfOeU6yGNY2zpz_b3Lr17sspNIdhPRG0zRalE0wRtB9dpxEb78817LVRFtmMRkYuz5PH-JuksmBIjCpbNVJa6iLWMJHWroU0qKVljiLoX8AYkJsclJtD7_joLtGatdXhh_pe0UtgXQV1mmN7Uuvh8V1xy45K_mk20cqkvXIiDPQc11VSrdlC2UCEr-DeBQsHPArUd3uClB2f8o37BplowQBmmhXcOnJywHCEDt3TcJ9vnvZnLY2WC6l0o81ZHKcrDT95IS--SedGsYS8ytgRY1i5EU7Hr2j6w1XTy16sCs_4Lv7rLBPZgcmqK9h0iCY3YSoLp4eSeJ9tGMI-6r_PUS5pFtk6bmDS5EP-F26yVtloi-o5CUY-1NUalDFcgnMpezzUM3GUZAxveqH9abve9Udnfw7lbEsfWji3hMm2S40iLh55yLtIBGltU4IlaRQ1qzsQqwkA7VJ5iaa-huKYY_hwOb5OXvFMPrK6bdzk02Bn0Zq_7beCfBMYqy-hVhdzZjoQkhrimnMSunjJOO5tN5AuyftPvKxo8JjvEV8AOmmZulJJgsCpprV17hmH3Zk3RBesHZjYHEuzbuqaHTM-0ef1PQE1Ol1KI6iSX3waa_2GLNe30RNqI0h_qsiY0x0KOtB3zFJyTGoUrcLIkc5vdZEoDvzAm5GclIWKh0wUcgitcuSNhNJrbfeY0d2ujAaa9OVXblsEOD2OZh5CBYwcJkJEy4AZ3FqtdYNBrGLVngfsrTnK6XAAMaGeiSRcB-BazYV4bdlyy2-R5y4KSiM60hu5sz9yptoq0NQ&cid=CAASEuRoGQZJPRKNz6Csnl4frtvtYg Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1bbb1cf040948bea2829656ed20814d5ecabdeb106bff79cad43af8e6ed78161 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:20:35 GMT content-encoding gzip x-content-type-options nosniff age 1349 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 8953 x-xss-protection 0 server cafe etag 10862945726693812791 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 03 Mar 2021 12:20:35 GMT
GET H3-Q050	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 5A4C	41 KB 15 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTNqExPAsqxv4-X-5XiLSYAwzBwXVMEQWkdp6geggFyO8jISAcl5FChQLHdo_AcYUdsFTHu_gY0V_qV2bnH3UVY0R0ISXEuTPudTziHq4vJpdxwbrwStXFx20zsmnR3kasQIHD5a4eBGEDKabWCV7oUVlBPg&cry=1&dbm_d=AKAmf-CJmRr7T7XekZNjMe2P4TySb6Pv8JDeJey33e0uwbUpQYbnmKSAz1o3aJVTjEtJ2mECpDmf5Rr8tNFI83EXvtdQ-cMK3qqua70Bd8h2sqBBgbyCVfHBSnCEFWTQto47lkCaqEd9V4m5UDPV3lGOaIpVAlp0Vc43PkrPh2QqUn-FPlEjNNdSIAVaBsDlGpuekAUwxOADTu3es4fx1P5MmHHDv_YxKpU2E2l20F-B0VZab_Iy8H2_dCT2jvqNB_APOuKpKO-nq93r9Ov2e8rD0uZ0biO1RdDnJy5Lth9l00XwPoqSPcC98TSvkShDMerOtFlNbN_YjmZjmpeuMxmZya9f5SLbtVbRkAyb9jhoJC27c6ZVR14Mw0NC2Xwl3lPegEmW9VJ51sVt_UuhwrUqnCKeacr-2Xmrosvk3x2t_aadK439EtyQEwqTpppG-4mrO05GNKqOkO-z6_pKi6pLuTZlIQoC76AJBrUAOfTTiXXUQ4ZYcPtZIpLkA7xwmaUSkLFiINMpveWJG51lr_s1p5lF4QFHCUyUK3Wh2KS4NEBY6oPIZP0epv8E5CywAUOVmI17Wz4lPhMhCX8ObxXZKLgs_XYZVhif-SQOrB-V3IGorPChPh2lFu9MwZpBsE0pjjh4eXmsNxWyumAqNjKTvX4vAdePkrm5hDrylA64pPocbygR_jZktNdIptEb-mO0zm18kiXww0NIYr44G90wmy5mYMb3lEmp_YaMF1orP0GWlxnTbLKN9-08rl3pmIa0-KNFUExtYfiJaPEaN6kpbUdFChZUl0nLjW2nCJLvjdfHUc_b_kxgKcFskrTQPU30Jj6lrQICDvJHs0-3ot5nJ9CzROZdBMitRmtEW1yOggoT3ZNRVERFkNv2e-dZe2XcveMQR3vydweOFxZhO21NJcKiMSeGg_h5LsxWDLP0PjjBQt8bqrrvJN3yw78h5lKej-wzY4J-gopvfL_ecP6sjpUg0ZyXuCjGCB8mYMQS98_XpEihJeYppFfmPrm-UbgzOLnqLLqTDKZf5X6njU1hBk7VzuCd4_2nzsqNaCj1VzJz7zf0FiDDcaUIjy5ni5tsH2Jh3PQOtx-fy4bpZ2_r3L1UyjmeJCSvU2rSgxI9hKORpxW8EJ91d08s4U8rKc9jucunYXBhUptuj78LzleOWOzOntiruH_tVRAs-B6lNmKj5QQU6da9y63oKzZNJSizEvCLTKjUM_PRJU41UsyLLP6Vaq63UuqhazbVv-1e1_C0woQWJjoyWVDwATugDv6-mrZPUSaEqh8BxQ4OCnhHobncHlh5-B2gonMP4raoy6XxJd3Mlvs1q-kgjpAd7J2mQMM4XoDxLMiJunzBI8P46SfXhqN0NaktTajPaw9N18hndixnESDIxgqhlhTsAO7svGY2Fat6ka1X453GxS0V4ukkaOrygbCzEISU6NOfXOJDLtIu2xYqpZpdoE80HwXYrPqxWmZkBKS0qv7vcIIiKtPNkEq9FcTU7kvjxXuEoIvQyUt3Bo_2TNJ-GLJRxogSvUcGIOu2QOCfHxOf5PWkf9XR4qQauOVhKbGr0yphPdBpkvvdOPxDNv_VTDO5y73GClUW8rPy48xek_15iRWx6yPi1y0ic7dkrN7Mfc9fz3dLhl7EvcA12CVxCFYMSDxHb6MIdBGk0_Bi7ilu4h8FIL2bpUTLUSu4gJ8zdQoaB9DSuNt1m3GZT9nuz1AyhIS_PDxQVgZFGc_3KoPPRDHB3Fki0fOmgq2eZSnzbDj0v1DygW6uvjzYSQfcuGiTXLwFePYYr2acU79QH9Kf8DF0o8mOII_GIGJct7g3M_qJ9fSclvPb54sRkd7Jxnw8aC61r6Yx--6QzLWVj430DT7YYg0ppxsmrlOuitE3VCvHpTXKPwdewsuqGF5CojAwPM_FokNDs94FbQnur6oDZ6SOeW7J6SizIOFb6xnvpHart509DhEpMy90k009cNwMu2Hy4IwEKOh3iZ58Z-qtN__FwPXAE4ZiYutofel0HlxG1lolI-OJyRCxLrZFlPgYfae670dlz_oSrclzY1mkdJfi3nbO4QXqetOANZ4RKkLAiHW3DXy6yfNO4J2dYX_EjUthpTVSO9KiEyyOoQxXHXkHyAvOEnGQCaAw9VJKxV957nNaTadNe5ce_51Q4bodVLCjD48gBTfKFS7K18SlXUcnefqi5SLnHwP0S3Pc2awgQ1QEEe9_-1j-Eb_SNOs3AQDtdfiAszSDIW1gW2grv4vx2P7ZvHoDyXJg_PtI6inxfAjHQLbbLVfQamLfcyX1YBoJK4AaDigkTOyB3Fjb8nnlCL8GyQCVY2PSyyegkDH_z-RTR7lKHhSay5_D_q3dfOeU6yGNY2zpz_b3Lr17sspNIdhPRG0zRalE0wRtB9dpxEb78817LVRFtmMRkYuz5PH-JuksmBIjCpbNVJa6iLWMJHWroU0qKVljiLoX8AYkJsclJtD7_joLtGatdXhh_pe0UtgXQV1mmN7Uuvh8V1xy45K_mk20cqkvXIiDPQc11VSrdlC2UCEr-DeBQsHPArUd3uClB2f8o37BplowQBmmhXcOnJywHCEDt3TcJ9vnvZnLY2WC6l0o81ZHKcrDT95IS--SedGsYS8ytgRY1i5EU7Hr2j6w1XTy16sCs_4Lv7rLBPZgcmqK9h0iCY3YSoLp4eSeJ9tGMI-6r_PUS5pFtk6bmDS5EP-F26yVtloi-o5CUY-1NUalDFcgnMpezzUM3GUZAxveqH9abve9Udnfw7lbEsfWji3hMm2S40iLh55yLtIBGltU4IlaRQ1qzsQqwkA7VJ5iaa-huKYY_hwOb5OXvFMPrK6bdzk02Bn0Zq_7beCfBMYqy-hVhdzZjoQkhrimnMSunjJOO5tN5AuyftPvKxo8JjvEV8AOmmZulJJgsCpprV17hmH3Zk3RBesHZjYHEuzbuqaHTM-0ef1PQE1Ol1KI6iSX3waa_2GLNe30RNqI0h_qsiY0x0KOtB3zFJyTGoUrcLIkc5vdZEoDvzAm5GclIWKh0wUcgitcuSNhNJrbfeY0d2ujAaa9OVXblsEOD2OZh5CBYwcJkJEy4AZ3FqtdYNBrGLVngfsrTnK6XAAMaGeiSRcB-BazYV4bdlyy2-R5y4KSiM60hu5sz9yptoq0NQ&cid=CAASEuRoGQZJPRKNz6Csnl4frtvtYg Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 15:12:33 GMT content-encoding gzip x-content-type-options nosniff age 77431 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Feb 2022 15:12:33 GMT
GET H3-Q050	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 0470	23 KB 9 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtU1zDzCdij9cDrU73kFIl_5wdF4fBGCZk7VZbS-tL4jbY5btWOqNtw77ELMs94OlGm_CArRHioV-Oelm8NOM_rjJWI_HJcdYPwTpP8p-aIHDg8UjE5BGnxWoKom8mfBoJC4W6CzFvk2g9QV2oFnZ32USLwg&cry=1&dbm_d=AKAmf-APuiKWwzBW1my99wKpXXvWDkP_cY9axwxZKIRDXFZ85lyBkIyF3zJDMUCWvdiWIpy1UQYeiOqTza0AwkBWXMkzaTZcorD-Irwl4MhvAz97ng51ZIt2Vu8ZZNeSBnypzYSuSxSLd1Ya4BxE6z1ZFIg42k9qIl4PDYCzv4sz0IjVHBI6_CCeR1oP-MAFpfMAUnLWI6UaAY-8gaVhGJddBTYkYi3OQbthZMorI-Uu6HURJhH-j0uHx5cacmzRIdu9uKQKu-fz8-fEgulsAiES--TRP1MGztq5RjWfJzKQaRyIdsi8MahaVxcYnLwYhIpSZEOB52MlfybPCSrMdaZVM-m-1uJYIIxqCufqTOLeB75gcVoHdEoqpbTqM-C6QFkcry7Vp_Kj4OowRfKHeAICcQJMDt2fhqDaoGucSmxV8P4ufeOqopuAfTlxLNpuvjvatpUqWob03fqNtxJMDiLmf4XZ_Y6nWNhsIr6NIeHXHw6kitubMprHVbfxsTpMf62gNqxXHbIterZUn_Zuv-Vx3p0KCVfwLSsBKV_IqThX3pksSCENQYWSVm2yWcdiGXwtQbAYt5jtf7ZxmXdIhuOM_X9N5NJi4bXOPAurE3NFdCiXL19Tm6SbnzIo-M1RjWNcmFuD61zSat3-IFdG5FX4wDkjOjFSD4bnjvYLtKOKALfHEb1UTdWmnYf_uR6r6tQWBmKTaIBOTo9pmaAWiLiA_Dym1kPLr1iA2Ocjj8ExIOb7fzNKNW8f8ray0SLtJxwKDrHUELB17kpowIwXdsElZrTnYzzzjz7cYI6DOFUP-OjOny_nNWJnxKTYpC212FLKaDFVYUu35V6g9V8quBNDsrc-OY-mGfVdJFVyRbTK76BjcHsDEf77_NPY--w_Mh-wQ_6VpbBUMXwS0iiMwLyuN2pxw7DT3YTW8Sd9-zzrc3j-lDv1jOvOUpKdt921Ehbyj126Rwv1LszbCPWmd9NkWw50ywzlKmtHblR6H0K3LEsq_KCrVeXygJ2mxBsZkAPVGwxhc6__ZcivIYXuAQqcfeIV2H8tI4aoHAEr0kVUfWAvKKDtGWh0bedhZm01BpedjhEbfquAtbUJ9yoshKn5uD69AcKHvq65O-iP2KDIzYMqkWKMiQt6yCusuBgwGTwl6DiKDhWEi-etCce_1nuQADiw0qOEHeCkIDwNu80ugFCbo3fKsoLRIAK2AjgiWeiEkO_2pZ53B3S7ehXLYlou9V6MvsgUpaUaGKCnqxCfqpC661uifrz6kADcaystaDMSufCvEutUJuz_GugDeuhIYebA28sxcl3jkg8DuoUadlifuVavQxwkrogXOHylX6BwcuqFAmkHvDoOOBNx0Ga9Nee-_aQROkYD1VbZiSc9ffXV5Sp54ZttSNW-4Gyvwr97tVktOhDpk9Uz4SUbCXt1xOuN-R9eek2fAL0eyI4QdTjsob-mpRY7VEqdNWdMnpVC7PxPiPdghO84OEIXqn1Gaya8Pf-6YgNRe7QDTx3EuAGAOgojP6qXJavJPbKaaBQm6LXzvP5fNSvv-5g3sS8hAEH4-JFNE4U22HfiZUSwgnrK2XwOjZJaJvCGq48QtAvbIsXkKCPASobpHC7QH_Iq3s4b5gRCVJCqpzv_LLcZkVe2VSOxjo_aFcbLcncEJvV6DL4icrnijFiIybZFR-aoQm4I2lM7ZN9_hWYa0bymj3_PRxqamg0dUXPHkbgPSKijc8bogBVJq3j8PHdEYjbp3tEowKMsh2oTTdRQKlX6M1SjmVZcof3Jy5bykwfLbbZIa7TVYINeeO0CXlh7ZcrnAjslv8HvWON2crVwXKqktAYApBkGLD8jPt9pHL4v2QUyq-iPhLNdUhfIQuUUmoIxXNs2aj4fUNiDk7ESkgNifN5dIfHvnvqYjjy1wLCSCBTgHXL4kYmf3qAC_Al8X4L4NWhDtOBQpMZ1yuToqRL9URIi5HFN0dp75i7X2yOZBXtBQNf7wN1uYelmiDx9GDEjBzAT3TxewY9w6qjY6ozEM252_fiACpTYOF4jzmh047NdIa6c0vdSeutPPbwR55nYKDoSP9BrqxIkdY3hNccSD8Gii8NASdZaYQ0NXZnITwVjdDSYJRd3qSbSyN6mdRNbiw8knSRHA3yWVzI1mvIosTLfzOVQbFUBkM7KrH02vkVGF5xoaOsH7yX9-2cU5s_NRdBfQKVf_3QWdqqh-r0jLHqzKP7zR7ELEczLKpM5-uKBX-JV02ifqpG1M_95X14aDRndZa-q3KNEgP37GyJN-Opf_HbqMDGa7bSrkHKyFw5RjKeNWWj-s6ztn6LRzIj6dGfuYyizLPo8XQzKvzybgEYhk3mh6ybtq2KqsBzLD0jc62kVZXYGRr7x5p8zxoUDd5NqEBjVuHTQjKjuFjTmgaiNFadAHDLs4Rg4jf1u-lO1sYBxmqKZ8Q6glzjKYWT2qBXwsYA0unGqnhibUzdlqeQAnOEEatdDXya3s6yjYxbbSQLQnFTGJi5YRxwq4BPMIxTgcTtVR8y1Fs7XHKnJjRcqiGa8el-qsAwIAGSam-EgkgZZXKyDxvgcO9GfIURf2J3giGpJ4rgAxWUihpD4PMx678kmndssKeqmVfR0lGbZ-dtSvOYsL7L9sXPlgwFjRNuCwNFnA0quLR4gYEfaTKv8q2jX1f09AYbeKjieof6zxlLIe0Z07AhVagXC7uyAQ9GpF-TmGK3q-_9zRjcNI02B169ooT-upOCshPdFQiwiIUtjsvFXJLEFu9ZoFvjlm5GGBicptlSOvlwg3h6-rBRExdd8XBlIRp9OZpOiOwvRxiZgE2JSuYCJQTUq_iJr6vKllmbrUsXnCMYwgHbaESYCL3N2gU2wENyxk6RJZxDOgsnuFysQ9DP081GW8Ax1RFTfYxgox-PoGcYoUwUPmiVAogjrtk4qsAIwRkXNe02Fdo7TrQYciJis0B6MoAe5SrfwsuNugzWz0aYO8k7Muc4pjKTN_j6Sybq2OGVyeTbNdt5aKcnBO2Ho3XYEIpRnlMIFPV1OOhiHDW0x4hvC7M_mwY4-KMNFzBqEEBXS3rVv9cQKz2GUxr2w_mNBJJynQnrmQthbbe9ZCQVibJv1Pz1hUq68UBV9qfQLXC1VhAQ1JofkKhhZeQIpY3TtA15UHIw2t52w4-zL3vD2iNF80RpCqfvA83k&cid=CAASEuRos1YRGeXjIgVMjrExqUMUmQ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1bbb1cf040948bea2829656ed20814d5ecabdeb106bff79cad43af8e6ed78161 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:20:35 GMT content-encoding gzip x-content-type-options nosniff age 1349 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 8953 x-xss-protection 0 server cafe etag 10862945726693812791 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 03 Mar 2021 12:20:35 GMT
GET H3-Q050	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 0470	41 KB 15 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtU1zDzCdij9cDrU73kFIl_5wdF4fBGCZk7VZbS-tL4jbY5btWOqNtw77ELMs94OlGm_CArRHioV-Oelm8NOM_rjJWI_HJcdYPwTpP8p-aIHDg8UjE5BGnxWoKom8mfBoJC4W6CzFvk2g9QV2oFnZ32USLwg&cry=1&dbm_d=AKAmf-APuiKWwzBW1my99wKpXXvWDkP_cY9axwxZKIRDXFZ85lyBkIyF3zJDMUCWvdiWIpy1UQYeiOqTza0AwkBWXMkzaTZcorD-Irwl4MhvAz97ng51ZIt2Vu8ZZNeSBnypzYSuSxSLd1Ya4BxE6z1ZFIg42k9qIl4PDYCzv4sz0IjVHBI6_CCeR1oP-MAFpfMAUnLWI6UaAY-8gaVhGJddBTYkYi3OQbthZMorI-Uu6HURJhH-j0uHx5cacmzRIdu9uKQKu-fz8-fEgulsAiES--TRP1MGztq5RjWfJzKQaRyIdsi8MahaVxcYnLwYhIpSZEOB52MlfybPCSrMdaZVM-m-1uJYIIxqCufqTOLeB75gcVoHdEoqpbTqM-C6QFkcry7Vp_Kj4OowRfKHeAICcQJMDt2fhqDaoGucSmxV8P4ufeOqopuAfTlxLNpuvjvatpUqWob03fqNtxJMDiLmf4XZ_Y6nWNhsIr6NIeHXHw6kitubMprHVbfxsTpMf62gNqxXHbIterZUn_Zuv-Vx3p0KCVfwLSsBKV_IqThX3pksSCENQYWSVm2yWcdiGXwtQbAYt5jtf7ZxmXdIhuOM_X9N5NJi4bXOPAurE3NFdCiXL19Tm6SbnzIo-M1RjWNcmFuD61zSat3-IFdG5FX4wDkjOjFSD4bnjvYLtKOKALfHEb1UTdWmnYf_uR6r6tQWBmKTaIBOTo9pmaAWiLiA_Dym1kPLr1iA2Ocjj8ExIOb7fzNKNW8f8ray0SLtJxwKDrHUELB17kpowIwXdsElZrTnYzzzjz7cYI6DOFUP-OjOny_nNWJnxKTYpC212FLKaDFVYUu35V6g9V8quBNDsrc-OY-mGfVdJFVyRbTK76BjcHsDEf77_NPY--w_Mh-wQ_6VpbBUMXwS0iiMwLyuN2pxw7DT3YTW8Sd9-zzrc3j-lDv1jOvOUpKdt921Ehbyj126Rwv1LszbCPWmd9NkWw50ywzlKmtHblR6H0K3LEsq_KCrVeXygJ2mxBsZkAPVGwxhc6__ZcivIYXuAQqcfeIV2H8tI4aoHAEr0kVUfWAvKKDtGWh0bedhZm01BpedjhEbfquAtbUJ9yoshKn5uD69AcKHvq65O-iP2KDIzYMqkWKMiQt6yCusuBgwGTwl6DiKDhWEi-etCce_1nuQADiw0qOEHeCkIDwNu80ugFCbo3fKsoLRIAK2AjgiWeiEkO_2pZ53B3S7ehXLYlou9V6MvsgUpaUaGKCnqxCfqpC661uifrz6kADcaystaDMSufCvEutUJuz_GugDeuhIYebA28sxcl3jkg8DuoUadlifuVavQxwkrogXOHylX6BwcuqFAmkHvDoOOBNx0Ga9Nee-_aQROkYD1VbZiSc9ffXV5Sp54ZttSNW-4Gyvwr97tVktOhDpk9Uz4SUbCXt1xOuN-R9eek2fAL0eyI4QdTjsob-mpRY7VEqdNWdMnpVC7PxPiPdghO84OEIXqn1Gaya8Pf-6YgNRe7QDTx3EuAGAOgojP6qXJavJPbKaaBQm6LXzvP5fNSvv-5g3sS8hAEH4-JFNE4U22HfiZUSwgnrK2XwOjZJaJvCGq48QtAvbIsXkKCPASobpHC7QH_Iq3s4b5gRCVJCqpzv_LLcZkVe2VSOxjo_aFcbLcncEJvV6DL4icrnijFiIybZFR-aoQm4I2lM7ZN9_hWYa0bymj3_PRxqamg0dUXPHkbgPSKijc8bogBVJq3j8PHdEYjbp3tEowKMsh2oTTdRQKlX6M1SjmVZcof3Jy5bykwfLbbZIa7TVYINeeO0CXlh7ZcrnAjslv8HvWON2crVwXKqktAYApBkGLD8jPt9pHL4v2QUyq-iPhLNdUhfIQuUUmoIxXNs2aj4fUNiDk7ESkgNifN5dIfHvnvqYjjy1wLCSCBTgHXL4kYmf3qAC_Al8X4L4NWhDtOBQpMZ1yuToqRL9URIi5HFN0dp75i7X2yOZBXtBQNf7wN1uYelmiDx9GDEjBzAT3TxewY9w6qjY6ozEM252_fiACpTYOF4jzmh047NdIa6c0vdSeutPPbwR55nYKDoSP9BrqxIkdY3hNccSD8Gii8NASdZaYQ0NXZnITwVjdDSYJRd3qSbSyN6mdRNbiw8knSRHA3yWVzI1mvIosTLfzOVQbFUBkM7KrH02vkVGF5xoaOsH7yX9-2cU5s_NRdBfQKVf_3QWdqqh-r0jLHqzKP7zR7ELEczLKpM5-uKBX-JV02ifqpG1M_95X14aDRndZa-q3KNEgP37GyJN-Opf_HbqMDGa7bSrkHKyFw5RjKeNWWj-s6ztn6LRzIj6dGfuYyizLPo8XQzKvzybgEYhk3mh6ybtq2KqsBzLD0jc62kVZXYGRr7x5p8zxoUDd5NqEBjVuHTQjKjuFjTmgaiNFadAHDLs4Rg4jf1u-lO1sYBxmqKZ8Q6glzjKYWT2qBXwsYA0unGqnhibUzdlqeQAnOEEatdDXya3s6yjYxbbSQLQnFTGJi5YRxwq4BPMIxTgcTtVR8y1Fs7XHKnJjRcqiGa8el-qsAwIAGSam-EgkgZZXKyDxvgcO9GfIURf2J3giGpJ4rgAxWUihpD4PMx678kmndssKeqmVfR0lGbZ-dtSvOYsL7L9sXPlgwFjRNuCwNFnA0quLR4gYEfaTKv8q2jX1f09AYbeKjieof6zxlLIe0Z07AhVagXC7uyAQ9GpF-TmGK3q-_9zRjcNI02B169ooT-upOCshPdFQiwiIUtjsvFXJLEFu9ZoFvjlm5GGBicptlSOvlwg3h6-rBRExdd8XBlIRp9OZpOiOwvRxiZgE2JSuYCJQTUq_iJr6vKllmbrUsXnCMYwgHbaESYCL3N2gU2wENyxk6RJZxDOgsnuFysQ9DP081GW8Ax1RFTfYxgox-PoGcYoUwUPmiVAogjrtk4qsAIwRkXNe02Fdo7TrQYciJis0B6MoAe5SrfwsuNugzWz0aYO8k7Muc4pjKTN_j6Sybq2OGVyeTbNdt5aKcnBO2Ho3XYEIpRnlMIFPV1OOhiHDW0x4hvC7M_mwY4-KMNFzBqEEBXS3rVv9cQKz2GUxr2w_mNBJJynQnrmQthbbe9ZCQVibJv1Pz1hUq68UBV9qfQLXC1VhAQ1JofkKhhZeQIpY3TtA15UHIw2t52w4-zL3vD2iNF80RpCqfvA83k&cid=CAASEuRos1YRGeXjIgVMjrExqUMUmQ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 15:12:33 GMT content-encoding gzip x-content-type-options nosniff age 77431 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Feb 2022 15:12:33 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 4495	170 B 243 B	76ms 71ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&google_dbm Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY78rPkAEwAQ&v=APEucNXmevSlmV63OL6c5aOjUQGMZwtI9IqG-lIOxrDFIoBGctg67aXf_sQh2wcHobtaRKPr7Dki-AFm4LJQSBH6Q0Ic6i3hbWQygPEOEG8jykpfZ2m4RHTnENTf4WottT0iUn0tjyVM6umvQAC1FtFLDth8mk0eVnlzdY0kj5AgJY-zrSW6RKfSDEtO8R4QailDYOZO8gzKUheGWN8IC3Kzrq4irm4Fxw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY78rPkAEwAQ&v=APEucNXmevSlmV63OL6c5aOjUQGMZwtI9IqG-lIOxrDFIoBGctg67aXf_sQh2wcHobtaRKPr7Dki-AFm4LJQSBH6Q0Ic6i3hbWQygPEOEG8jykpfZ2m4RHTnENTf4WottT0iUn0tjyVM6umvQAC1FtFLDth8mk0eVnlzdY0kj5AgJY-zrSW6RKfSDEtO8R4QailDYOZO8gzKUheGWN8IC3Kzrq4irm4Fxw User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:04 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 4495 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJmRSR5jWRygye51Q47p73k&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJmRSR5jWRygye51Q47p73k&google_cver=1&C=1	43 B 1013 B	807ms 806ms	Image image/gif	23.218.208.246 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJmRSR5jWRygye51Q47p73k&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY78rPkAEwAQ&v=APEucNXmevSlmV63OL6c5aOjUQGMZwtI9IqG-lIOxrDFIoBGctg67aXf_sQh2wcHobtaRKPr7Dki-AFm4LJQSBH6Q0Ic6i3hbWQygPEOEG8jykpfZ2m4RHTnENTf4WottT0iUn0tjyVM6umvQAC1FtFLDth8mk0eVnlzdY0kj5AgJY-zrSW6RKfSDEtO8R4QailDYOZO8gzKUheGWN8IC3Kzrq4irm4Fxw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-246.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY78rPkAEwAQ&v=APEucNXmevSlmV63OL6c5aOjUQGMZwtI9IqG-lIOxrDFIoBGctg67aXf_sQh2wcHobtaRKPr7Dki-AFm4LJQSBH6Q0Ic6i3hbWQygPEOEG8jykpfZ2m4RHTnENTf4WottT0iUn0tjyVM6umvQAC1FtFLDth8mk0eVnlzdY0kj5AgJY-zrSW6RKfSDEtO8R4QailDYOZO8gzKUheGWN8IC3Kzrq4irm4Fxw User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 17 Feb 2021 12:43:07 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 17 Feb 2021 12:43:07 GMT Redirect headers Pragma no-cache Date Wed, 17 Feb 2021 12:43:07 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJmRSR5jWRygye51Q47p73k&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Wed, 17 Feb 2021 12:43:07 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 4495 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YC0PWzX3O4HIWW3YX74PfwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGSwv--_uuwDjL7Om8WEMOE&google_cver=1	43 B 892 B	274ms 273ms	Image image/gif	23.218.208.246 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGSwv--_uuwDjL7Om8WEMOE&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY78rPkAEwAQ&v=APEucNXmevSlmV63OL6c5aOjUQGMZwtI9IqG-lIOxrDFIoBGctg67aXf_sQh2wcHobtaRKPr7Dki-AFm4LJQSBH6Q0Ic6i3hbWQygPEOEG8jykpfZ2m4RHTnENTf4WottT0iUn0tjyVM6umvQAC1FtFLDth8mk0eVnlzdY0kj5AgJY-zrSW6RKfSDEtO8R4QailDYOZO8gzKUheGWN8IC3Kzrq4irm4Fxw Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-246.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY78rPkAEwAQ&v=APEucNXmevSlmV63OL6c5aOjUQGMZwtI9IqG-lIOxrDFIoBGctg67aXf_sQh2wcHobtaRKPr7Dki-AFm4LJQSBH6Q0Ic6i3hbWQygPEOEG8jykpfZ2m4RHTnENTf4WottT0iUn0tjyVM6umvQAC1FtFLDth8mk0eVnlzdY0kj5AgJY-zrSW6RKfSDEtO8R4QailDYOZO8gzKUheGWN8IC3Kzrq4irm4Fxw User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 17 Feb 2021 12:43:07 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 17 Feb 2021 12:43:07 GMT Redirect headers pragma no-cache date Wed, 17 Feb 2021 12:43:07 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGSwv--_uuwDjL7Om8WEMOE&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 0B3A	22 KB 8 KB	9ms 8ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Tue, 16 Feb 2021 15:27:43 GMT expires Wed, 16 Feb 2022 15:27:43 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 76521 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 2B1A	22 KB 8 KB	9ms 7ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Tue, 16 Feb 2021 15:27:43 GMT expires Wed, 16 Feb 2022 15:27:43 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 76521 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	0k1uvb5ne9s9 Show response hal9000.redintelligence.net/zone/ Frame 3AE1	11 KB 4 KB	185ms 59ms	Script text/html	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/0k1uvb5ne9s9?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjY7-Vw8tYNCZKMfU7_UP2NWJkAeBiOHUYPjEm9PSDPAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTiAU_QWEOZLQA7XS5hq78l6c4N7FTRGS434ZOEQab3eENFjv30SwNMrdcdE4CntDd7GeKryMGrmNO0LO4fO9lQ-CQX7QlPUnbJHN1FRSDkeTbFlwyZEQWvEMYANvrGZebx1Ws4OFwjVvNffjbJF-0eyrj2-SK4gkpQyHe3MYuWTxCNXIYLScD43QekuWj41-u299shi7UCCU4I5WzTmVjljEI5CvGEwdSKG1hqjZglbYJILa-W9Bg8o-Trv5xJ_4kwQyEWWHrEggTp5N_zn96YhZ1xGPGKuo-SREPwEg6zo6PzYYnABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoeCxd9vlLsLN2wFvj7nYEjQ%26sig%3DAOD64_3V5R3ukiLSvAxs2Jc6Cpd1guRMlg%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-BdvTh2weBsBxG8i4ZWUW4Cu1I5iR7iMyFqy40lgUuGvvzpsUi82XfRTUlmPos_pnbUPR8IYbLB4WOyC_vsXwCG1beLnjByUuk0_E7PCy8rRMy6h0zdw9nGI2BeLZmIzmgoqmmCgkRE8IVzJCVdJcDDmD5VIg%26cry%3D1%26dbm_d%3DAKAmf-DvaW7QT7yNz2ow1lrDNO0ZsnCYCiGLmgPbIkiYoK4nAGEtSWYF7i8XTMoJorV6LkHnkXZ-56KP9s2Y8Z7P5lfV5IT2gTPc5Enp7r4boO_raCzqXEV77ByKO0YXK9QvDvTtrpwbKS0nvaaCygvuFmgWhDYkTmqggsmKVBzuekHiyiLMRGVPBi13mkljuUoOR25KiuR00vqg2yAdlUfXUq4ToSvoSDf43mQd7CSgGb-0tl_iKKmOVxFuly9T-A3ViLr64u6slMmqeohsQk5iIEeyAonc4r6eB8npV170vlYqESh1OO4s_vY4lCc6k9o8numTONayHaup5pC0guLHHZYU57tIpypAFh_sXv-Iwofm6E7WmKLvicc8gtoiQJflMJePZcX8EsTzuYQv_aZh95E1NnLxx9jSC2keL37DUAAYB3jYd7uj1MQO2ULX5MXM54dFyAGQlgLh5gYlt2qQzqpSoscv1w%26adurl%3D Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash b728826e645eb7ca08ff85376136bd210164638a7496428be0ed1c0936806532 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:04 GMT Content-Encoding gzip Server Apache Connection close Content-Length 3880 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H3-Q050	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame A9AB	22 KB 8 KB	10ms 9ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Tue, 16 Feb 2021 15:27:43 GMT expires Wed, 16 Feb 2022 15:27:43 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 76521 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	kpiwv0qvkluh Show response hal9000.redintelligence.net/zone/ Frame 5A4C	11 KB 4 KB	188ms 63ms	Script text/html	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/kpiwv0qvkluh?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-oV6Vw8tYNGZKMfU7_UP2NWJkAeBiOHUYIvY5umWCvAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTpAU_QwVtHBzrRsKwvabt1ZUmWCqAS7DGCi8MP0lufHfa4FVXDwpchMXiCM98P0v07Dh9sbUdDx4HTSKhjyU3lfsAA_7W7ziXHAkafLCzb_i6XopwaaX6xPYEyumL5ZdcOqszRB4nUYj62C7MbYOp6XcY9drrsaXU0GbB7HgCW5kxZTD1wFIWmX7g75N59GG0QPXEU2TT4k9N7lXn1jtR2qPORlWhEYQXbfT94KSLwWn-sUa8lVfuwUI2x7roAFKvnd4l7P9TVNBVC866igIjbC-D0Ir185D5SUTHft5rW5h6pc6D5kF_XDBrNwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoGQZJPRKNz6Csnl4frtvtYg%26sig%3DAOD64_13IwzhUh5Yb--yAIIOAjEJyKTviQ%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-D1C9Z3PnHgbYLzvppR-G10UyCR4TTRseOGmY0smibSkJzPqZ6MXCNaw2J0y2Xg8X5C8JSQjldrbm4qptHqsyOP5knI73T0qC8UfstyhSf9kN8aDQpb_ScTWHtswBlC_JGyRCasr-huEatqw_UawW3CQ6a-QA%26cry%3D1%26dbm_d%3DAKAmf-Cg8jqYXMI3x0l5MaL_t_CC_AFEoY8WKtAo3BuqmnxI5TGFgLOM1zY-5c-eMXnygud8a-34tzDLHwUHUKD0u5W3Bl0SRIf0Sc7XXTPFPma5PvoIE0SZdnH0mwQ22QP21plJgssvf1Z21MzGVxIv33pgBetIR-xsdT18O5DAbppQIGgy3dTGeJJWX4PdqdXxJGp4Uehh1G8_XvuPZF4JBRKwydTxeG6b-IeK-E28MpdEh-OvoyhSi6I6yEE2RmoCQz9Zhr4ehU-1EIZES18n7wnN_qNkF6k8iGe6Mh5OG5W9ld02F0XCu_fXSDXkw33ThnHFx8kBnlV1GTmo2zeSuPNHUJdvuXN7tVZf4g1QZOEuXUeTZJKYdlGLsbQTHRICQidFkuu0woMzHqXp4c6jqlUeKKNVzmC72augISoEsI6HVV5sIObSsTY__f_IdFNZPrGt7AoZ1W8MCLAV_nry9yVi7kBQgA%26adurl%3D Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash 051121216f7895222cefc252cd1ce284782f969fbd12e627a828be790d875575 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:04 GMT Content-Encoding gzip Server Apache Connection close Content-Length 3890 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	kpiwv0qvkluh Show response hal9000.redintelligence.net/zone/ Frame 0470	11 KB 4 KB	182ms 59ms	Script text/html	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/kpiwv0qvkluh?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjKpdVw8tYNKZKMfU7_UP2NWJkAeBiOHUYMvAsePbBPAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTpAU_QPGXTLUhEitIdUX6dzuilN5R3NAaAo1978HQrmpkEjbJrFf3vLmLAz5MOlxDl3ddb6xak_5-iHmUJSx_C_-vxk2CViy12HgwncleC9tj_DqgB0umdVujyGB-_Um1e3uWofewakVfyew0apBbH2ULh2KF_e6WISVy_V672G3wwRyX95IjT4G8AslDBZZxuAHIxmNeX-SIUIX6XZdMbjPJLU7fmxxWAbfgMZ4cE0beyy_FMP8LzJhEEDLyxYLbZFOMcXj6DsgNr6yrBQypXLzY8EVrLZqY-kinJ1gwEJa6u4ckuRDQxPv8DwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRos1YRGeXjIgVMjrExqUMUmQ%26sig%3DAOD64_1UOHHrVGLKO8O92tkq9e-8DB7cZw%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-B47tBEQswJYfWTxch-C9ZFjH-1GUtChcoCxMT3YyMIH6tJETEF5repPXs8HiJO__zrokO_6dm4ei3U4or1jOoM4PPZvndJXP8qc2UJIK_w1VSrRrK85ifbe14bv7-OsX1MwoN3ydVhWFTSJNdsgLDRyfaRkw%26cry%3D1%26dbm_d%3DAKAmf-BkycnPgxZ59iP-Ir9DS47pGxbPzIusxmT9zoCsoE_2gNoXGMyKyH4Ulx_da00XqsvMGJMWhslNS3cm8CTaNlFWtwICUzG-hk3s4AzlXYUvQzx7vIdLdUJjminRxoVt2qck5PG0e7_vx-dwtLZYHVynsPu278toAv4rJqbKn0mp9dzB-p_qFCUGJTiNOpmCRZvUkUJbyyK6juob_tQjFkr5JypqqLqy-7_T12RVemKofQCQqIOrYNP03RD-DBvrIW3Ob6siY0Zdv-eAmsanaiO1y3StrtHu56iVIYultH5_QOanuN3t3Yn3KMRdo7zBU0fwQq9YUsWj2ILH0xh4MhNJA5bONNRd6UVuI8rmrikfaonvoun-pUwtyPEH9pixFTMzjmJTlMx79Zq35LrE_1pCsYRLUYQ07IzUly2a0yV26OflihjzWi6zNiw7sFNhc0WrAElFqshCz3bhtvh4QFdLgV7m1g%26adurl%3D Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash 495bfd47be57e9b96e81e13d1585e0c3a6cffa5886b349e862196afca2adb77d Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:04 GMT Content-Encoding gzip Server Apache Connection close Content-Length 3891 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H3-Q050	200	d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js Show response pagead2.googlesyndication.com/bg/ Frame 0B3A	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/sodar/Enqz_20U.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 11:37:38 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 09 Feb 2021 09:15:00 GMT server sffe age 3926 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 6215 x-xss-protection 0 expires Thu, 17 Feb 2022 11:37:38 GMT
GET H3-Q050	200	d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js Show response pagead2.googlesyndication.com/bg/ Frame 2B1A	14 KB 6 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/sodar/Enqz_20U.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 11:37:38 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 09 Feb 2021 09:15:00 GMT server sffe age 3926 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 6215 x-xss-protection 0 expires Thu, 17 Feb 2022 11:37:38 GMT
GET H3-Q050	200	d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js Show response pagead2.googlesyndication.com/bg/ Frame A9AB	14 KB 6 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/sodar/Enqz_20U.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 11:37:38 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 09 Feb 2021 09:15:00 GMT server sffe age 3926 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 6215 x-xss-protection 0 expires Thu, 17 Feb 2022 11:37:38 GMT
GET H/1.1	200 OK	request.php Show response hal90009.redintelligence.net/ Frame 3AE1 Redirect Chain https://hal90009.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=9b7804de5a&subid=&uid=db1f71737c64aa7f&screenSize=1600x1200&screenSizeAvail=1600x1200&cli... https://hal90009.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=9b7804de5a&subid=&uid=db1f71737c64aa7f&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...	3 KB 2 KB	264ms 125ms	Script application/x-javascript	138.201.63.149 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90009.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=9b7804de5a&subid=&uid=db1f71737c64aa7f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjY7-Vw8tYNCZKMfU7_UP2NWJkAeBiOHUYPjEm9PSDPAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTiAU_QWEOZLQA7XS5hq78l6c4N7FTRGS434ZOEQab3eENFjv30SwNMrdcdE4CntDd7GeKryMGrmNO0LO4fO9lQ-CQX7QlPUnbJHN1FRSDkeTbFlwyZEQWvEMYANvrGZebx1Ws4OFwjVvNffjbJF-0eyrj2-SK4gkpQyHe3MYuWTxCNXIYLScD43QekuWj41-u299shi7UCCU4I5WzTmVjljEI5CvGEwdSKG1hqjZglbYJILa-W9Bg8o-Trv5xJ_4kwQyEWWHrEggTp5N_zn96YhZ1xGPGKuo-SREPwEg6zo6PzYYnABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoeCxd9vlLsLN2wFvj7nYEjQ%26sig%3DAOD64_3V5R3ukiLSvAxs2Jc6Cpd1guRMlg%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-BdvTh2weBsBxG8i4ZWUW4Cu1I5iR7iMyFqy40lgUuGvvzpsUi82XfRTUlmPos_pnbUPR8IYbLB4WOyC_vsXwCG1beLnjByUuk0_E7PCy8rRMy6h0zdw9nGI2BeLZmIzmgoqmmCgkRE8IVzJCVdJcDDmD5VIg%26cry%3D1%26dbm_d%3DAKAmf-DvaW7QT7yNz2ow1lrDNO0ZsnCYCiGLmgPbIkiYoK4nAGEtSWYF7i8XTMoJorV6LkHnkXZ-56KP9s2Y8Z7P5lfV5IT2gTPc5Enp7r4boO_raCzqXEV77ByKO0YXK9QvDvTtrpwbKS0nvaaCygvuFmgWhDYkTmqggsmKVBzuekHiyiLMRGVPBi13mkljuUoOR25KiuR00vqg2yAdlUfXUq4ToSvoSDf43mQd7CSgGb-0tl_iKKmOVxFuly9T-A3ViLr64u6slMmqeohsQk5iIEeyAonc4r6eB8npV170vlYqESh1OO4s_vY4lCc6k9o8numTONayHaup5pC0guLHHZYU57tIpypAFh_sXv-Iwofm6E7WmKLvicc8gtoiQJflMJePZcX8EsTzuYQv_aZh95E1NnLxx9jSC2keL37DUAAYB3jYd7uj1MQO2ULX5MXM54dFyAGQlgLh5gYlt2qQzqpSoscv1w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=5779663437274&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1 Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.149 Ketsch, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.149.63.201.138.clients.your-server.de Software Apache / Resource Hash 880277b2990c82ac42d71ea746279db0de3acbecdb0a43ad259e6f6e87ed24d1 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 17 Feb 2021 12:43:05 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 57254600136788100044684011508009 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 980 Expires Wed, 17 Feb 2021 12:43:05 +0100 Redirect headers Pragma no-cache Date Wed, 17 Feb 2021 12:43:05 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=9b7804de5a&subid=&uid=db1f71737c64aa7f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjY7-Vw8tYNCZKMfU7_UP2NWJkAeBiOHUYPjEm9PSDPAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTiAU_QWEOZLQA7XS5hq78l6c4N7FTRGS434ZOEQab3eENFjv30SwNMrdcdE4CntDd7GeKryMGrmNO0LO4fO9lQ-CQX7QlPUnbJHN1FRSDkeTbFlwyZEQWvEMYANvrGZebx1Ws4OFwjVvNffjbJF-0eyrj2-SK4gkpQyHe3MYuWTxCNXIYLScD43QekuWj41-u299shi7UCCU4I5WzTmVjljEI5CvGEwdSKG1hqjZglbYJILa-W9Bg8o-Trv5xJ_4kwQyEWWHrEggTp5N_zn96YhZ1xGPGKuo-SREPwEg6zo6PzYYnABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoeCxd9vlLsLN2wFvj7nYEjQ%26sig%3DAOD64_3V5R3ukiLSvAxs2Jc6Cpd1guRMlg%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-BdvTh2weBsBxG8i4ZWUW4Cu1I5iR7iMyFqy40lgUuGvvzpsUi82XfRTUlmPos_pnbUPR8IYbLB4WOyC_vsXwCG1beLnjByUuk0_E7PCy8rRMy6h0zdw9nGI2BeLZmIzmgoqmmCgkRE8IVzJCVdJcDDmD5VIg%26cry%3D1%26dbm_d%3DAKAmf-DvaW7QT7yNz2ow1lrDNO0ZsnCYCiGLmgPbIkiYoK4nAGEtSWYF7i8XTMoJorV6LkHnkXZ-56KP9s2Y8Z7P5lfV5IT2gTPc5Enp7r4boO_raCzqXEV77ByKO0YXK9QvDvTtrpwbKS0nvaaCygvuFmgWhDYkTmqggsmKVBzuekHiyiLMRGVPBi13mkljuUoOR25KiuR00vqg2yAdlUfXUq4ToSvoSDf43mQd7CSgGb-0tl_iKKmOVxFuly9T-A3ViLr64u6slMmqeohsQk5iIEeyAonc4r6eB8npV170vlYqESh1OO4s_vY4lCc6k9o8numTONayHaup5pC0guLHHZYU57tIpypAFh_sXv-Iwofm6E7WmKLvicc8gtoiQJflMJePZcX8EsTzuYQv_aZh95E1NnLxx9jSC2keL37DUAAYB3jYd7uj1MQO2ULX5MXM54dFyAGQlgLh5gYlt2qQzqpSoscv1w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=5779663437274&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Wed, 17 Feb 2021 12:43:05 +0100
GET H/1.1	200 OK	request.php Show response hal900021.redintelligence.net/ Frame 5A4C Redirect Chain https://hal900021.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=e95f27dc52&subid=&uid=1b6392ee8e7088db&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900021.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=e95f27dc52&subid=&uid=1b6392ee8e7088db&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	3 KB 2 KB	277ms 147ms	Script application/x-javascript	138.201.84.253 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900021.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=e95f27dc52&subid=&uid=1b6392ee8e7088db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-oV6Vw8tYNGZKMfU7_UP2NWJkAeBiOHUYIvY5umWCvAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTpAU_QwVtHBzrRsKwvabt1ZUmWCqAS7DGCi8MP0lufHfa4FVXDwpchMXiCM98P0v07Dh9sbUdDx4HTSKhjyU3lfsAA_7W7ziXHAkafLCzb_i6XopwaaX6xPYEyumL5ZdcOqszRB4nUYj62C7MbYOp6XcY9drrsaXU0GbB7HgCW5kxZTD1wFIWmX7g75N59GG0QPXEU2TT4k9N7lXn1jtR2qPORlWhEYQXbfT94KSLwWn-sUa8lVfuwUI2x7roAFKvnd4l7P9TVNBVC866igIjbC-D0Ir185D5SUTHft5rW5h6pc6D5kF_XDBrNwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoGQZJPRKNz6Csnl4frtvtYg%26sig%3DAOD64_13IwzhUh5Yb--yAIIOAjEJyKTviQ%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-D1C9Z3PnHgbYLzvppR-G10UyCR4TTRseOGmY0smibSkJzPqZ6MXCNaw2J0y2Xg8X5C8JSQjldrbm4qptHqsyOP5knI73T0qC8UfstyhSf9kN8aDQpb_ScTWHtswBlC_JGyRCasr-huEatqw_UawW3CQ6a-QA%26cry%3D1%26dbm_d%3DAKAmf-Cg8jqYXMI3x0l5MaL_t_CC_AFEoY8WKtAo3BuqmnxI5TGFgLOM1zY-5c-eMXnygud8a-34tzDLHwUHUKD0u5W3Bl0SRIf0Sc7XXTPFPma5PvoIE0SZdnH0mwQ22QP21plJgssvf1Z21MzGVxIv33pgBetIR-xsdT18O5DAbppQIGgy3dTGeJJWX4PdqdXxJGp4Uehh1G8_XvuPZF4JBRKwydTxeG6b-IeK-E28MpdEh-OvoyhSi6I6yEE2RmoCQz9Zhr4ehU-1EIZES18n7wnN_qNkF6k8iGe6Mh5OG5W9ld02F0XCu_fXSDXkw33ThnHFx8kBnlV1GTmo2zeSuPNHUJdvuXN7tVZf4g1QZOEuXUeTZJKYdlGLsbQTHRICQidFkuu0woMzHqXp4c6jqlUeKKNVzmC72augISoEsI6HVV5sIObSsTY__f_IdFNZPrGt7AoZ1W8MCLAV_nry9yVi7kBQgA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=9858424214854&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1 Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.84.253 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.253.84.201.138.clients.your-server.de Software Apache / Resource Hash 2d2b0df551205bbbf5e3f32dcf061e16d3a063953e909c077997fa1345a64844 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 17 Feb 2021 12:43:05 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 50277100117794100044682011508021 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 980 Expires Wed, 17 Feb 2021 12:43:05 +0100 Redirect headers Pragma no-cache Date Wed, 17 Feb 2021 12:43:05 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=e95f27dc52&subid=&uid=1b6392ee8e7088db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-oV6Vw8tYNGZKMfU7_UP2NWJkAeBiOHUYIvY5umWCvAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTpAU_QwVtHBzrRsKwvabt1ZUmWCqAS7DGCi8MP0lufHfa4FVXDwpchMXiCM98P0v07Dh9sbUdDx4HTSKhjyU3lfsAA_7W7ziXHAkafLCzb_i6XopwaaX6xPYEyumL5ZdcOqszRB4nUYj62C7MbYOp6XcY9drrsaXU0GbB7HgCW5kxZTD1wFIWmX7g75N59GG0QPXEU2TT4k9N7lXn1jtR2qPORlWhEYQXbfT94KSLwWn-sUa8lVfuwUI2x7roAFKvnd4l7P9TVNBVC866igIjbC-D0Ir185D5SUTHft5rW5h6pc6D5kF_XDBrNwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoGQZJPRKNz6Csnl4frtvtYg%26sig%3DAOD64_13IwzhUh5Yb--yAIIOAjEJyKTviQ%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-D1C9Z3PnHgbYLzvppR-G10UyCR4TTRseOGmY0smibSkJzPqZ6MXCNaw2J0y2Xg8X5C8JSQjldrbm4qptHqsyOP5knI73T0qC8UfstyhSf9kN8aDQpb_ScTWHtswBlC_JGyRCasr-huEatqw_UawW3CQ6a-QA%26cry%3D1%26dbm_d%3DAKAmf-Cg8jqYXMI3x0l5MaL_t_CC_AFEoY8WKtAo3BuqmnxI5TGFgLOM1zY-5c-eMXnygud8a-34tzDLHwUHUKD0u5W3Bl0SRIf0Sc7XXTPFPma5PvoIE0SZdnH0mwQ22QP21plJgssvf1Z21MzGVxIv33pgBetIR-xsdT18O5DAbppQIGgy3dTGeJJWX4PdqdXxJGp4Uehh1G8_XvuPZF4JBRKwydTxeG6b-IeK-E28MpdEh-OvoyhSi6I6yEE2RmoCQz9Zhr4ehU-1EIZES18n7wnN_qNkF6k8iGe6Mh5OG5W9ld02F0XCu_fXSDXkw33ThnHFx8kBnlV1GTmo2zeSuPNHUJdvuXN7tVZf4g1QZOEuXUeTZJKYdlGLsbQTHRICQidFkuu0woMzHqXp4c6jqlUeKKNVzmC72augISoEsI6HVV5sIObSsTY__f_IdFNZPrGt7AoZ1W8MCLAV_nry9yVi7kBQgA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=9858424214854&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Wed, 17 Feb 2021 12:43:05 +0100
GET H/1.1	200 OK	request.php Show response hal900014.redintelligence.net/ Frame 0470 Redirect Chain https://hal900014.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=9973dd83ee&subid=&uid=817b9eb8dbd94df7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900014.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=9973dd83ee&subid=&uid=817b9eb8dbd94df7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	3 KB 2 KB	260ms 129ms	Script application/x-javascript	176.9.26.250 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900014.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=9973dd83ee&subid=&uid=817b9eb8dbd94df7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjKpdVw8tYNKZKMfU7_UP2NWJkAeBiOHUYMvAsePbBPAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTpAU_QPGXTLUhEitIdUX6dzuilN5R3NAaAo1978HQrmpkEjbJrFf3vLmLAz5MOlxDl3ddb6xak_5-iHmUJSx_C_-vxk2CViy12HgwncleC9tj_DqgB0umdVujyGB-_Um1e3uWofewakVfyew0apBbH2ULh2KF_e6WISVy_V672G3wwRyX95IjT4G8AslDBZZxuAHIxmNeX-SIUIX6XZdMbjPJLU7fmxxWAbfgMZ4cE0beyy_FMP8LzJhEEDLyxYLbZFOMcXj6DsgNr6yrBQypXLzY8EVrLZqY-kinJ1gwEJa6u4ckuRDQxPv8DwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRos1YRGeXjIgVMjrExqUMUmQ%26sig%3DAOD64_1UOHHrVGLKO8O92tkq9e-8DB7cZw%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-B47tBEQswJYfWTxch-C9ZFjH-1GUtChcoCxMT3YyMIH6tJETEF5repPXs8HiJO__zrokO_6dm4ei3U4or1jOoM4PPZvndJXP8qc2UJIK_w1VSrRrK85ifbe14bv7-OsX1MwoN3ydVhWFTSJNdsgLDRyfaRkw%26cry%3D1%26dbm_d%3DAKAmf-BkycnPgxZ59iP-Ir9DS47pGxbPzIusxmT9zoCsoE_2gNoXGMyKyH4Ulx_da00XqsvMGJMWhslNS3cm8CTaNlFWtwICUzG-hk3s4AzlXYUvQzx7vIdLdUJjminRxoVt2qck5PG0e7_vx-dwtLZYHVynsPu278toAv4rJqbKn0mp9dzB-p_qFCUGJTiNOpmCRZvUkUJbyyK6juob_tQjFkr5JypqqLqy-7_T12RVemKofQCQqIOrYNP03RD-DBvrIW3Ob6siY0Zdv-eAmsanaiO1y3StrtHu56iVIYultH5_QOanuN3t3Yn3KMRdo7zBU0fwQq9YUsWj2ILH0xh4MhNJA5bONNRd6UVuI8rmrikfaonvoun-pUwtyPEH9pixFTMzjmJTlMx79Zq35LrE_1pCsYRLUYQ07IzUly2a0yV26OflihjzWi6zNiw7sFNhc0WrAElFqshCz3bhtvh4QFdLgV7m1g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=801236138548&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1 Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.250.26.9.176.clients.your-server.de Software Apache / Resource Hash 4025ccf2d6be4e5c931803864784f8aaf82e4465a04ebe73c3bd0842308141ee Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 17 Feb 2021 12:43:05 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 12872700133153000044682011508014 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 978 Expires Wed, 17 Feb 2021 12:43:05 +0100 Redirect headers Pragma no-cache Date Wed, 17 Feb 2021 12:43:05 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=9973dd83ee&subid=&uid=817b9eb8dbd94df7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjKpdVw8tYNKZKMfU7_UP2NWJkAeBiOHUYMvAsePbBPAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTpAU_QPGXTLUhEitIdUX6dzuilN5R3NAaAo1978HQrmpkEjbJrFf3vLmLAz5MOlxDl3ddb6xak_5-iHmUJSx_C_-vxk2CViy12HgwncleC9tj_DqgB0umdVujyGB-_Um1e3uWofewakVfyew0apBbH2ULh2KF_e6WISVy_V672G3wwRyX95IjT4G8AslDBZZxuAHIxmNeX-SIUIX6XZdMbjPJLU7fmxxWAbfgMZ4cE0beyy_FMP8LzJhEEDLyxYLbZFOMcXj6DsgNr6yrBQypXLzY8EVrLZqY-kinJ1gwEJa6u4ckuRDQxPv8DwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRos1YRGeXjIgVMjrExqUMUmQ%26sig%3DAOD64_1UOHHrVGLKO8O92tkq9e-8DB7cZw%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-B47tBEQswJYfWTxch-C9ZFjH-1GUtChcoCxMT3YyMIH6tJETEF5repPXs8HiJO__zrokO_6dm4ei3U4or1jOoM4PPZvndJXP8qc2UJIK_w1VSrRrK85ifbe14bv7-OsX1MwoN3ydVhWFTSJNdsgLDRyfaRkw%26cry%3D1%26dbm_d%3DAKAmf-BkycnPgxZ59iP-Ir9DS47pGxbPzIusxmT9zoCsoE_2gNoXGMyKyH4Ulx_da00XqsvMGJMWhslNS3cm8CTaNlFWtwICUzG-hk3s4AzlXYUvQzx7vIdLdUJjminRxoVt2qck5PG0e7_vx-dwtLZYHVynsPu278toAv4rJqbKn0mp9dzB-p_qFCUGJTiNOpmCRZvUkUJbyyK6juob_tQjFkr5JypqqLqy-7_T12RVemKofQCQqIOrYNP03RD-DBvrIW3Ob6siY0Zdv-eAmsanaiO1y3StrtHu56iVIYultH5_QOanuN3t3Yn3KMRdo7zBU0fwQq9YUsWj2ILH0xh4MhNJA5bONNRd6UVuI8rmrikfaonvoun-pUwtyPEH9pixFTMzjmJTlMx79Zq35LrE_1pCsYRLUYQ07IzUly2a0yV26OflihjzWi6zNiw7sFNhc0WrAElFqshCz3bhtvh4QFdLgV7m1g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=801236138548&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Wed, 17 Feb 2021 12:43:05 +0100
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2B1A	0 46 B	41ms 41ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQWAwWA8tYMa1G-3kzAbXl56gCAAAAAA4AeAEAg&bg=!1tWl1ZbNAAXRs2QT0TsAKQB2-DxaAT2-Y3z_HpWFUV63LtkqTZiEOv0GeUrkXpJMFvsk9Lc33AzxAgAAAllSAAAAMmgBB5kCYwMCqSQfL7JxatJZFXA8m5R0J_V34tUoqQ1CyIQkDrwALMLqMtYYdZtYXliFvQA5XgkL9HfgHQ7y9i53gaKMEUD_RTyqENZDH2WdBOfm1tiJvFlSRs4gP5xIfNSiiQhnMbJd3OqG--4d4hxWHQpzeXRzxYhKNGSGVvzTHUotj-i6opL0MKR9fkLeXpKdDWdIHcwu6DJ5pnHmZxZjHBrVMVl-8e8lqNRbdo_mGAXsa6csnK7GhxK4b_uLmKe-T_p9efRN_MwS39Nk3NeAq0EAWgnlZM0rVAWnMg9T50qzzRRsgbOsJcjOdeEFYlP2D9OjkYJSt99TQz4qo7BkmcEXBJjupklvGu0BePsi23MXCKAKSVuDVuaOFYD0xmev0ZxYeKZ1B0g0azcVaNJUE-hYVY2SQijTVypNXQ3qYbztNgCLdOYNEufsM6obFS6w1pM9M5BFqfDzhlduCP9NJeolJ1D-I8oNmELBGIwJlxaHSVyfhsr-zABDvPLnlIiDBGoX4mqpF8WqhYlp8Uv0ffmT71W9c_Fcp0P-nWBVLZsjl4agC40dk8rPAiSoKn2NfeQsYRs7diH_hnX5Sm26o97xXR1khDgXLpqB8RmdN6JCaV0f44M2LhbgBVt9mruE2WxJUW9v9L7uLrbpK4c0dGu64WPBunw8MTiSNDr-RL3uv6_Uo52EqXW-tNmQiiO29SerSGNtks8OY8yegrMJzQtQCgr_5dKIlDNn5mYY_ktT0B8OslhFlmKSx6fM23DeS4cchaw9zFX-chX2iJsSk9AjakBFuWvWVZ3_WxyuG2WxpKjI7ZMM Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/sodar/Enqz_20U.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0B3A	0 23 B	42ms 42ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoZhlWA8tYIeHG8yc-wbu_q7YDwAAAAA4AeAEAg&bg=!ysmlyYrNAAXRs2QT0TsAKQB2-DxaGH_Ef45dyNiTxfeqwHlqHhkegAPlsfXErNxgN00kxocK9Q2CAgAAAoBSAAAAK2gBBwoAtbpWH34fBmUup1syJnqmwbtaQgUgnvuDkyd6ttFJM_s4D8eQHb0h10h8_ZcG14vhX9Dvqva7eT3DW_gdDW_FeaztIypB2ZA2IrBWH21MuNeVZevXzsLqY0xN2HwtOwVHe9JgykMPCB8srkLasCHMqtgWG7XijjzOFljGpNQp0IEaixiqLlYm4yu9nz_pc40qbYcGcV6X0q89-IN6q4ES4EVgePefgOTLZ0GPjgPCVt2wFhUZFiSZAmnna1j6BQeWJsVhmmJXhGjvlqEGBd0EokJUoQ6ySKcbRxjz_6XBSuUysGL6nTnFemHltVF_m-mkFARGgnLTEflIuoGJZhEGSBRX9uJdUYQ2HBDPclBL5RC0Cil9gbqlZgS5UjW0EhNwSW1E2VvhukGDVTQeqGEHrfey5PeuXBEhr2G55ekYiTWe1mr2Co55q7HRqfzvPXeHXhVRAuFqNZT6iZgygJH4VLgSqrJaaBVTHDEMPK6DXicYGuPzYcQXN_kWqdal69uKLiBvsR4ynve65OdBlWBsivhPxA-juaj9XqVdYJMlUiEyxHwJq_3omfQBk7XX8XmozsqRJ3eACxOkuwyytHOGL-hn4FkgqV4ZeCsnKTf_hm4BnTbj9MZGxYwMV9h0r7-2CWFVW7WnB9C7zI0ImQxdxshRMY8a9AtlmAjKvxv0Wy69Ttem1pq5jv0238Kio5DotTteOa2RSMqLDW_bQX6rHht3qBdgo9YYfpiHIYhYFmpbj_ibSnkzfYPenAfw2QWJggUDDF6oBQ87T0aw-f7EztT6Ns-D3oS8NrKKq_1vMtHUpqdXIpESVhnjk79-1tL3fEEshUcKJ0o4P1UQf8c0eTgnLD_6v4K0qHmfxpKSBAZaordyWHAL3xGOF2h388bKZVgxl0NReOxVPQWO0sVHtp2V5O7g9dwGjJt-95RftiII9iGCw1dOYhOm88vzKe3PeKPKSh3KuC-6uzpA4REn5itdUhzd1P-zmloHtaWR4eVUsHffs038G_OlDWAb3rzHqr__unhMrWrmMYpT5yP0p09Narv8o_OcQxt5VJOoNBw-WQ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/sodar/Enqz_20U.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg Show response static.tradetracker.net/se/material_image/02/ Frame C5C9 Redirect Chain https://ti.tradetracker.net/?c=31577&m=1646244&a=157788&r=57254600136788100044684011508009&t=html https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg	39 KB 39 KB	78ms 37ms	Document image/jpeg	2600:9000:2127:6600:1a:7c92:efc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg Requested by Host: hal90009.redintelligence.net URL: https://hal90009.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=9b7804de5a&subid=&uid=db1f71737c64aa7f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjY7-Vw8tYNCZKMfU7_UP2NWJkAeBiOHUYPjEm9PSDPAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTiAU_QWEOZLQA7XS5hq78l6c4N7FTRGS434ZOEQab3eENFjv30SwNMrdcdE4CntDd7GeKryMGrmNO0LO4fO9lQ-CQX7QlPUnbJHN1FRSDkeTbFlwyZEQWvEMYANvrGZebx1Ws4OFwjVvNffjbJF-0eyrj2-SK4gkpQyHe3MYuWTxCNXIYLScD43QekuWj41-u299shi7UCCU4I5WzTmVjljEI5CvGEwdSKG1hqjZglbYJILa-W9Bg8o-Trv5xJ_4kwQyEWWHrEggTp5N_zn96YhZ1xGPGKuo-SREPwEg6zo6PzYYnABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoeCxd9vlLsLN2wFvj7nYEjQ%26sig%3DAOD64_3V5R3ukiLSvAxs2Jc6Cpd1guRMlg%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-BdvTh2weBsBxG8i4ZWUW4Cu1I5iR7iMyFqy40lgUuGvvzpsUi82XfRTUlmPos_pnbUPR8IYbLB4WOyC_vsXwCG1beLnjByUuk0_E7PCy8rRMy6h0zdw9nGI2BeLZmIzmgoqmmCgkRE8IVzJCVdJcDDmD5VIg%26cry%3D1%26dbm_d%3DAKAmf-DvaW7QT7yNz2ow1lrDNO0ZsnCYCiGLmgPbIkiYoK4nAGEtSWYF7i8XTMoJorV6LkHnkXZ-56KP9s2Y8Z7P5lfV5IT2gTPc5Enp7r4boO_raCzqXEV77ByKO0YXK9QvDvTtrpwbKS0nvaaCygvuFmgWhDYkTmqggsmKVBzuekHiyiLMRGVPBi13mkljuUoOR25KiuR00vqg2yAdlUfXUq4ToSvoSDf43mQd7CSgGb-0tl_iKKmOVxFuly9T-A3ViLr64u6slMmqeohsQk5iIEeyAonc4r6eB8npV170vlYqESh1OO4s_vY4lCc6k9o8numTONayHaup5pC0guLHHZYU57tIpypAFh_sXv-Iwofm6E7WmKLvicc8gtoiQJflMJePZcX8EsTzuYQv_aZh95E1NnLxx9jSC2keL37DUAAYB3jYd7uj1MQO2ULX5MXM54dFyAGQlgLh5gYlt2qQzqpSoscv1w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=5779663437274&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:6600:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 5b02d4c3687457ff762f830bbe51f5897b428906bf57f0aa15f185d5024c0f91 Request headers :method GET :authority static.tradetracker.net :scheme https :path /se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html accept-encoding gzip, deflate, br accept-language en-US cookie pi=317837c0342083af16ce0a7d95386fdf; uf=bMAmxQFYclSqZGuwPTMwPnozVHhDT3h6azRYY0pLOUNtbGV6RGxIazZzZ2dueGNiSEg3NTJGMHhvU1hQUld6MFRONnk3UHR3cTV6NFJRS0VHYldxdXVERXdRZXUvT1Jka0lKY0xRPT0%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers content-type image/jpeg content-length 39656 accept-ranges bytes last-modified Mon, 04 Nov 2019 09:13:22 GMT server nginx date Wed, 17 Feb 2021 12:43:06 GMT etag "5dbfebb2-9ae8" x-cache Hit from cloudfront via 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 x-amz-cf-id -EJ4gND6festNH5356YLn2U-l7YSCFfx_WA2Pd606COb_j1gyty_HQ== Redirect headers date Wed, 17 Feb 2021 12:43:05 GMT content-type text/html; charset=utf-8 location https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg server nginx x-powered-by PHP/7.1.33-24+ubuntu18.04.1+deb.sury.org+1 p3p CP="ALL PUR DSP CUR ADMi DEVi CONi OUR COR IND", policyref="https://ti.tradetracker.net/public/w3c/p3p.xml" expires Mon, 26 Jul 1997 05:00:00 GMT cache-control no-cache, must-revalidate set-cookie uf=marHMX8limXcEeXknVK%2F2WxwcVR4cHRsVzZEdU9HV1NZTFVrSEdxaERZTUZCc2ovT1J2bmFUWXRaRDVQVng4UVBWQzFYeWxlWENWQ3E4RVRlcjRoWHp0Ly9EdWxnQk1Ybk9EcXZBPT0%3D; expires=Thu, 17-Feb-2022 12:43:05 GMT; Max-Age=31536000; path=/; SameSite=None; domain=.tradetracker.net; secure pi=317837c0342083af16ce0a7d95386fdf; expires=Fri, 28-May-2021 11:43:05 GMT; Max-Age=8636400; path=/; SameSite=None; domain=.tradetracker.net; secure
GET H2	200	imp Show response impse.tradedoubler.com/ Frame 3AE1	187 B 654 B	145ms 60ms	Script application/x-javascript	34.95.109.120 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://impse.tradedoubler.com/imp?type(js)g(24546882)a(1792659)epi(57254600136788100044684011508009)preurl([RD_CLICK_ENC])712105945 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.109.120 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 120.109.95.34.bc.googleusercontent.com Software TXServerHttp / Resource Hash b8b8b36efe20a05894544b1381085fe542bd09a685d0732decf6377f08813bc7 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:05 GMT via 1.1 google referrer-policy origin server TXServerHttp p3p policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR" access-control-allow-origin * cache-control private, max-age=0 content-type application/x-javascript; charset=ISO-8859-1 alt-svc clear content-length 187
GET H/1.1	200 OK	cshow.php www.zenaps.com/ Frame 3AE1 Redirect Chain https://www.awin1.com/cshow.php?s=2636829&v=12846&q=389131&r=566725&pref1=57254600136788100044684011508009&pv=1 https://www.zenaps.com/cshow.php?pvr=ae5e54a1-711d-11eb-b31b-692d0e6db9b7&v=12846&r=566725&q=389131&s=2636829&viewref=57254600136788100044684011508009&pv=1	43 B 705 B	179ms 61ms	Image image/gif	92.123.148.9 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.zenaps.com/cshow.php?pvr=ae5e54a1-711d-11eb-b31b-692d0e6db9b7&v=12846&r=566725&q=389131&s=2636829&viewref=57254600136788100044684011508009&pv=1 Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-148-9.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 17 Feb 2021 12:43:06 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0 Redirect headers Date Wed, 17 Feb 2021 12:43:05 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://www.zenaps.com/cshow.php?pvr=ae5e54a1-711d-11eb-b31b-692d0e6db9b7&v=12846&r=566725&q=389131&s=2636829&viewref=57254600136788100044684011508009&pv=1 Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H2	200	dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg Show response static.tradetracker.net/se/material_image/02/ Frame 1822 Redirect Chain https://ti.tradetracker.net/?c=31577&m=1646244&a=157788&r=12872700133153000044682011508014&t=html https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg	39 KB 39 KB	72ms 27ms	Document image/jpeg	2600:9000:2127:6600:1a:7c92:efc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=9973dd83ee&subid=&uid=817b9eb8dbd94df7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjKpdVw8tYNKZKMfU7_UP2NWJkAeBiOHUYMvAsePbBPAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTpAU_QPGXTLUhEitIdUX6dzuilN5R3NAaAo1978HQrmpkEjbJrFf3vLmLAz5MOlxDl3ddb6xak_5-iHmUJSx_C_-vxk2CViy12HgwncleC9tj_DqgB0umdVujyGB-_Um1e3uWofewakVfyew0apBbH2ULh2KF_e6WISVy_V672G3wwRyX95IjT4G8AslDBZZxuAHIxmNeX-SIUIX6XZdMbjPJLU7fmxxWAbfgMZ4cE0beyy_FMP8LzJhEEDLyxYLbZFOMcXj6DsgNr6yrBQypXLzY8EVrLZqY-kinJ1gwEJa6u4ckuRDQxPv8DwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRos1YRGeXjIgVMjrExqUMUmQ%26sig%3DAOD64_1UOHHrVGLKO8O92tkq9e-8DB7cZw%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-B47tBEQswJYfWTxch-C9ZFjH-1GUtChcoCxMT3YyMIH6tJETEF5repPXs8HiJO__zrokO_6dm4ei3U4or1jOoM4PPZvndJXP8qc2UJIK_w1VSrRrK85ifbe14bv7-OsX1MwoN3ydVhWFTSJNdsgLDRyfaRkw%26cry%3D1%26dbm_d%3DAKAmf-BkycnPgxZ59iP-Ir9DS47pGxbPzIusxmT9zoCsoE_2gNoXGMyKyH4Ulx_da00XqsvMGJMWhslNS3cm8CTaNlFWtwICUzG-hk3s4AzlXYUvQzx7vIdLdUJjminRxoVt2qck5PG0e7_vx-dwtLZYHVynsPu278toAv4rJqbKn0mp9dzB-p_qFCUGJTiNOpmCRZvUkUJbyyK6juob_tQjFkr5JypqqLqy-7_T12RVemKofQCQqIOrYNP03RD-DBvrIW3Ob6siY0Zdv-eAmsanaiO1y3StrtHu56iVIYultH5_QOanuN3t3Yn3KMRdo7zBU0fwQq9YUsWj2ILH0xh4MhNJA5bONNRd6UVuI8rmrikfaonvoun-pUwtyPEH9pixFTMzjmJTlMx79Zq35LrE_1pCsYRLUYQ07IzUly2a0yV26OflihjzWi6zNiw7sFNhc0WrAElFqshCz3bhtvh4QFdLgV7m1g%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=801236138548&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:6600:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 5b02d4c3687457ff762f830bbe51f5897b428906bf57f0aa15f185d5024c0f91 Request headers :method GET :authority static.tradetracker.net :scheme https :path /se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html accept-encoding gzip, deflate, br accept-language en-US cookie uf=OcahM6U0Ng0RVjgM9baI81ZaUmlJSkE4RWVpdGozeVE5NjlidEcyejBaQjVKazdGeVJ0V29GK1J3TkpBNmNwMDBiUDRXUWJTVW82cUw4MTB4NmhLbVM3NVFFYkZuUEUvS2l5K2lBPT0%3D; pi=317837c0342083af16ce0a7d95386fdf Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers content-type image/jpeg content-length 39656 accept-ranges bytes last-modified Mon, 04 Nov 2019 09:13:22 GMT server nginx date Wed, 17 Feb 2021 12:43:06 GMT etag "5dbfebb2-9ae8" x-cache Hit from cloudfront via 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 x-amz-cf-id B93Ri9MXBZnhW_M8Y1dXJnMDrPBdhe-2Wlur8oor48Qeb3Jtzp72_A== Redirect headers date Wed, 17 Feb 2021 12:43:05 GMT content-type text/html; charset=utf-8 location https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg server nginx x-powered-by PHP/7.1.33-24+ubuntu18.04.1+deb.sury.org+1 p3p CP="ALL PUR DSP CUR ADMi DEVi CONi OUR COR IND", policyref="https://ti.tradetracker.net/public/w3c/p3p.xml" expires Mon, 26 Jul 1997 05:00:00 GMT cache-control no-cache, must-revalidate set-cookie uf=OcahM6U0Ng0RVjgM9baI81ZaUmlJSkE4RWVpdGozeVE5NjlidEcyejBaQjVKazdGeVJ0V29GK1J3TkpBNmNwMDBiUDRXUWJTVW82cUw4MTB4NmhLbVM3NVFFYkZuUEUvS2l5K2lBPT0%3D; expires=Thu, 17-Feb-2022 12:43:05 GMT; Max-Age=31536000; path=/; SameSite=None; domain=.tradetracker.net; secure pi=317837c0342083af16ce0a7d95386fdf; expires=Fri, 28-May-2021 11:43:05 GMT; Max-Age=8636400; path=/; SameSite=None; domain=.tradetracker.net; secure
GET H2	200	imp Show response impse.tradedoubler.com/ Frame 0470	187 B 856 B	141ms 59ms	Script application/x-javascript	34.95.109.120 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://impse.tradedoubler.com/imp?type(js)g(24546882)a(1792659)epi(12872700133153000044682011508014)preurl([RD_CLICK_ENC])707374582 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.109.120 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 120.109.95.34.bc.googleusercontent.com Software TXServerHttp / Resource Hash ebc837a8d26a1890b46c11a8f3b1405630a733b4c6acd0ea423285d6360f3b23 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:05 GMT via 1.1 google referrer-policy origin server TXServerHttp p3p policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR" access-control-allow-origin * cache-control private, max-age=0 content-type application/x-javascript; charset=ISO-8859-1 alt-svc clear content-length 187
GET H/1.1	200 OK	cshow.php www.zenaps.com/ Frame 0470 Redirect Chain https://www.awin1.com/cshow.php?s=2636829&v=12846&q=389131&r=566725&pref1=12872700133153000044682011508014&pv=1 https://www.zenaps.com/cshow.php?pvr=ae5e2d90-711d-11eb-b31b-692d0e6db9b7&v=12846&r=566725&q=389131&s=2636829&viewref=12872700133153000044682011508014&pv=1	43 B 705 B	179ms 61ms	Image image/gif	92.123.148.9 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.zenaps.com/cshow.php?pvr=ae5e2d90-711d-11eb-b31b-692d0e6db9b7&v=12846&r=566725&q=389131&s=2636829&viewref=12872700133153000044682011508014&pv=1 Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-148-9.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 17 Feb 2021 12:43:06 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0 Redirect headers Date Wed, 17 Feb 2021 12:43:05 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://www.zenaps.com/cshow.php?pvr=ae5e2d90-711d-11eb-b31b-692d0e6db9b7&v=12846&r=566725&q=389131&s=2636829&viewref=12872700133153000044682011508014&pv=1 Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H2	200	dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg Show response static.tradetracker.net/se/material_image/02/ Frame 52FC Redirect Chain https://ti.tradetracker.net/?c=31577&m=1646244&a=157788&r=50277100117794100044682011508021&t=html https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg	39 KB 39 KB	85ms 46ms	Document image/jpeg	2600:9000:2127:6600:1a:7c92:efc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg Requested by Host: hal900021.redintelligence.net URL: https://hal900021.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=e95f27dc52&subid=&uid=1b6392ee8e7088db&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-oV6Vw8tYNGZKMfU7_UP2NWJkAeBiOHUYIvY5umWCvAuEAEg5pSFGGDxrfyFpB_IAQmpAnf6QfVKRrQ-qAMBqgTpAU_QwVtHBzrRsKwvabt1ZUmWCqAS7DGCi8MP0lufHfa4FVXDwpchMXiCM98P0v07Dh9sbUdDx4HTSKhjyU3lfsAA_7W7ziXHAkafLCzb_i6XopwaaX6xPYEyumL5ZdcOqszRB4nUYj62C7MbYOp6XcY9drrsaXU0GbB7HgCW5kxZTD1wFIWmX7g75N59GG0QPXEU2TT4k9N7lXn1jtR2qPORlWhEYQXbfT94KSLwWn-sUa8lVfuwUI2x7roAFKvnd4l7P9TVNBVC866igIjbC-D0Ir185D5SUTHft5rW5h6pc6D5kF_XDBrNwASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASEuRoGQZJPRKNz6Csnl4frtvtYg%26sig%3DAOD64_13IwzhUh5Yb--yAIIOAjEJyKTviQ%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-D1C9Z3PnHgbYLzvppR-G10UyCR4TTRseOGmY0smibSkJzPqZ6MXCNaw2J0y2Xg8X5C8JSQjldrbm4qptHqsyOP5knI73T0qC8UfstyhSf9kN8aDQpb_ScTWHtswBlC_JGyRCasr-huEatqw_UawW3CQ6a-QA%26cry%3D1%26dbm_d%3DAKAmf-Cg8jqYXMI3x0l5MaL_t_CC_AFEoY8WKtAo3BuqmnxI5TGFgLOM1zY-5c-eMXnygud8a-34tzDLHwUHUKD0u5W3Bl0SRIf0Sc7XXTPFPma5PvoIE0SZdnH0mwQ22QP21plJgssvf1Z21MzGVxIv33pgBetIR-xsdT18O5DAbppQIGgy3dTGeJJWX4PdqdXxJGp4Uehh1G8_XvuPZF4JBRKwydTxeG6b-IeK-E28MpdEh-OvoyhSi6I6yEE2RmoCQz9Zhr4ehU-1EIZES18n7wnN_qNkF6k8iGe6Mh5OG5W9ld02F0XCu_fXSDXkw33ThnHFx8kBnlV1GTmo2zeSuPNHUJdvuXN7tVZf4g1QZOEuXUeTZJKYdlGLsbQTHRICQidFkuu0woMzHqXp4c6jqlUeKKNVzmC72augISoEsI6HVV5sIObSsTY__f_IdFNZPrGt7AoZ1W8MCLAV_nry9yVi7kBQgA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&ancestorOrigins=https%3A%2F%2Fwww.courttv.com&random=9858424214854&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:6600:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 5b02d4c3687457ff762f830bbe51f5897b428906bf57f0aa15f185d5024c0f91 Request headers :method GET :authority static.tradetracker.net :scheme https :path /se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html accept-encoding gzip, deflate, br accept-language en-US cookie pi=317837c0342083af16ce0a7d95386fdf; uf=bMAmxQFYclSqZGuwPTMwPnozVHhDT3h6azRYY0pLOUNtbGV6RGxIazZzZ2dueGNiSEg3NTJGMHhvU1hQUld6MFRONnk3UHR3cTV6NFJRS0VHYldxdXVERXdRZXUvT1Jka0lKY0xRPT0%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers content-type image/jpeg content-length 39656 accept-ranges bytes last-modified Mon, 04 Nov 2019 09:13:22 GMT server nginx date Wed, 17 Feb 2021 12:43:06 GMT etag "5dbfebb2-9ae8" x-cache Hit from cloudfront via 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 x-amz-cf-id Z7zTc3IhTy3PilwjJo-TbD5CZ-pdzFDE7y77bOFNQkwC0ZrGtcL7hQ== Redirect headers date Wed, 17 Feb 2021 12:43:05 GMT content-type text/html; charset=utf-8 location https://static.tradetracker.net/se/material_image/02/dc09e91cfcfaf1c41b38aa8dfb43cbb2546ceb.jpg server nginx x-powered-by PHP/7.1.33-24+ubuntu18.04.1+deb.sury.org+1 p3p CP="ALL PUR DSP CUR ADMi DEVi CONi OUR COR IND", policyref="https://ti.tradetracker.net/public/w3c/p3p.xml" expires Mon, 26 Jul 1997 05:00:00 GMT cache-control no-cache, must-revalidate set-cookie uf=bMAmxQFYclSqZGuwPTMwPnozVHhDT3h6azRYY0pLOUNtbGV6RGxIazZzZ2dueGNiSEg3NTJGMHhvU1hQUld6MFRONnk3UHR3cTV6NFJRS0VHYldxdXVERXdRZXUvT1Jka0lKY0xRPT0%3D; expires=Thu, 17-Feb-2022 12:43:05 GMT; Max-Age=31536000; path=/; SameSite=None; domain=.tradetracker.net; secure pi=317837c0342083af16ce0a7d95386fdf; expires=Fri, 28-May-2021 11:43:05 GMT; Max-Age=8636400; path=/; SameSite=None; domain=.tradetracker.net; secure
GET H2	200	imp Show response impse.tradedoubler.com/ Frame 5A4C	187 B 655 B	135ms 61ms	Script application/x-javascript	34.95.109.120 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://impse.tradedoubler.com/imp?type(js)g(24546882)a(1792659)epi(50277100117794100044682011508021)preurl([RD_CLICK_ENC])292713624 Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.109.120 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 120.109.95.34.bc.googleusercontent.com Software TXServerHttp / Resource Hash 0dab94703665a1a2127b6dfe542b41dd3d16c7e74c5644b1fcc7f282c3a72f97 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:05 GMT via 1.1 google referrer-policy origin server TXServerHttp p3p policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR" access-control-allow-origin * cache-control private, max-age=0 content-type application/x-javascript; charset=ISO-8859-1 alt-svc clear content-length 187
GET H/1.1	200 OK	cshow.php www.zenaps.com/ Frame 5A4C Redirect Chain https://www.awin1.com/cshow.php?s=2636829&v=12846&q=389131&r=566725&pref1=50277100117794100044682011508021&pv=1 https://www.zenaps.com/cshow.php?pvr=ae5e2d92-711d-11eb-a962-692d00fdee08&v=12846&r=566725&q=389131&s=2636829&viewref=50277100117794100044682011508021&pv=1	43 B 705 B	180ms 62ms	Image image/gif	92.123.148.9 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.zenaps.com/cshow.php?pvr=ae5e2d92-711d-11eb-a962-692d00fdee08&v=12846&r=566725&q=389131&s=2636829&viewref=50277100117794100044682011508021&pv=1 Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-148-9.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 17 Feb 2021 12:43:06 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0 Redirect headers Date Wed, 17 Feb 2021 12:43:05 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://www.zenaps.com/cshow.php?pvr=ae5e2d92-711d-11eb-a962-692d00fdee08&v=12846&r=566725&q=389131&s=2636829&viewref=50277100117794100044682011508021&pv=1 Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame A9AB	0 23 B	46ms 45ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDfbPWA8tYObkHbaE9fgPzpmR-AIAAAAAOAHgBAI&bg=!kZKlktHNAAXRs2QT0TsAKQB2-DxasnsKJQbGfvmrkLRu73heAcvPlNN_xXNPWCrq-7uzfAGiyVEeAgAAAjVSAAAAKGgBBwoARpp24Tum-okqhifTBdrMJOUnRHoSX-5mk2OMyysU1rgZPFd0EjuTTfVOpO8W0rJMXCEcoxqjYBalkav1nEvh659QHTa5HJ-ZAnPIz27igBdTek8koIp6EaDa67DTEKQI-qk2DKPhL64dz-qPzJrgykz7nHsuXoaMDB_Mex5bx8O7Cs-6TWLIoxhuu5yUWBf_hgsnwgXc8cr8fp84TD-vS877D1iSIubQzHDbzUUiLf8NDJec3sPfuwJ_ul0w5cD4233PWzRwtbDrElvgqullSzQQZAHpNCENMHTllJzB19WGDfMzYbQKpd2wrwKWlGkPd8vADASOOEagRIPoN6YLqxr5IE2ys3R-xsQL2JC7T2en6SqGkBeLo1M1Qo7dv7ckuRYW5O0ZcW2MHYwMZJarrXpYkZN-HVMybkzpUUv73dR16TWGOboJuNi2axpyRi74egAL6JuQqv_3chWZvUKuAxXtwKrKFVaEfpjZxE7ds4rtMe448abYGvaD5J0UjfYTtVSxclOHn75HeJ1tYsk_IuyZtDrkDSSLFT6I5bLCpgTwUYHfKPb7ZhXIcbZT2pcbopBFYB7QO7gQIqss2zuqvGftcHlmMu5CV_cFPRHo8AF5cWqAsJQKhoi_JKl_EUyFoc_xKOJJLZL5xocztYW0dHclv0a93odeLbXkAfoBb2h5dvwZk3KeLTMEhMF5Ak-CmNPxuZ_UrsDwC8yLeKfTgRwJVSupmhA1kYdfx4ep36C-Y8cHLpL6L83t3_flvbM87R2Z42tHWcBdBTcHlfH06RDQz5RTOEhWKfMOS0ba4CXY8G7JoARMmAMBkZdy8EBeq8Nl5braVQIoe-8BxjYxLXjJU6KDPrUbKYTTcJ7reN7Z99E1-hqQGbR7CrIcKtZwTxCJeiiNaoQ7AhzPwVq7OlqtNT_6Bk_rTStclx8 Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/sodar/Enqz_20U.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	request_content.php Show response hal900014.redintelligence.net/ Frame A93B	6 KB 2 KB	203ms 68ms	Document text/html	176.9.26.250 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900014.redintelligence.net/request_content.php?s=12872700133153000044682011508014&a=867e1f2f Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.250.26.9.176.clients.your-server.de Software Apache / Resource Hash d59259681c3d439ad167e3e86996dd70d9aff953dc730715e68342d5f072e491 Request headers Host hal900014.redintelligence.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie 8lcfmzhxc8d6_uid=dabf5eb2fa4d3c2c Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers Date Wed, 17 Feb 2021 12:43:06 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Wed, 17 Feb 2021 12:43:06 +0100 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 1857 Connection close Content-Type text/html; charset=utf-8
GET H3-Q050	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 660A	1 KB 835 B	10ms 9ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 17 Feb 2021 05:59:32 GMT expires Thu, 18 Feb 2021 05:59:32 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 cache-control public, max-age=86400 age 24213 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	200	ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Show response d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 0470	43 KB 15 KB	13ms 12ms	XHR application/javascript	2600:9000:2127:e800:d:77c3:2dc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Requested by Host: includemodal.global.ssl.fastly.net URL: https://includemodal.global.ssl.fastly.net/pw.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e800:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 3bc8272dbdfde67348adf76fafb2623694fa0c712c5bbd0f57205d71a1634c7d Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 11:37:00 GMT content-encoding gzip server nginx/1.10.3 (Ubuntu) age 3964 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type application/javascript access-control-allow-origin * access-control-max-age 14400 cache-control public, max-age=14400 x-cache Hit from cloudfront x-amz-cf-pop PRG50-C1 access-control-allow-headers * x-amz-cf-id DmjWNN6DeZmEo5saebn9B48W-QcW6YloWwOxW3ZLpVSS1ISh6yHiSQ== via 1.1 e3568b144ae2b93deb0c17907b662ac2.cloudfront.net (CloudFront)
GET H2	200	/ includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame 0470	42 B 133 B	470ms 164ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=1029334&referer=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT server nginx/1.10.3 (Ubuntu) content-length 42 content-type image/gif
GET DATA	200 OK	truncated / Frame 0470	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash adb20e082e8869b521594acba8c4ba54f80be4d94627f5d6a8ae4146a2522eb8 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	request_content.php Show response hal90009.redintelligence.net/ Frame 9A6E	6 KB 2 KB	208ms 68ms	Document text/html	138.201.63.149 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90009.redintelligence.net/request_content.php?s=57254600136788100044684011508009&a=431208d3 Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.149 Ketsch, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.149.63.201.138.clients.your-server.de Software Apache / Resource Hash 70596102674f514303473ed5cb4443c25a208398540b26c310840f1ff73f4b69 Request headers Host hal90009.redintelligence.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie 8lcfmzhxc8d6_uid=dabf5eb2fa4d3c2c Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers Date Wed, 17 Feb 2021 12:43:06 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Wed, 17 Feb 2021 12:43:06 +0100 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 1888 Connection close Content-Type text/html; charset=utf-8
GET H3-Q050	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame CD18	1 KB 750 B	8ms 7ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 17 Feb 2021 05:59:32 GMT expires Thu, 18 Feb 2021 05:59:32 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 cache-control public, max-age=86400 age 24213 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	200	ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Show response d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 3AE1	43 KB 15 KB	13ms 12ms	XHR application/javascript	2600:9000:2127:e800:d:77c3:2dc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Requested by Host: includemodal.global.ssl.fastly.net URL: https://includemodal.global.ssl.fastly.net/pw.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e800:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 3bc8272dbdfde67348adf76fafb2623694fa0c712c5bbd0f57205d71a1634c7d Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 11:37:00 GMT content-encoding gzip server nginx/1.10.3 (Ubuntu) age 3965 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type application/javascript access-control-allow-origin * access-control-max-age 14400 cache-control public, max-age=14400 x-cache Hit from cloudfront x-amz-cf-pop PRG50-C1 access-control-allow-headers * x-amz-cf-id r6XgqYczxggxKPVzYG-ARbMABiLagnvQ7LRgk_eC8GyqnB6qTPYL8Q== via 1.1 e3568b144ae2b93deb0c17907b662ac2.cloudfront.net (CloudFront)
GET H2	200	/ includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame 3AE1	42 B 132 B	374ms 165ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=909173&referer=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT server nginx/1.10.3 (Ubuntu) content-length 42 content-type image/gif
GET DATA	200 OK	truncated / Frame 3AE1	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b81adbd2cf203c339c82facc2588c7cc79bf821dd116a158c646c2641d08f87 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	request_content.php Show response hal900021.redintelligence.net/ Frame D7CA	6 KB 2 KB	223ms 68ms	Document text/html	138.201.84.253 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900021.redintelligence.net/request_content.php?s=50277100117794100044682011508021&a=3007a133 Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.84.253 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.253.84.201.138.clients.your-server.de Software Apache / Resource Hash 6a5175c6c75d67a47829867a072359c10c395205c4e116a9e2b471e11f09b64d Request headers Host hal900021.redintelligence.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie 8lcfmzhxc8d6_uid=dabf5eb2fa4d3c2c Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers Date Wed, 17 Feb 2021 12:43:06 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Wed, 17 Feb 2021 12:43:06 +0100 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 1858 Connection close Content-Type text/html; charset=utf-8
GET H3-Q050	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 65BA	1 KB 755 B	8ms 8ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 17 Feb 2021 05:59:32 GMT expires Thu, 18 Feb 2021 05:59:32 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 cache-control public, max-age=86400 age 24214 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	200	ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Show response d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 5A4C	43 KB 15 KB	19ms 11ms	XHR application/javascript	2600:9000:2127:e800:d:77c3:2dc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Requested by Host: includemodal.global.ssl.fastly.net URL: https://includemodal.global.ssl.fastly.net/pw.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e800:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 3bc8272dbdfde67348adf76fafb2623694fa0c712c5bbd0f57205d71a1634c7d Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 11:37:00 GMT content-encoding gzip server nginx/1.10.3 (Ubuntu) age 3965 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type application/javascript access-control-allow-origin * access-control-max-age 14400 cache-control public, max-age=14400 x-cache Hit from cloudfront x-amz-cf-pop PRG50-C1 access-control-allow-headers * x-amz-cf-id hWoGuH0VXvyfFlhdDoWl72HQHY9Gmxkx898y2QxoSf8YrUiU8voQ-Q== via 1.1 e3568b144ae2b93deb0c17907b662ac2.cloudfront.net (CloudFront)
GET H2	200	/ includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame 5A4C	42 B 132 B	347ms 187ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=351273&referer=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT server nginx/1.10.3 (Ubuntu) content-length 42 content-type image/gif
GET DATA	200 OK	truncated / Frame 5A4C	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cbea66119711a19dbe1fa033497e409b0f1748d22d7b302b6e4e329bda38fa99 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	log.gif includemodal.com/static/ Frame 0470	42 B 199 B	227ms 225ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=7ddd346b-9c51-47c9-9603-1b338d96bf63&url=https://hal9000.redintelligence.net/zone/kpiwv0qvkluh%3F&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	log.gif includemodal.com/static/ Frame 0470	42 B 199 B	150ms 148ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=7ddd346b-9c51-47c9-9603-1b338d96bf63&url=https://www.awin1.com/cshow.php%3Fs%3D2636829%26amp%253Bv%3D12846%26amp%253Bq%3D389131%26amp%253Br%3D566725%26amp%253Bpref1%3D12872700133153000044682011508014%26amp%253Bpv%3D1&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	log.gif includemodal.com/static/ Frame 0470	42 B 199 B	227ms 225ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=7ddd346b-9c51-47c9-9603-1b338d96bf63&url=https://ti.tradetracker.net/%3Fc%3D31577%26amp%253Bm%3D1646244%26amp%253Ba%3D157788%26amp%253Br%3D12872700133153000044682011508014%26amp%253Bt%3Dhtml&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	log.gif includemodal.com/static/ Frame 0470	42 B 199 B	228ms 226ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=7ddd346b-9c51-47c9-9603-1b338d96bf63&url=https://impse.tradedoubler.com/imp%3Ftype%2528js%2529g%252824546882%2529a%25281792659%2529epi%252812872700133153000044682011508014%2529preurl%2528%255BRD_CLICK_ENC%255D%2529%2527%3D&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	log.gif includemodal.com/static/ Frame 0470	42 B 199 B	228ms 226ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=7ddd346b-9c51-47c9-9603-1b338d96bf63&url=https://clk.tradedoubler.com/click%3Fp%3D296793%26amp%253Ba%3D1792659%26amp%253Bg%3D24546882%26amp%253Bepi%3D12872700133153000044682011508014&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	log.gif includemodal.com/static/ Frame 3AE1	42 B 199 B	154ms 152ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=6f90330b-3ad4-48ab-a803-847d6e6ab1e8&url=https://hal9000.redintelligence.net/zone/0k1uvb5ne9s9%3F&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	log.gif includemodal.com/static/ Frame 3AE1	42 B 199 B	152ms 151ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=6f90330b-3ad4-48ab-a803-847d6e6ab1e8&url=https://www.awin1.com/cshow.php%3Fs%3D2636829%26amp%253Bv%3D12846%26amp%253Bq%3D389131%26amp%253Br%3D566725%26amp%253Bpref1%3D57254600136788100044684011508009%26amp%253Bpv%3D1&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	log.gif includemodal.com/static/ Frame 3AE1	42 B 199 B	153ms 152ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=6f90330b-3ad4-48ab-a803-847d6e6ab1e8&url=https://ti.tradetracker.net/%3Fc%3D31577%26amp%253Bm%3D1646244%26amp%253Ba%3D157788%26amp%253Br%3D57254600136788100044684011508009%26amp%253Bt%3Dhtml&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	log.gif includemodal.com/static/ Frame 3AE1	42 B 199 B	153ms 152ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=6f90330b-3ad4-48ab-a803-847d6e6ab1e8&url=https://impse.tradedoubler.com/imp%3Ftype%2528js%2529g%252824546882%2529a%25281792659%2529epi%252857254600136788100044684011508009%2529preurl%2528%255BRD_CLICK_ENC%255D%2529%2527%3D&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	log.gif includemodal.com/static/ Frame 3AE1	42 B 199 B	154ms 153ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=6f90330b-3ad4-48ab-a803-847d6e6ab1e8&url=https://clk.tradedoubler.com/click%3Fp%3D296793%26amp%253Ba%3D1792659%26amp%253Bg%3D24546882%26amp%253Bepi%3D57254600136788100044684011508009&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	log.gif includemodal.com/static/ Frame 5A4C	42 B 199 B	149ms 147ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=50eed320-3c15-4a14-9e2d-861118f26f21&url=https://hal9000.redintelligence.net/zone/kpiwv0qvkluh%3F&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	log.gif includemodal.com/static/ Frame 5A4C	42 B 199 B	149ms 148ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=50eed320-3c15-4a14-9e2d-861118f26f21&url=https://www.awin1.com/cshow.php%3Fs%3D2636829%26amp%253Bv%3D12846%26amp%253Bq%3D389131%26amp%253Br%3D566725%26amp%253Bpref1%3D50277100117794100044682011508021%26amp%253Bpv%3D1&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	log.gif includemodal.com/static/ Frame 5A4C	42 B 199 B	149ms 148ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=50eed320-3c15-4a14-9e2d-861118f26f21&url=https://ti.tradetracker.net/%3Fc%3D31577%26amp%253Bm%3D1646244%26amp%253Ba%3D157788%26amp%253Br%3D50277100117794100044682011508021%26amp%253Bt%3Dhtml&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	log.gif includemodal.com/static/ Frame 5A4C	42 B 199 B	150ms 149ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=50eed320-3c15-4a14-9e2d-861118f26f21&url=https://impse.tradedoubler.com/imp%3Ftype%2528js%2529g%252824546882%2529a%25281792659%2529epi%252850277100117794100044682011508021%2529preurl%2528%255BRD_CLICK_ENC%255D%2529%2527%3D&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	log.gif includemodal.com/static/ Frame 5A4C	42 B 199 B	150ms 149ms	Image image/gif	3.141.72.195 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://includemodal.com/static/log.gif?logger=4&token=50eed320-3c15-4a14-9e2d-861118f26f21&url=https://clk.tradedoubler.com/click%3Fp%3D296793%26amp%253Ba%3D1792659%26amp%253Bg%3D24546882%26amp%253Bepi%3D50277100117794100044682011508021&o=https://www.courttv.com/mystery/ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.141.72.195 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-141-72-195.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT last-modified Thu, 26 Sep 2019 18:10:35 GMT server nginx/1.10.3 (Ubuntu) accept-ranges bytes etag "5d8cff1b-2a" content-length 42 content-type image/gif
GET H2	200	css fonts.googleapis.com/ Frame A93B	4 KB 756 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request_content.php?s=12872700133153000044682011508014&a=867e1f2f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0e203332bdb8a0c387ae96935481aee57996419bc60598b9162b841d7bbd9ac0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://hal900014.redintelligence.net/request_content.php?s=12872700133153000044682011508014&a=867e1f2f User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 17 Feb 2021 11:17:36 GMT server ESF date Wed, 17 Feb 2021 12:43:06 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 17 Feb 2021 12:43:06 GMT
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame A93B	12 KB 12 KB	180ms 58ms	Image image/png	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51807/creativesup/Sparnet-SE-Image%201-%201200%20x%20627%20Pixel.jpg Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request_content.php?s=12872700133153000044682011508014&a=867e1f2f Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash cadaa4469f66b4ee692093ac402cb68349af1c5bc0bf0a691c303ea7f5f17f97 Request headers Referer https://hal900014.redintelligence.net/request_content.php?s=12872700133153000044682011508014&a=867e1f2f User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 12140 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame A93B	13 KB 13 KB	180ms 59ms	Image image/png	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53597/creativesup/Native1-1200x627.jpg Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request_content.php?s=12872700133153000044682011508014&a=867e1f2f Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash 1e060fea2fd71a15005d9e1e18a6b6ebb34ca381e0080c8ac551ccb848edd84a Request headers Referer https://hal900014.redintelligence.net/request_content.php?s=12872700133153000044682011508014&a=867e1f2f User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 13535 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame A93B	16 KB 16 KB	185ms 63ms	Image image/png	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55313/creativesup/native_1200x627.jpg Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request_content.php?s=12872700133153000044682011508014&a=867e1f2f Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash 671bc1b20c98ed435b9a03fc1bbb06fdfc7c296d60b4c6a541c64b85df573f11 Request headers Referer https://hal900014.redintelligence.net/request_content.php?s=12872700133153000044682011508014&a=867e1f2f User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 15842 Vary Accept-Encoding Content-Type image/png
GET H2	200	css fonts.googleapis.com/ Frame 9A6E	1 KB 504 B	17ms 12ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Titillium+Web:400,700 Requested by Host: hal90009.redintelligence.net URL: https://hal90009.redintelligence.net/request_content.php?s=57254600136788100044684011508009&a=431208d3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f4127355ac290363de8507cea422bf5505963d5334ff120e908bc21b35df1287 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://hal90009.redintelligence.net/request_content.php?s=57254600136788100044684011508009&a=431208d3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 17 Feb 2021 11:40:00 GMT server ESF date Wed, 17 Feb 2021 12:43:06 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 17 Feb 2021 12:43:06 GMT
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 9A6E	12 KB 12 KB	176ms 59ms	Image image/png	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51807/creativesup/Sparnet-SE-Image%201-%201200%20x%20627%20Pixel.jpg Requested by Host: hal90009.redintelligence.net URL: https://hal90009.redintelligence.net/request_content.php?s=57254600136788100044684011508009&a=431208d3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash cadaa4469f66b4ee692093ac402cb68349af1c5bc0bf0a691c303ea7f5f17f97 Request headers Referer https://hal90009.redintelligence.net/request_content.php?s=57254600136788100044684011508009&a=431208d3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 12140 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 9A6E	13 KB 13 KB	178ms 60ms	Image image/png	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53597/creativesup/Native1-1200x627.jpg Requested by Host: hal90009.redintelligence.net URL: https://hal90009.redintelligence.net/request_content.php?s=57254600136788100044684011508009&a=431208d3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash 1e060fea2fd71a15005d9e1e18a6b6ebb34ca381e0080c8ac551ccb848edd84a Request headers Referer https://hal90009.redintelligence.net/request_content.php?s=57254600136788100044684011508009&a=431208d3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 13535 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 9A6E	16 KB 16 KB	185ms 62ms	Image image/png	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55313/creativesup/native_1200x627.jpg Requested by Host: hal90009.redintelligence.net URL: https://hal90009.redintelligence.net/request_content.php?s=57254600136788100044684011508009&a=431208d3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash 671bc1b20c98ed435b9a03fc1bbb06fdfc7c296d60b4c6a541c64b85df573f11 Request headers Referer https://hal90009.redintelligence.net/request_content.php?s=57254600136788100044684011508009&a=431208d3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 15842 Vary Accept-Encoding Content-Type image/png
GET H2	200	css fonts.googleapis.com/ Frame D7CA	4 KB 736 B	28ms 25ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Requested by Host: hal900021.redintelligence.net URL: https://hal900021.redintelligence.net/request_content.php?s=50277100117794100044682011508021&a=3007a133 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0e203332bdb8a0c387ae96935481aee57996419bc60598b9162b841d7bbd9ac0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://hal900021.redintelligence.net/request_content.php?s=50277100117794100044682011508021&a=3007a133 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 17 Feb 2021 12:27:14 GMT server ESF date Wed, 17 Feb 2021 12:43:06 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 17 Feb 2021 12:43:06 GMT
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame D7CA	12 KB 12 KB	354ms 58ms	Image image/png	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51807/creativesup/Sparnet-SE-Image%201-%201200%20x%20627%20Pixel.jpg Requested by Host: hal900021.redintelligence.net URL: https://hal900021.redintelligence.net/request_content.php?s=50277100117794100044682011508021&a=3007a133 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash cadaa4469f66b4ee692093ac402cb68349af1c5bc0bf0a691c303ea7f5f17f97 Request headers Referer https://hal900021.redintelligence.net/request_content.php?s=50277100117794100044682011508021&a=3007a133 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 12140 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame D7CA	13 KB 13 KB	362ms 61ms	Image image/png	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53597/creativesup/Native1-1200x627.jpg Requested by Host: hal900021.redintelligence.net URL: https://hal900021.redintelligence.net/request_content.php?s=50277100117794100044682011508021&a=3007a133 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash 1e060fea2fd71a15005d9e1e18a6b6ebb34ca381e0080c8ac551ccb848edd84a Request headers Referer https://hal900021.redintelligence.net/request_content.php?s=50277100117794100044682011508021&a=3007a133 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 13535 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame D7CA	16 KB 16 KB	386ms 61ms	Image image/png	46.4.10.47 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55313/creativesup/native_1200x627.jpg Requested by Host: hal900021.redintelligence.net URL: https://hal900021.redintelligence.net/request_content.php?s=50277100117794100044682011508021&a=3007a133 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.10.4.46.clients.your-server.de Software Apache / Resource Hash 671bc1b20c98ed435b9a03fc1bbb06fdfc7c296d60b4c6a541c64b85df573f11 Request headers Referer https://hal900021.redintelligence.net/request_content.php?s=50277100117794100044682011508021&a=3007a133 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:07 GMT Content-Encoding gzip Server Apache Connection close Content-Length 15842 Vary Accept-Encoding Content-Type image/png
GET		/ google2waycm.netmng.com/cm/ Frame 660A	0 0
GET H2	200	dpixel cms.quantserve.com/ Frame 660A	35 B 463 B	37ms 9ms	Image image/gif	2620:116:800d:21:8c6e:cf2c:8d6:9fb5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBYx-GaU0T1-JL1F4lTxlRc&google_cver=1&google_push=AQvitUJiVEWEY8yXyxX_M92ACV3N76DjALNSb23GKx94ERGlEF3_NYvqtMq0ETJv_BQh9I3mdY5H05ixS64hRCsMpzPClescfsAX Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	204	current dclk-match.dotomi.com/match/bounce/ Frame 660A	0 104 B	102ms 67ms	Image text/plain	2a02:fa8:8806:20::2040 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBOGhbMruv7h4SgpRSCE7FE&google_cver=1&google_push=AQvitUI9aGDhFncbXcU273Si6SDPxZeFBlk0e0ceHUqPAZeqMtKE7W7tYTa16Q_ZDqpOFEWklLxIE2EnrzZ_xOrLee-maeczcb-Y Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame 660A Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELMKxa3gf4S1TWs47K4hZRc&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELMKxa3gf4S1TWs47K4hZRc&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjBhYTU5ekkxTGNtYUM1&google_gid=CAESELMKxa3gf4S1TWs47K4hZRc&google_cver=1&google_push=AQvitUJCC-DyEwC7N5vY3jH1pF5uy8ZSZTv6s00ZBBCWbfN...	170 B 190 B	16ms 15ms	Image image/png	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjBhYTU5ekkxTGNtYUM1&google_gid=CAESELMKxa3gf4S1TWs47K4hZRc&google_cver=1&google_push=AQvitUJCC-DyEwC7N5vY3jH1pF5uy8ZSZTv6s00ZBBCWbfNGzqU3nTRRiRBkze3hVnj6eU6oInolHIti_pIpdb2YbNJlPsc8RmYw Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 17 Feb 2021 12:43:06 GMT Server PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0047f8acf6307f30d@eu-central-1a@dxedge-app-eu-central-1-prod-asg P3P policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI" Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjBhYTU5ekkxTGNtYUM1&google_gid=CAESELMKxa3gf4S1TWs47K4hZRc&google_cver=1&google_push=AQvitUJCC-DyEwC7N5vY3jH1pF5uy8ZSZTv6s00ZBBCWbfNGzqU3nTRRiRBkze3hVnj6eU6oInolHIti_pIpdb2YbNJlPsc8RmYw Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame 660A Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEAYGNu2obJAAg0R7MbIcKqg&google_cver=1&google_push=AQvitUKCWsOpDC6_KZs6WvCVA9yGYV2BUL-lhVXtxy_EFsxaUVsnRs2ZxCW4nhUJ4lsyM27gfe4OqkXzQdQHFpoh... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5S9yY698Rzi1b2Mvuvcbpw2&google_push=AQvitUKCWsOpDC6_KZs6WvCVA9yGYV2BUL-lhVXtxy_EFsxaUVsnRs2ZxCW4nhUJ4lsyM27gfe4OqkXzQdQHFpoh341jwOnSajrD https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5S9yY698Rzi1b2Mvuvcbpw2&google_push=AQvitUKCWsOpDC6_KZs6WvCVA9yGYV2BUL-lhVXtxy_EFsxaUVsnRs2ZxCW4nhUJ4lsyM27gfe4OqkXzQdQHFpoh341jwOnSajrD&g...	170 B 232 B	16ms 16ms	Image image/png	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5S9yY698Rzi1b2Mvuvcbpw2&google_push=AQvitUKCWsOpDC6_KZs6WvCVA9yGYV2BUL-lhVXtxy_EFsxaUVsnRs2ZxCW4nhUJ4lsyM27gfe4OqkXzQdQHFpoh341jwOnSajrD&google_tc= Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5S9yY698Rzi1b2Mvuvcbpw2&google_push=AQvitUKCWsOpDC6_KZs6WvCVA9yGYV2BUL-lhVXtxy_EFsxaUVsnRs2ZxCW4nhUJ4lsyM27gfe4OqkXzQdQHFpoh341jwOnSajrD&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 415 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame 660A Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELs24thbCtpDoyBaS4GwaSo&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELs24thbCtpDoyBaS4GwaSo&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YC0PXQGlxuayMTM1vQObQAAAByUAAAIB&google_gid=CAESELs24thbCtpDoyBaS4GwaSo&google_cver=1&google_push=AQvitUJDrHGq6gBlIEcTFUUirzQuh7nH2n0f-...	170 B 213 B	17ms 17ms	Image image/png	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YC0PXQGlxuayMTM1vQObQAAAByUAAAIB&google_gid=CAESELs24thbCtpDoyBaS4GwaSo&google_cver=1&google_push=AQvitUJDrHGq6gBlIEcTFUUirzQuh7nH2n0f-e5Cj6ENOYphosfJixOvVCepRKBsBEbGWFjKK6La-pVZiZLT06ZErNKptQb0P_A Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:10 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 17 Feb 2021 12:43:09 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YC0PXQGlxuayMTM1vQObQAAAByUAAAIB&google_gid=CAESELs24thbCtpDoyBaS4GwaSo&google_cver=1&google_push=AQvitUJDrHGq6gBlIEcTFUUirzQuh7nH2n0f-e5Cj6ENOYphosfJixOvVCepRKBsBEbGWFjKK6La-pVZiZLT06ZErNKptQb0P_A Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 459 Expires Wed, 17 Feb 2021 12:43:09 GMT
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame 660A Redirect Chain https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELBMe6NTcHIloon6_DyHW94&google_cver=1&google_push=AQvitUI6-fIc6q8LF4UWP5m0Y4eouAHR8FGVap4JIad_xjK9EUJP4zve... https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELBMe6NTcHIloon6_DyHW94&google_cver=1&google_push=AQvitUI6-fIc6q8LF4UWP5m0Y4eouAHR8FGVap4JIad_xjK9EUJP4zve... https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELBMe6NTcHIloon6_DyHW94&google_cver=1&google_push=AQvitUI6-fIc6q8LF4UWP5m0Y4eouAHR8FGVap4JIad_xjK9EUJP4z... https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELBMe6NTcHIloon6_DyHW94&google_cver=1&google_push=AQvitUI6-fIc6q8LF4UWP5m0Y4eouAHR8FGVap4JIad_xjK9EUJP4z... https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhZWYxYmJiNC03MTFkLTExZWItYWI3My0wNmZkY2RhZDU2OTA%3D&google_push=AQvitUI6-fIc6q8LF4UWP5m0Y4eouAHR8FGVap4JIad_xjK9EUJP4zveEs8xFViPjg...	170 B 213 B	16ms 15ms	Image image/png	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhZWYxYmJiNC03MTFkLTExZWItYWI3My0wNmZkY2RhZDU2OTA%3D&google_push=AQvitUI6-fIc6q8LF4UWP5m0Y4eouAHR8FGVap4JIad_xjK9EUJP4zveEs8xFViPjgfiKhW9MvxX1s_772TgGnZiuPfM0RqpVee31A Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:07 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Wed, 17 Feb 2021 12:43:07 GMT Server ATS/7.1.2.128 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhZWYxYmJiNC03MTFkLTExZWItYWI3My0wNmZkY2RhZDU2OTA%3D&google_push=AQvitUI6-fIc6q8LF4UWP5m0Y4eouAHR8FGVap4JIad_xjK9EUJP4zveEs8xFViPjgfiKhW9MvxX1s_772TgGnZiuPfM0RqpVee31A Connection keep-alive Content-Length 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 660A	0 50 B	71ms 69ms	Image text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ID0ldiVZrDEbir2U1x_-EVuq2vpzUeYfo6Pzk9q21a3XsOhzDygoJQ11-dL4acQXnREHckkQ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT server HTTP server (unknown) alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET		/ google2waycm.netmng.com/cm/ Frame CD18	0 0
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame CD18 Redirect Chain https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHtN-EW6h_sPAdMDn4t_XCQ&google_cver=1&google_push=AQvitULoX5G4iOhw6K1a-aBSE1SAxF_l_FACWb14i-bOEZ7pEA5E_3t9OOBlW7epl5A8CvcaKq6UH33... https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitULoX5G4iOhw6K1a-aBSE1SAxF_l_FACWb14i-bOEZ7pEA5E_3t9OOBlW7epl5A8CvcaKq6UH33_wmlWPP1-3tZezI3IECco&google_sc&googl...	170 B 190 B	18ms 18ms	Image image/png	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitULoX5G4iOhw6K1a-aBSE1SAxF_l_FACWb14i-bOEZ7pEA5E_3t9OOBlW7epl5A8CvcaKq6UH33_wmlWPP1-3tZezI3IECco&google_sc&google_hm=EBAQEA Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" location https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitULoX5G4iOhw6K1a-aBSE1SAxF_l_FACWb14i-bOEZ7pEA5E_3t9OOBlW7epl5A8CvcaKq6UH33_wmlWPP1-3tZezI3IECco&google_sc&google_hm=EBAQEA cache-control max-age=0,no-cache,no-store content-length 0 expires Tue, 11 Oct 1977 12:34:56 GMT
GET H2	204	AdxPixel tr.blismedia.com/v1/api/sync/ Frame CD18	0 136 B	129ms 60ms	Image text/plain	34.96.105.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEHOq7MsTCuI2llDvv597VVA&google_cver=1&google_push=AQvitUK0uNlI1pUEvvcmfHIPCN7tukBj5ZXCvZVnrMZLtb2YoxJg0zeYivermU1NsUiVvX1X-zNVB0v3BNb3nggJWBwXMlwauGWH7w Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.105.96.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT via 1.1 google alt-svc clear
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame CD18 Redirect Chain https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECccxVuydwdHplmqdjvJtxQ&google_cver=1&google_push=AQvitUJqbPiF3p571IxAwIcXtqtEJUbPa3-pUK-Ehz8NaTti3AApePU__z3SccHf50d6we-cSea12gMRK384bWZMSIOe... https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECccxVuydwdHplmqdjvJtxQ&google_cver=1&google_push=AQvitUJqbPiF3p571IxAwIcXtqtEJUbPa3-pUK-Ehz8NaTti3AApePU__z3SccHf50d6we-cSea12gMRK384bW... https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJqbPiF3p571IxAwIcXtqtEJUbPa3-pUK-Ehz8NaTti3AApePU__z3SccHf50d6we-cSea12gMRK384bWZMSIOeiy6r7j9Osg&google_hm=mshb6sPDT0qywOgbaAJBvw==	170 B 190 B	20ms 17ms	Image image/png	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJqbPiF3p571IxAwIcXtqtEJUbPa3-pUK-Ehz8NaTti3AApePU__z3SccHf50d6we-cSea12gMRK384bWZMSIOeiy6r7j9Osg&google_hm=mshb6sPDT0qywOgbaAJBvw== Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJqbPiF3p571IxAwIcXtqtEJUbPa3-pUK-Ehz8NaTti3AApePU__z3SccHf50d6we-cSea12gMRK384bWZMSIOeiy6r7j9Osg&google_hm=mshb6sPDT0qywOgbaAJBvw== date Wed, 17 Feb 2021 12:43:06 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame CD18 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEIOlxYsvEb7BU0mkbgD7A8&google_cver=1&google_push=AQvitULc7rC7FWVaBh8SfRYABRJTB8T-AY9vDWnJkJYkZqewB8JbM5F6LwaPVQTN17mBk_e65y6iCATy... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEIOlxYsvEb7BU0mkbgD7A8&google_cver=1&google_push=AQvitULc7rC7FWVaBh8SfRYABRJTB8T-AY9vDWnJkJYkZqewB8JbM5F6LwaPVQTN17mBk_e65y6... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxMzk4MjIxNzM3MjAxNDc5OA&google_push=AQvitULc7rC7FWVaBh8SfRYABRJTB8T-AY9vDWnJkJYkZqewB8JbM5F6LwaPVQTN17mBk_e65y6iCA...	170 B 190 B	17ms 16ms	Image image/png	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxMzk4MjIxNzM3MjAxNDc5OA&google_push=AQvitULc7rC7FWVaBh8SfRYABRJTB8T-AY9vDWnJkJYkZqewB8JbM5F6LwaPVQTN17mBk_e65y6iCATyX3aqiRq2F295Q5MAMlRxtg Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT server nginx location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAxMzk4MjIxNzM3MjAxNDc5OA&google_push=AQvitULc7rC7FWVaBh8SfRYABRJTB8T-AY9vDWnJkJYkZqewB8JbM5F6LwaPVQTN17mBk_e65y6iCATyX3aqiRq2F295Q5MAMlRxtg strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform content-length 0 expires -1
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame CD18 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j1xNGrPQTwiBI9pU-rjaSw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 190 B	16ms 15ms	Image image/png	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j1xNGrPQTwiBI9pU-rjaSw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIYavlVXGu50tDGx4FvqvYDhJdejoQhlLUKt9j9QMcC00xk2Z50393SI-1UQRrfrsRDQdcGkhhhskb9cCM1adykON1cYsrLMQ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j1xNGrPQTwiBI9pU-rjaSw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIYavlVXGu50tDGx4FvqvYDhJdejoQhlLUKt9j9QMcC00xk2Z50393SI-1UQRrfrsRDQdcGkhhhskb9cCM1adykON1cYsrLMQ Date Wed, 17 Feb 2021 12:43:06 GMT P3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Content-Length 0 Content-Type text/html; charset=UTF-8
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame CD18 Redirect Chain https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIQ2o3AhJNrYUMdC0mALlFE&google_cver=1&google_push=AQvitUI8Ung6Zq_yyS396o958LMnHVzl6Ky3GSBoVJt6gd9PcmHJNlJXqQwEllHbyw0PoztWIywwYN... https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUI8Ung6Zq_yyS396o958LMnHVzl6Ky3GSBoVJt6gd9PcmHJNlJXqQwEllHbyw0PoztWIywwYNh2UUmUvAEqqUAjur8LCKiKBw&google_hm=MzA2MTcy...	170 B 190 B	17ms 16ms	Image image/png	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUI8Ung6Zq_yyS396o958LMnHVzl6Ky3GSBoVJt6gd9PcmHJNlJXqQwEllHbyw0PoztWIywwYNh2UUmUvAEqqUAjur8LCKiKBw&google_hm=MzA2MTcyNjE0OTMwODk4MDE0MA%3D%3D Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUI8Ung6Zq_yyS396o958LMnHVzl6Ky3GSBoVJt6gd9PcmHJNlJXqQwEllHbyw0PoztWIywwYNh2UUmUvAEqqUAjur8LCKiKBw&google_hm=MzA2MTcyNjE0OTMwODk4MDE0MA%3D%3D date Wed, 17 Feb 2021 12:43:06 GMT content-length 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame CD18	0 49 B	70ms 67ms	Image text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8CCPdShxwED64cxPkJhLndQLebWRF1QFa73fxFLHOFUrMdeuWMVLzLjBcJLF-qUofjiFR Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT server HTTP server (unknown) alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET		/ google2waycm.netmng.com/cm/ Frame 65BA	0 0
GET H2	200	dpixel cms.quantserve.com/ Frame 65BA	35 B 462 B	23ms 9ms	Image image/gif	2620:116:800d:21:8c6e:cf2c:8d6:9fb5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBYx-GaU0T1-JL1F4lTxlRc&google_cver=1&google_push=AQvitULJYG6N0Hm9RP5OJP_QFucS9F1jNKUN_Eedn5KXA5I30sJh3bZ1RpfjvSxJGci4N6D5opTl0MsvBzmgp09dEGW50XEW2ZwO Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame 65BA Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJ0fUG62FxCHpLZDYUjy9uM&google_cver=1&google_push=AQvitUI5jRGnW6577fPDEQq01pNYtQkDcAk3ViH6fdF4O5OKm9NpzeDJxA0zYEgnUfFTZnCOgM57_rwgVPsIt_M8... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUI5jRGnW6577fPDEQq01pNYtQkDcAk3ViH6fdF4O5OKm9NpzeDJxA0zYEgnUfFTZnCOgM57_rwgVPsIt_M892Vjeg4f8H9b	170 B 190 B	17ms 16ms	Image image/png	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUI5jRGnW6577fPDEQq01pNYtQkDcAk3ViH6fdF4O5OKm9NpzeDJxA0zYEgnUfFTZnCOgM57_rwgVPsIt_M892Vjeg4f8H9b Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Wed, 17 Feb 2021 12:43:06 GMT Server MT3 3518 2f03077 master zrh-pixel-x12 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUI5jRGnW6577fPDEQq01pNYtQkDcAk3ViH6fdF4O5OKm9NpzeDJxA0zYEgnUfFTZnCOgM57_rwgVPsIt_M892Vjeg4f8H9b Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Wed, 17 Feb 2021 12:43:05 GMT
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame 65BA Redirect Chain https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEFA9tbrgDjomS5HhmVYOOHM&google_cver=1&google_push=AQvitULZdQH5EWwcsBIPlBbjLXLrZh3PAKI1gztc2fVLF7Ydxt6fG7fDeo7YW... https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEFA9tbrgDjomS5HhmVYOOHM&google_cver=1&google_push=AQvitULZdQH5EWwcsBIPlBbjLXLrZh3PAKI1gztc2fVLF7Ydxt6fG7fDeo7YW... https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=FmEhOA2dTHjH50FoyRVGpg&google_push=AQvitULZdQH5EWwcsBIPlBbjLXLrZh3PAKI1gztc2fVLF7Ydxt6fG7fDeo7YWvaZiG0C5Nhv4p2sIp0Pw...	170 B 190 B	16ms 15ms	Image image/png	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=FmEhOA2dTHjH50FoyRVGpg&google_push=AQvitULZdQH5EWwcsBIPlBbjLXLrZh3PAKI1gztc2fVLF7Ydxt6fG7fDeo7YWvaZiG0C5Nhv4p2sIp0PwflMCI6oW76y8Yw2y4M Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=FmEhOA2dTHjH50FoyRVGpg&google_push=AQvitULZdQH5EWwcsBIPlBbjLXLrZh3PAKI1gztc2fVLF7Ydxt6fG7fDeo7YWvaZiG0C5Nhv4p2sIp0PwflMCI6oW76y8Yw2y4M Date Wed, 17 Feb 2021 12:43:06 GMT Server nginx Connection keep-alive Content-Type text/plain; charset=utf-8 Content-Length 237 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	dot.gif s0.2mdn.net/ Frame 65BA	43 B 396 B	44ms 13ms	Image image/gif	2a00:1450:4001:812::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif?google_gid=CAESEHdvspJs7A6v_-DarV8F59Y&google_cver=1&google_push=AQvitUIn_A5k-rmTvBp7c9odxqKpUQ6vAjlmP-DUsgiV33f0rU6kVoA7uMa8iBMAx5j6N8ulV6vjyKoUTxWvU6x3JR9uoxHoECuJ Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT x-content-type-options nosniff last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 x-xss-protection 0 expires Thu, 18 Feb 2021 12:43:06 GMT
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame 65BA Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESELaO1v5u7--P-qXAM4pHnuI&google_cver=1&google_push=AQvitULb8tC93a1d4F_-XXZWeikvicanqCejz_vPoIutpnl2UssjMiwGYj3X3C3Nbi-QK1CPViAMmwghfMpfhaEBwk-pifSmt3w https://rtb.openx.net/sync/dds?google_gid=CAESELaO1v5u7--P-qXAM4pHnuI&google_cver=1&google_push=AQvitULb8tC93a1d4F_-XXZWeikvicanqCejz_vPoIutpnl2UssjMiwGYj3X3C3Nbi-QK1CPViAMmwghfMpfhaEBwk-pifSmt3w&o... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULb8tC93a1d4F_-XXZWeikvicanqCejz_vPoIutpnl2UssjMiwGYj3X3C3Nbi-QK1CPViAMmwghfMpfhaEBwk-pifSmt3w&google_hm=rr2o6Td9wgksDqZRoG1fnw==	170 B 190 B	16ms 16ms	Image image/png	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULb8tC93a1d4F_-XXZWeikvicanqCejz_vPoIutpnl2UssjMiwGYj3X3C3Nbi-QK1CPViAMmwghfMpfhaEBwk-pifSmt3w&google_hm=rr2o6Td9wgksDqZRoG1fnw== Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 17 Feb 2021 12:43:06 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULb8tC93a1d4F_-XXZWeikvicanqCejz_vPoIutpnl2UssjMiwGYj3X3C3Nbi-QK1CPViAMmwghfMpfhaEBwk-pifSmt3w&google_hm=rr2o6Td9wgksDqZRoG1fnw== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id 5tmlhlj9jgovejeqfa0urptlos1iq9tn
GET H3-Q050	200	pixel cm.g.doubleclick.net/ Frame 65BA Redirect Chain https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK... https://sync.targeting.unrulymedia.com/csync/RX-c4c56fa7-98e4-438f-b852-8893532636c1-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUKxRbuxA7-UvLPbMZ09c... https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKxRbuxA7-UvLPbMZ09cvfYhUZoJAB816yZZfZ7DzaRJNgrCfD9laoUP6NzpDd7I7clMm4BMzkWayDINw4Lry6vJUKrrPM&google_hm=A8TFb6eY5EOPuFKIk1MmNsE	170 B 190 B	18ms 18ms	Image image/png	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKxRbuxA7-UvLPbMZ09cvfYhUZoJAB816yZZfZ7DzaRJNgrCfD9laoUP6NzpDd7I7clMm4BMzkWayDINw4Lry6vJUKrrPM&google_hm=A8TFb6eY5EOPuFKIk1MmNsE Requested by Host: www.courttv.com URL: https://www.courttv.com/mystery/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:07 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Wed, 17 Feb 2021 12:43:07 GMT Server Tengine ETag RXc4c56fa798e4438fb8528893532636c1003 Transfer-Encoding chunked P3P CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Location https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKxRbuxA7-UvLPbMZ09cvfYhUZoJAB816yZZfZ7DzaRJNgrCfD9laoUP6NzpDd7I7clMm4BMzkWayDINw4Lry6vJUKrrPM&google_hm=A8TFb6eY5EOPuFKIk1MmNsE Connection keep-alive Content-Type text/html
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 65BA	0 40 B	72ms 69ms	Image text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J7uD1F4rD8dwDqZwKJpzruwZP4l0g-tsXOHw-Bpap2uwM8Cbfav2boJUs0f7QCzYj4o-6S Requested by Host: 0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com URL: https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:06 GMT server HTTP server (unknown) alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H/1.1	200 OK	viewability Show response hal900014.redintelligence.net/ Frame A93B	0 150 B	205ms 68ms	Script text/html	176.9.26.250 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900014.redintelligence.net/viewability?s=12872700133153000044682011508014&a=4dbffa4f&vb=m Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request_content.php?s=12872700133153000044682011508014&a=867e1f2f Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.250.26.9.176.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hal900014.redintelligence.net/request_content.php?s=12872700133153000044682011508014&a=867e1f2f User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:06 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2 fonts.gstatic.com/s/sourcesanspro/v14/ Frame A93B	13 KB 13 KB	8ms 6ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://hal900014.redintelligence.net Referer https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 19:24:48 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:12:16 GMT server sffe age 321498 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13108 x-xss-protection 0 expires Sun, 13 Feb 2022 19:24:48 GMT
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2 fonts.gstatic.com/s/sourcesanspro/v14/ Frame A93B	13 KB 13 KB	9ms 7ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://hal900014.redintelligence.net Referer https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 05:54:32 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:14 GMT server sffe age 110914 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13324 x-xss-protection 0 expires Wed, 16 Feb 2022 05:54:32 GMT
GET H/1.1	200 OK	viewability Show response hal90009.redintelligence.net/ Frame 9A6E	0 150 B	207ms 72ms	Script text/html	138.201.63.149 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90009.redintelligence.net/viewability?s=57254600136788100044684011508009&a=cccf09be&vb=m Requested by Host: hal90009.redintelligence.net URL: https://hal90009.redintelligence.net/request_content.php?s=57254600136788100044684011508009&a=431208d3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.149 Ketsch, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.149.63.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hal90009.redintelligence.net/request_content.php?s=57254600136788100044684011508009&a=431208d3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:06 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	viewability Show response hal900021.redintelligence.net/ Frame D7CA	0 150 B	209ms 71ms	Script text/html	138.201.84.253 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900021.redintelligence.net/viewability?s=50277100117794100044682011508021&a=347f0536&vb=m Requested by Host: hal900021.redintelligence.net URL: https://hal900021.redintelligence.net/request_content.php?s=50277100117794100044682011508021&a=3007a133 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.84.253 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.253.84.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hal900021.redintelligence.net/request_content.php?s=50277100117794100044682011508021&a=3007a133 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:06 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H3-Q050	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2 fonts.gstatic.com/s/sourcesanspro/v14/ Frame D7CA	13 KB 13 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://hal900021.redintelligence.net Referer https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 19:24:48 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:12:16 GMT server sffe age 321498 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13108 x-xss-protection 0 expires Sun, 13 Feb 2022 19:24:48 GMT
GET H3-Q050	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2 fonts.gstatic.com/s/sourcesanspro/v14/ Frame D7CA	13 KB 13 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://hal900021.redintelligence.net Referer https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 16 Feb 2021 05:54:32 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:14 GMT server sffe age 110914 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13324 x-xss-protection 0 expires Wed, 16 Feb 2022 05:54:32 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 5A4C	42 B 747 B	61ms 41ms	Fetch image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstweQ5EvCxUDuXgYNGFr3ZQn-p_JU7g5PuGBwB_fq31qr2TMZkO_wnrX2kk3lw80J4WtQTogo2i7dgYhTWMlvIiZ42V0uBhVoasRC2Az5Md-N69&sai=AMfl-YQJY7GuTM_P5PIrgs88eUJyDldArRR62mDxDXN6AB5guJHja1d2lwzWcqNG7hUsigBKJTZizMt0W7o5xOGYbMqCTjaKauebSFvTByHjNgTV5kTTvu5SEqmp2oea&sig=Cg0ArKJSzN1Jt2wXVDUDEAE&cid=CAASEuRoGQZJPRKNz6Csnl4frtvtYg&id=osdim&mcvt=1001&p=1048,1022,1302,1322&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20210212&bin=7&avms=nio&bs=0,0&mc=0.6&if=1&app=0&itpl=20&adk=1797937698&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613565784254&dlt=75&rpt=2193&isd=0&msd=0&r=v&uup=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://0cac0617d1153662f766987de3fa71dd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	viewability Show response hal900021.redintelligence.net/ Frame D7CA	0 150 B	205ms 69ms	Script text/html	138.201.84.253 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900021.redintelligence.net/viewability?s=50277100117794100044682011508021&a=347f0536&vb=v Requested by Host: hal900021.redintelligence.net URL: https://hal900021.redintelligence.net/request_content.php?s=50277100117794100044682011508021&a=3007a133 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.84.253 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.253.84.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hal900021.redintelligence.net/request_content.php?s=50277100117794100044682011508021&a=3007a133 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:07 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H2	200	vtt.global.min.js Show response vjs.zencdn.net/vttjs/0.12.5/ Frame 0D77	20 KB 7 KB	22ms 6ms	Script application/javascript	2a04:4e42:1b::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:09 GMT content-encoding gzip last-modified Thu, 31 Aug 2017 21:04:55 GMT etag "f30dac97e5c2aaa10a7695b93cc66699" x-served-by cache-hhn4052-HHN vary Accept-Encoding x-cache HIT content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 7231 x-cache-hits 168453
OPTIONS H/1.1	200 Unknown Error	6220064357001 edge.api.brightcove.com/playback/v1/accounts/6009760719001/videos/ Frame	0 0	202ms 95ms	Other	65.9.98.193 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://edge.api.brightcove.com/playback/v1/accounts/6009760719001/videos/6220064357001 Protocol HTTP/1.1 Server 65.9.98.193 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Varnish / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers accept Origin https://players.brightcove.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Length 0 Connection keep-alive Server Varnish Retry-After 0 access-control-max-age 86400 Accept-Ranges bytes Date Wed, 17 Feb 2021 12:43:09 GMT Via 1.1 varnish, 1.1 a198ea04052d45eb515f27260bc6c05d.cloudfront.net (CloudFront) X-Served-By cache-hhn4065-HHN X-Cache-Hits 0 X-Timer S1613565789.273846,VS0,VE0 BCOV-Debug-Cache-Stats unknown BCOV-instance unknown Access-Control-Allow-Origin * Access-Control-Expose-Headers cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction Access-Control-Allow-Headers content-type,accept,accept-language,content-language,bcov-policy,soapaction Access-Control-Allow-Methods HEAD,GET,OPTIONS Cache-Control max-age=0, no-cache, no-store X-Cache Miss from cloudfront X-Amz-Cf-Pop PRG50-C1 X-Amz-Cf-Id xERSLBzBrFnFKl6TkdppE2XP-NUS12-XKG1n7KL8bOQ1xAB1blJfZA==
GET DATA	200 OK	truncated / Frame 0D77	4 KB 4 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308 Request headers Origin https://players.brightcove.net Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H/1.1	200 OK	6220064357001 Show response edge.api.brightcove.com/playback/v1/accounts/6009760719001/videos/ Frame 0D77	4 KB 5 KB	200ms 200ms	XHR application/json	65.9.98.193 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://edge.api.brightcove.com/playback/v1/accounts/6009760719001/videos/6220064357001 Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.98.193 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash ac4b0aa03b3a3de3e0412c907edd25f52efd831ad7e6de828bbf1e35eb9acb13 Request headers Accept application/json;pk=BCpkADawqM1bgG6w7OpKf4a_oeu44xsEj1hdC9EYbj3knqE9R8timP-OFn4i6YS2SWa8rFG2m1bZL8VE_f6IPvC30A8LXtc8CpCkHjRkiGdfKT_VWv0b0yjwLDT-io7ybg-sexerYP1nbZDT Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:09 GMT Powered-From eu-central-1b Bcov-Request-Id cc97dbd8-c697-4938-b6fe-c2cb52729a07 Age 0 Policy-Key-Accountid 6009760719001 X-Cache Miss from cloudfront Connection keep-alive Powered-By BC Content-Length 3603 Via 1.1 varnish, 1.1 a198ea04052d45eb515f27260bc6c05d.cloudfront.net (CloudFront) X-Served-By cache-hhn4030-HHN BCOV-instance unknown Policy-Key-Raw BCpkADawqM1bgG6w7OpKf4a_oeu44xsEj1hdC9EYbj3knqE9R8timP-OFn4i6YS2SWa8rFG2m1bZL8VE_f6IPvC30A8LXtc8CpCkHjRkiGdfKT_VWv0b0yjwLDT-io7ybg-sexerYP1nbZDT X-Timer S1613565789.375167,VS0,VE98 Access-Control-Allow-Methods HEAD,GET,OPTIONS Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction Cache-Control max-age=0, no-cache, no-store Account-Status APPROVED BCOV-Debug-Cache-Stats unknown X-Amz-Cf-Pop PRG50-C1 Accept-Ranges bytes Access-Control-Allow-Headers content-type,accept,accept-language,content-language,bcov-policy,soapaction X-Amz-Cf-Id 4VJGJATx9oujjs3hUgSy0uiaIBhiphC_zXUk_oSK_ql7QIDE9DZUXQ== X-Cache-Hits 0
GET H2	200	tracker metrics.brightcove.com/v2/ Frame 0D77	35 B 175 B	135ms 65ms	Image image/gif	35.244.232.184 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=23ae04e8620b7e04f8066d3&account=6009760719001&destination=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&platform_version=6.48.5&player=players.brightcove.com%2F6009760719001%2FZMxpke9Sz_default&player_name=Court%20TV%20Mystery%20&event=player_init&time=1613565789095&seq=0 Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 184.232.244.35.bc.googleusercontent.com Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=300; includeSubDomains via 1.1 google date Wed, 17 Feb 2021 12:43:09 GMT cache-control must-revalidate,no-cache,no-store alt-svc clear content-length 35 content-type image/gif
GET H2	200	tracker metrics.brightcove.com/v2/ Frame 0D77	35 B 94 B	136ms 65ms	Image image/gif	35.244.232.184 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=23ae04e8620b7e04f8066d3&account=6009760719001&destination=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&platform_version=6.48.5&player=players.brightcove.com%2F6009760719001%2FZMxpke9Sz_default&player_name=Court%20TV%20Mystery%20&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F6009760719001%2Fvideos%2F6220064357001&time=1613565789097&seq=1 Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 184.232.244.35.bc.googleusercontent.com Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=300; includeSubDomains via 1.1 google date Wed, 17 Feb 2021 12:43:09 GMT cache-control must-revalidate,no-cache,no-store alt-svc clear content-length 35 content-type image/gif
GET BLOB	206 Partial Content	d2883201-6bca-49f6-b639-081d22c05453 https://players.brightcove.net/ Frame 0D77	1 KB 0		Media video/mp4
General Check archive.org Show headers Download Go to Full URL blob:https://players.brightcove.net/d2883201-6bca-49f6-b639-081d22c05453 Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda Request headers Referer Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-1492/1493 Content-Length 1493 Content-Type video/mp4
GET BLOB	206 Partial Content	c89f5b63-1536-4447-a8a6-50e534cf9a4c https://players.brightcove.net/ Frame 0D77	1 KB 0		Media video/mp4
General Check archive.org Show headers Download Go to Full URL blob:https://players.brightcove.net/c89f5b63-1536-4447-a8a6-50e534cf9a4c Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda Request headers Referer Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-1492/1493 Content-Length 1493 Content-Type video/mp4
GET BLOB	206 Partial Content	37319660-eebd-4138-b06b-ec2d7fa4b891 https://players.brightcove.net/ Frame 0D77	1 KB 0		Media video/mp4
General Check archive.org Show headers Download Go to Full URL blob:https://players.brightcove.net/37319660-eebd-4138-b06b-ec2d7fa4b891 Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda Request headers Referer Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-1492/1493 Content-Length 1493 Content-Type video/mp4
GET BLOB	206 Partial Content	3d375cf5-fc4a-49f5-a375-0003a14f8deb https://players.brightcove.net/ Frame 0D77	1 KB 0		Media video/mp4
General Check archive.org Show headers Download Go to Full URL blob:https://players.brightcove.net/3d375cf5-fc4a-49f5-a375-0003a14f8deb Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda Request headers Referer Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-1492/1493 Content-Length 1493 Content-Type video/mp4
GET BLOB	200 OK	c62028c7-cead-493b-83ef-b205e76e7c65 https://players.brightcove.net/ Frame 0D77	31 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://players.brightcove.net/c62028c7-cead-493b-83ef-b205e76e7c65 Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 31 Content-Type application/javascript
GET H2	200	tracker metrics.brightcove.com/v2/ Frame 0D77	35 B 94 B	118ms 67ms	Image image/gif	35.244.232.184 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=23ae04e8620b7e04f8066d3&account=6009760719001&destination=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&platform_version=6.48.5&player=players.brightcove.com%2F6009760719001%2FZMxpke9Sz_default&player_name=Court%20TV%20Mystery%20&usage=iframe-embed&event=player_load&time=1613565789117&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=27600000&qos.performance.memory.totalJSHeapSize=42100000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=0&qos.performance.timing.loadEventStart=0&qos.performance.timing.domComplete=0&qos.performance.timing.domContentLoadedEventEnd=0&qos.performance.timing.domContentLoadedEventStart=0&qos.performance.timing.domInteractive=0&qos.performance.timing.domLoading=1613565788609&qos.performance.timing.responseEnd=1613565788959&qos.performance.timing.responseStart=1613565788606&qos.performance.timing.requestStart=1613565788195&qos.performance.timing.secureConnectionStart=1613565782725&qos.performance.timing.connectEnd=1613565788195&qos.performance.timing.connectStart=1613565782695&qos.performance.timing.domainLookupEnd=1613565782695&qos.performance.timing.domainLookupStart=1613565782689&qos.performance.timing.fetchStart=1613565782688&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1613565782688&qos.performance.bcParse=475.3649979829788&qos.player.dimensions=%5B%5B1613565789117%2C%220x0%22%2C%22580x325%22%5D%5D&qos.player.pixelratio=%5B%5B1613565789117%2C1%5D%5D&qos.player.screendimensions=%5B%5B1613565789117%2C%221600x1200%22%5D%5D&seq=2 Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 184.232.244.35.bc.googleusercontent.com Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=300; includeSubDomains via 1.1 google date Wed, 17 Feb 2021 12:43:09 GMT cache-control must-revalidate,no-cache,no-store alt-svc clear content-length 35 content-type image/gif
GET H3-Q050	200	sodar Show response pagead2.googlesyndication.com/getconfig/	8 KB 7 KB	48ms 34ms	XHR application/json	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4479ec82f9c375dda67b86abe9edd552596987475b927fa3bdb2abb91943f68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 17 Feb 2021 12:43:09 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 6596 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:09 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1611170586013198" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6403 x-xss-protection 0 expires Wed, 17 Feb 2021 12:43:09 GMT
GET H3-Q050	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/221/ Frame 8D86	12 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/221/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.courttv.com/mystery/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.courttv.com/mystery/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 4984 date Wed, 17 Feb 2021 12:02:07 GMT expires Thu, 17 Feb 2022 12:02:07 GMT last-modified Tue, 08 Dec 2020 21:41:15 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 2462 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js Show response pagead2.googlesyndication.com/bg/ Frame 8D86	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/d51ouiIaoe_oO0a42MWTKpyCrSNXucyUKMnav5ltGHU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 779d68ba221aa1efe83b46b8d8c5932a9c82ad2357b9cc9428c9dabf996d1875 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 11:37:38 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 09 Feb 2021 09:15:00 GMT server sffe age 3931 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 6215 x-xss-protection 0 expires Thu, 17 Feb 2022 11:37:38 GMT
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/	0 221 B	41ms 41ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021101&jk=697673073157683&bg=!kZKlktHNAAXRs2QT0TsAKQB2-Dxatx-szcXGXurCq9tWYO-U6N_8wl9zwRNx-5CUVq4DXYBbQTShAgAAAFZSAAAADGgBBwoBAKdR6vzQdq7GR93KaoRSeQaUQFJlfirXNS-zu6oQ28qnK_0uYAdTBj-HZSvVlsHGo045AWKvhTEAEKFbweDGlxCijppIOcygHnvQYmEmLm4suYO6MFFL_MB3TwyppvSEeZEcvLCag-CLKfL1paXlYBfGqGKBv9eXY0miERUei6l428qFPhYnGtFb2sIfxzO9BDCmHc5i2wGTWQj7wVH2bNds85QTmWmVEtmEVioD6zi59-wiL8xLdudDNbEwGEfhA3SvMa5GTvgozIdG1U_QEm_HlhCL7YX3rOSDP1JdZa5mifeZVlSXUp5aiZTr5ncnCKlm3habP_A1v5R_XkHkVO-ZAeCuYtjpsuJvqdd_oD8bAjmYV2n6cAneRKC_F86Z2vdCAcZQURu1dFqntWqYywigybYsEBbCmQzRxweWD4BO9bkkaDJH4UJ1AvoQUKKOHfYmrP88G6LfoMwtoJ9B9B5Ryt1Xxsj2MvMgfEjGAX5PbrmcY5jKrYMpbYCWHmIk_QTyz4jCdFdU6H576KSVgMfeQbo_gsaBV5ICKj_VGJUp0rZDEYjvKA4h1-moLJqgLQFBYaU3nqrM3jXTJZ4x9KU2lpj8_EFeMzX5aQR8x8nisCk7AC6AtNqPFsMgYJH2fTsWfEKEtxfcwWrr4yHoPYPYqsCdTTvHFdr5ZlepeoI1eXtW792kJid1UoZyeffwdoADwXpPe9OaCdHPaa6pPIi1ap-jKKbNqjCQKV4Pwkab8orouaNLM8HZwQkocfdBODlRrB9HXDUIKgjDgGT_Uqzz4xAdkMvBbpxL5aSjDGNg_IAegof3WbTDe0C0WYNHLa-C9E-_Ml9QNG0KqnNVYHO4RkN3zeM9bnwTXHk-EoG2zWy8vUhFVy3ufsN5Hn8D6Lsxb4krf15HAeYq0I6F9BxKhR_yfrhMDqgbJ59Lmq55Nke6O2mYiKukobTxxrDhFF7Q0dGBWZVUlGRoTfp4aPPP5TQ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.courttv.com/mystery/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 17 Feb 2021 12:43:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tracker metrics.brightcove.com/v2/ Frame 0D77	35 B 94 B	65ms 64ms	Image image/gif	35.244.232.184 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=23ae04e8620b7e04f8066d3&account=6009760719001&destination=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&platform_version=6.48.5&player=players.brightcove.com%2F6009760719001%2FZMxpke9Sz_default&player_name=Court%20TV%20Mystery%20&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F6009760719001%2Fvideos%2F6220064357001&time=1613565789531&response_time_ms=434&seq=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 184.232.244.35.bc.googleusercontent.com Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=300; includeSubDomains via 1.1 google date Wed, 17 Feb 2021 12:43:09 GMT cache-control must-revalidate,no-cache,no-store alt-svc clear content-length 35 content-type image/gif
GET H/1.1	200 OK	image.jpg cf-images.us-east-1.prod.boltdns.net/v1/static/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/b9831950-404b-4791-89fc-3fc091e575d2/1280x720/match/ Frame 0D77	63 KB 63 KB	268ms 97ms	Image image/jpeg	65.9.19.49 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cf-images.us-east-1.prod.boltdns.net/v1/static/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/b9831950-404b-4791-89fc-3fc091e575d2/1280x720/match/image.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.19.49 Orlando, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / BC Resource Hash d62ca1f554df4d0dd8946afa4bccbd1b771e03bb3e16bce71849cfbbd82f83c1 Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 07 Feb 2021 04:42:08 GMT Via 1.1 0921eae154c93e666b192fa267ea4bfb.cloudfront.net (CloudFront) Connection keep-alive Last-Modified Fri, 01 Jan 2016 00:00:00 GMT Age 892861 X-Powered-From gantry X-Powered-By BC Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 X-Amz-Cf-Pop ZAG50-C1 X-Amz-Cf-Id lNT5GCdJ0a0CUfAvTLRlMUjdkoD4ChYdvL8LkNeBbwvZBBZUEIsyYQ== Expires Mon, 07 Feb 2022 04:42:08 GMT
GET H2	200	master.m3u8 Show response manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/10s/ Frame 0D77	6 KB 6 KB	72ms 57ms	XHR application/x-mpegurl	2a04:4e42:3::539 FASTLY
General Check archive.org Show headers Download Go to Full URL https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/10s/master.m3u8?fastly_token=NjA1NGEwMDRfNWJmNDI3NDFjYWNkZjQwNTQyYTc3YjU4OTcyODQ3YTIzYjA1Yzc3ZDM2MmUxYmM5ZTFhNjJkZGIyZDAyZTkwNQ%3D%3D Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / BC Resource Hash f81bba6d46461317dedebca244dc7bbc318b192e2ce0cec7ce68a539e8e1e5d3 Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:09 GMT via 1.1 varnish age 0 x-powered-by BC x-cache MISS x-bolt-device-group desktop-chrome content-length 6056 x-served-by cache-fra19125-FRA x-device-group desktop-chrome x-timer S1613565790.566042,VS0,VE51 x-powered-from gantry access-control-allow-methods GET,HEAD,OPTIONS content-type application/x-mpegURL access-control-allow-origin * access-control-expose-headers Server,Range,Content-Length,Content-Range cache-control s-maxage=1296000, max-age=1296000 accept-ranges bytes access-control-allow-headers X-Requested-With,Origin,Range,Accept-Encoding,Referer x-cache-hits 0
GET BLOB	200 OK	111e3b75-918c-47be-bb18-d2ece1ae7fa3 https://players.brightcove.net/ Frame 0D77	5 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://players.brightcove.net/111e3b75-918c-47be-bb18-d2ece1ae7fa3 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60e9e7cf7a1ad660fb0a67b0513fb847c560a29b5da8b7d9dbc68b0f34d29fa0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 5192 Content-Type application/javascript
GET BLOB	200 OK	862dedeb-6860-4736-9159-8fee29163801 https://players.brightcove.net/ Frame 0D77	84 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://players.brightcove.net/862dedeb-6860-4736-9159-8fee29163801 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash f62140fd29677aa604a7bb7df643961c493e121bac3a0846ef38e09511c2e5b6 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 85961 Content-Type application/javascript
GET BLOB	200 OK	16c308e0-7714-4e2c-a599-5e497ba2b1dd https://players.brightcove.net/ Frame 0D77	84 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://players.brightcove.net/16c308e0-7714-4e2c-a599-5e497ba2b1dd Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash f62140fd29677aa604a7bb7df643961c493e121bac3a0846ef38e09511c2e5b6 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 85961 Content-Type application/javascript
GET H2	200	tracker metrics.brightcove.com/v2/ Frame 0D77	35 B 94 B	65ms 65ms	Image image/gif	35.244.232.184 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=23ae04e8620b7e04f8066d3&account=6009760719001&destination=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&platform_version=6.48.5&player=players.brightcove.com%2F6009760719001%2FZMxpke9Sz_default&player_name=Court%20TV%20Mystery%20&time=1613565789555&event=play_request&video=6220064357001&video_name=CTVM_January_February%20Image_30&video_duration=30&seq=4_-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 184.232.244.35.bc.googleusercontent.com Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=300; includeSubDomains via 1.1 google date Wed, 17 Feb 2021 12:43:09 GMT cache-control must-revalidate,no-cache,no-store alt-svc clear content-length 35 content-type image/gif
GET H2	200	tracker metrics.brightcove.com/v2/ Frame 0D77	35 B 94 B	66ms 66ms	Image image/gif	35.244.232.184 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=23ae04e8620b7e04f8066d3&account=6009760719001&destination=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&platform_version=6.48.5&player=players.brightcove.com%2F6009760719001%2FZMxpke9Sz_default&player_name=Court%20TV%20Mystery%20&time=1613565789552&event=video_impression&video=6220064357001&video_name=CTVM_January_February%20Image_30&video_duration=30&autoplay=muted&preload=metadata&qos.content.sourceMimeType=application%2Fvnd.apple.mpegurl&seq=5_0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 184.232.244.35.bc.googleusercontent.com Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=300; includeSubDomains via 1.1 google date Wed, 17 Feb 2021 12:43:09 GMT cache-control must-revalidate,no-cache,no-store alt-svc clear content-length 35 content-type image/gif
GET H2	200	rendition.m3u8 Show response manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/db77eadf-6305-479f-a50f-1b6b169e7f7c/10s/ Frame 0D77	2 KB 2 KB	160ms 160ms	XHR application/x-mpegurl	2a04:4e42:3::539 FASTLY
General Check archive.org Show headers Download Go to Full URL https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/db77eadf-6305-479f-a50f-1b6b169e7f7c/10s/rendition.m3u8?fastly_token=NjA1NGEwMDRfM2NlNjBiNmYxMWFlYzNhNzc3ZTY3MDQ0ZmU0NGRjMzY1MjQ5YmY1ZmM2ZjRhOTIwYjBlZDE0NzdlZmU0Njg4ZA%3D%3D Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / BC Resource Hash bc713cc478a44db73bd8fcd21071eff354af20247554705c99b87b47a8061274 Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:09 GMT via 1.1 varnish age 0 x-powered-by BC x-cache MISS content-length 1689 x-served-by cache-fra19125-FRA x-device-group desktop-chrome x-timer S1613565790.631446,VS0,VE153 x-powered-from gantry access-control-allow-methods GET,HEAD,OPTIONS content-type application/x-mpegURL access-control-allow-origin * access-control-expose-headers Server,Range,Content-Length,Content-Range cache-control s-maxage=1296000, max-age=1296000 accept-ranges bytes access-control-allow-headers X-Requested-With,Origin,Range,Accept-Encoding,Referer x-cache-hits 0
GET H2	200	rendition.m3u8 Show response manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/4c98de83-1828-4aaa-8c2e-40eb4ecffd11/10s/ Frame 0D77	2 KB 2 KB	173ms 172ms	XHR application/x-mpegurl	2a04:4e42:3::539 FASTLY
General Check archive.org Show headers Download Go to Full URL https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/4c98de83-1828-4aaa-8c2e-40eb4ecffd11/10s/rendition.m3u8?fastly_token=NjA1NGEwMDRfYjg5ZDQ5MmRkZDI0ZWU2YzU4OWM0Zjc3YmM3N2JhZDU2ZmE1ODEwZjc0MzI0MjcyZmU2ZmUxOGUzMTc5Y2JiNw%3D%3D Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / BC Resource Hash ef8f0230ec8f5498e92f346eba0f22ccfefa132133da69c021cd53c2b387e57b Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:09 GMT via 1.1 varnish age 0 x-powered-by BC x-cache MISS content-length 1686 x-served-by cache-fra19125-FRA x-device-group desktop-chrome x-timer S1613565790.795511,VS0,VE166 x-powered-from gantry access-control-allow-methods GET,HEAD,OPTIONS content-type application/x-mpegURL access-control-allow-origin * access-control-expose-headers Server,Range,Content-Length,Content-Range cache-control s-maxage=1296000, max-age=1296000 accept-ranges bytes access-control-allow-headers X-Requested-With,Origin,Range,Accept-Encoding,Referer x-cache-hits 0
GET H/1.1	200 OK	segment0.ts Show response bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/db77eadf-6305-479f-a50f-1b6b169e7f7c/5x/ Frame 0D77	1005 KB 1006 KB	200ms 66ms	XHR video/mp2t	2.16.186.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/db77eadf-6305-479f-a50f-1b6b169e7f7c/5x/segment0.ts?akamai_token=exp=1616158724~acl=/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/db77eadf-6305-479f-a50f-1b6b169e7f7c/*~hmac=996d8a9beaa73e747de4fa2ea0adeb4730cf26b5b6869fa442e534fb0000974e Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-40.deploy.static.akamaitechnologies.com Software / BC Resource Hash 5c6dc6a4ab6c5eea6338a1e8795ca5285ac2c953b1722282456b0cebfbd8c381 Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:09 GMT X-Powered-By BC Backend-IP 35.169.109.250 BC-MID true Connection keep-alive Content-Length 1029112 X-Served-By cache-ewr18153-EWR Expires Sun, 16 Jan 2022 10:06:10 GMT Last-Modified Fri, 01 Jan 2016 00:00:00 GMT X-Timer S1611674021.229743,VS0,VE5 X-Powered-From gantry ETag "514111efec96b59f80abc55cee0700ea" Access-Control-Allow-Methods GET,HEAD,OPTIONS Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,Range,Content-Length,Content-Range Cache-Control public, max-age=28761781 Accept-Ranges bytes Access-Control-Allow-Headers X-Requested-With,Origin,Range,Accept-Encoding,Referer X-Cache-Hits 1
GET H/1.1	200 OK	segment0.ts Show response bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/4c98de83-1828-4aaa-8c2e-40eb4ecffd11/5x/ Frame 0D77	200 KB 201 KB	190ms 74ms	XHR video/mp2t	2.16.186.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/4c98de83-1828-4aaa-8c2e-40eb4ecffd11/5x/segment0.ts?akamai_token=exp=1616158724~acl=/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/4c98de83-1828-4aaa-8c2e-40eb4ecffd11/*~hmac=d172bf730dbdb90c0904bd5d61896a48da93c7536004c11803356567537b196d Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-40.deploy.static.akamaitechnologies.com Software / BC Resource Hash 33dddce6aff08eec3bf12f43361e5e991df227b4062833062aa0d1051534a1fc Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:10 GMT X-Powered-By BC Backend-IP 52.55.11.134 BC-MID true Connection keep-alive Content-Length 204920 X-Served-By cache-dca17761-DCA Expires Tue, 04 Jan 2022 16:16:48 GMT Last-Modified Fri, 01 Jan 2016 00:00:00 GMT X-Timer S1609886447.057647,VS0,VE111 X-Powered-From gantry ETag "2c01404b3d418f3148e9102dbcc850e0" Access-Control-Allow-Methods GET,HEAD,OPTIONS Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,Range,Content-Length,Content-Range Cache-Control public, max-age=27747218 Accept-Ranges bytes Access-Control-Allow-Headers X-Requested-With,Origin,Range,Accept-Encoding,Referer X-Cache-Hits 1
GET H/1.1	200 OK	segment1.ts Show response bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/db77eadf-6305-479f-a50f-1b6b169e7f7c/5x/ Frame 0D77	1 MB 1 MB	166ms 165ms	XHR video/mp2t	2.16.186.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/db77eadf-6305-479f-a50f-1b6b169e7f7c/5x/segment1.ts?akamai_token=exp=1616158724~acl=/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/db77eadf-6305-479f-a50f-1b6b169e7f7c/*~hmac=996d8a9beaa73e747de4fa2ea0adeb4730cf26b5b6869fa442e534fb0000974e Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-40.deploy.static.akamaitechnologies.com Software / BC Resource Hash ea0c848c8224a497c6ccd92e9b1f3e5f2bebf6421d6a92cd83823e17a23317df Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:10 GMT X-Powered-By BC Backend-IP 34.198.55.187 BC-MID true Connection keep-alive Content-Length 1236664 X-Served-By cache-dca17749-DCA Expires Wed, 16 Feb 2022 04:42:22 GMT Last-Modified Fri, 01 Jan 2016 00:00:00 GMT X-Timer S1613565790.416496,VS0,VE5 X-Powered-From gantry ETag "115e48b65bed270df1e1ab73e98316c5" Access-Control-Allow-Methods GET,HEAD,OPTIONS Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,Range,Content-Length,Content-Range Cache-Control public, max-age=31420752 Accept-Ranges bytes Access-Control-Allow-Headers X-Requested-With,Origin,Range,Accept-Encoding,Referer X-Cache-Hits 1
GET H/1.1	200 OK	segment1.ts Show response bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/4c98de83-1828-4aaa-8c2e-40eb4ecffd11/5x/ Frame 0D77	203 KB 204 KB	419ms 419ms	XHR video/mp2t	2.16.186.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/4c98de83-1828-4aaa-8c2e-40eb4ecffd11/5x/segment1.ts?akamai_token=exp=1616158724~acl=/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/4c98de83-1828-4aaa-8c2e-40eb4ecffd11/*~hmac=d172bf730dbdb90c0904bd5d61896a48da93c7536004c11803356567537b196d Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-40.deploy.static.akamaitechnologies.com Software / BC Resource Hash 6aa6dd6544ea6bcd52c16f5b614712148dacb3f93112fc0011efd1fd6ec9d208 Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:10 GMT X-Powered-By BC Backend-IP 3.216.167.252 BC-MID true Connection keep-alive Content-Length 208304 X-Served-By cache-ewr18168-EWR Expires Tue, 04 Jan 2022 16:09:54 GMT Last-Modified Fri, 01 Jan 2016 00:00:00 GMT X-Timer S1610558532.773651,VS0,VE2 X-Powered-From gantry ETag "8c4a7322a5a7308372f760fa44000b43" Access-Control-Allow-Methods GET,HEAD,OPTIONS Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,Range,Content-Length,Content-Range Cache-Control public, max-age=27746804 Accept-Ranges bytes Access-Control-Allow-Headers X-Requested-With,Origin,Range,Accept-Encoding,Referer X-Cache-Hits 1
GET H2	200	tracker metrics.brightcove.com/v2/ Frame 0D77	35 B 94 B	65ms 65ms	Image image/gif	35.244.232.184 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=23ae04e8620b7e04f8066d3&account=6009760719001&destination=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&platform_version=6.48.5&player=players.brightcove.com%2F6009760719001%2FZMxpke9Sz_default&player_name=Court%20TV%20Mystery%20&time=1613565790347&event=video_view&load_time_ms=795&start_time_ms=792&video=6220064357001&video_name=CTVM_January_February%20Image_30&video_duration=30&seq=6_0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 184.232.244.35.bc.googleusercontent.com Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=300; includeSubDomains via 1.1 google date Wed, 17 Feb 2021 12:43:10 GMT cache-control must-revalidate,no-cache,no-store alt-svc clear content-length 35 content-type image/gif
GET H/1.1	200 OK	segment2.ts Show response bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/db77eadf-6305-479f-a50f-1b6b169e7f7c/5x/ Frame 0D77	1 MB 1 MB	82ms 82ms	XHR video/mp2t	2.16.186.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/db77eadf-6305-479f-a50f-1b6b169e7f7c/5x/segment2.ts?akamai_token=exp=1616158724~acl=/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/db77eadf-6305-479f-a50f-1b6b169e7f7c/*~hmac=996d8a9beaa73e747de4fa2ea0adeb4730cf26b5b6869fa442e534fb0000974e Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-40.deploy.static.akamaitechnologies.com Software / BC Resource Hash 438cbe617ce95883e96886cecafa02b55fc70d5ba24276fc64d49d351d92fc6c Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:10 GMT X-Powered-By BC Backend-IP 3.88.73.212 BC-MID true Connection keep-alive Content-Length 1332920 X-Served-By cache-dca17776-DCA Expires Fri, 21 Jan 2022 11:47:42 GMT Last-Modified Fri, 01 Jan 2016 00:00:00 GMT X-Timer S1611674025.722681,VS0,VE5 X-Powered-From gantry ETag "98d17205fa20a655db26111d0fc0759b" Access-Control-Allow-Methods GET,HEAD,OPTIONS Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,Range,Content-Length,Content-Range Cache-Control public, max-age=29199872 Accept-Ranges bytes Access-Control-Allow-Headers X-Requested-With,Origin,Range,Accept-Encoding,Referer X-Cache-Hits 1
GET H/1.1	200 OK	segment2.ts Show response bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/4c98de83-1828-4aaa-8c2e-40eb4ecffd11/5x/ Frame 0D77	194 KB 195 KB	77ms 77ms	XHR video/mp2t	2.16.186.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/4c98de83-1828-4aaa-8c2e-40eb4ecffd11/5x/segment2.ts?akamai_token=exp=1616158724~acl=/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/4c98de83-1828-4aaa-8c2e-40eb4ecffd11/*~hmac=d172bf730dbdb90c0904bd5d61896a48da93c7536004c11803356567537b196d Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-40.deploy.static.akamaitechnologies.com Software / BC Resource Hash 26aa3c43287a2228714024a7f2749aaa64834769bbad0677a6366c80e9096ed9 Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:11 GMT X-Powered-By BC Backend-IP 52.22.69.162 BC-MID true Connection keep-alive Content-Length 198904 X-Served-By cache-ewr18156-EWR Expires Tue, 04 Jan 2022 16:09:36 GMT Last-Modified Fri, 01 Jan 2016 00:00:00 GMT X-Timer S1609886448.003097,VS0,VE2 X-Powered-From gantry ETag "41e39b2c3736a1b5e5ac03bbe3ab549c" Access-Control-Allow-Methods GET,HEAD,OPTIONS Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,Range,Content-Length,Content-Range Cache-Control public, max-age=27746785 Accept-Ranges bytes Access-Control-Allow-Headers X-Requested-With,Origin,Range,Accept-Encoding,Referer X-Cache-Hits 1
GET H/1.1	200 OK	segment3.ts Show response bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/db77eadf-6305-479f-a50f-1b6b169e7f7c/5x/ Frame 0D77	3 KB 4 KB	63ms 63ms	XHR video/mp2t	2.16.186.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/db77eadf-6305-479f-a50f-1b6b169e7f7c/5x/segment3.ts?akamai_token=exp=1616158724~acl=/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/db77eadf-6305-479f-a50f-1b6b169e7f7c/*~hmac=996d8a9beaa73e747de4fa2ea0adeb4730cf26b5b6869fa442e534fb0000974e Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-40.deploy.static.akamaitechnologies.com Software / BC Resource Hash 21072e4a57279f459bab62a9d05d63b09364b3b4a5501caf9b7f376b3f9617fe Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:11 GMT X-Powered-By BC Backend-IP 34.197.15.235 BC-MID true Connection keep-alive Content-Length 3384 X-Served-By cache-dca17740-DCA Expires Tue, 04 Jan 2022 16:56:23 GMT Last-Modified Fri, 01 Jan 2016 00:00:00 GMT X-Timer S1609886449.432287,VS0,VE1 X-Powered-From gantry ETag "a8364f30874adb4a58609a3072a95b1a" Access-Control-Allow-Methods GET,HEAD,OPTIONS Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,Range,Content-Length,Content-Range Cache-Control public, max-age=27749592 Accept-Ranges bytes Access-Control-Allow-Headers X-Requested-With,Origin,Range,Accept-Encoding,Referer X-Cache-Hits 1
GET		segment3.ts bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/4c98de83-1828-4aaa-8c2e-40eb4ecffd11/5x/ Frame 0D77	0 0
GET H2	200	rendition.m3u8 Show response manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/2688ac34-6c01-4172-8454-f403c56c8134/10s/ Frame 0D77	2 KB 2 KB	191ms 190ms	XHR application/x-mpegurl	2a04:4e42:3::539 FASTLY
General Check archive.org Show headers Download Go to Full URL https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/2688ac34-6c01-4172-8454-f403c56c8134/10s/rendition.m3u8?fastly_token=NjA1NGEwMDRfODg5ODBhMDA3NWVkNDBiYjQyOWEwNjIyYjVjZDNhMzdkNGNlOGUzN2EzMjM4NGQ3NWJhYzEzMGE4N2UwNDBjMg%3D%3D Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / BC Resource Hash fe0b38162071dae227e47d676d5245596f9bf9c1b7009985f44027d3b9b38548 Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:11 GMT via 1.1 varnish age 0 x-powered-by BC x-cache MISS content-length 1689 x-served-by cache-fra19125-FRA x-device-group desktop-chrome x-timer S1613565791.162235,VS0,VE175 x-powered-from gantry access-control-allow-methods GET,HEAD,OPTIONS content-type application/x-mpegURL access-control-allow-origin * access-control-expose-headers Server,Range,Content-Length,Content-Range cache-control s-maxage=1296000, max-age=1296000 accept-ranges bytes access-control-allow-headers X-Requested-With,Origin,Range,Accept-Encoding,Referer x-cache-hits 0
GET H2	200	rendition.m3u8 Show response manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/7d0a90dc-2ab4-4355-805b-82da48e207ca/10s/ Frame 0D77	2 KB 2 KB	214ms 213ms	XHR application/x-mpegurl	2a04:4e42:3::539 FASTLY
General Check archive.org Show headers Download Go to Full URL https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/7d0a90dc-2ab4-4355-805b-82da48e207ca/10s/rendition.m3u8?fastly_token=NjA1NGEwMDRfMGEzMjVkNjIwY2JiMjZhMzE5NmQ5OTBmMmE3ZDA5MTMxNjljMDkwMjYwY2Y4NzUwMjU5NmNkNWY1OGMxZWMyZQ%3D%3D Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::539 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / BC Resource Hash faa973549a4ab6dc8f3aaad910bd040193a9d46565f9e2c333f06fa7dc3143bd Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 17 Feb 2021 12:43:11 GMT via 1.1 varnish age 0 x-powered-by BC x-cache MISS content-length 1686 x-served-by cache-fra19125-FRA x-device-group desktop-chrome x-timer S1613565791.353995,VS0,VE208 x-powered-from gantry access-control-allow-methods GET,HEAD,OPTIONS content-type application/x-mpegURL access-control-allow-origin * access-control-expose-headers Server,Range,Content-Length,Content-Range cache-control s-maxage=1296000, max-age=1296000 accept-ranges bytes access-control-allow-headers X-Requested-With,Origin,Range,Accept-Encoding,Referer x-cache-hits 0
GET H/1.1	200 OK	segment2.ts Show response bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/2688ac34-6c01-4172-8454-f403c56c8134/5x/ Frame 0D77	650 KB 650 KB	65ms 65ms	XHR video/mp2t	2.16.186.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/2688ac34-6c01-4172-8454-f403c56c8134/5x/segment2.ts?akamai_token=exp=1616158726~acl=/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/2688ac34-6c01-4172-8454-f403c56c8134/*~hmac=70830aaa5ff88580edfb264b36f0580231752a72dad4597a291d17b8f2fc8c70 Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-40.deploy.static.akamaitechnologies.com Software / BC Resource Hash 8d0ad58a9ec7202579ce70a1750e118675929d65c99996274d12154aab25c3ae Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:11 GMT X-Powered-By BC Backend-IP 107.20.166.195 BC-MID true Connection keep-alive Content-Length 665144 X-Served-By cache-ewr18149-EWR Expires Tue, 04 Jan 2022 16:57:24 GMT Last-Modified Fri, 01 Jan 2016 00:00:00 GMT X-Timer S1609886450.715428,VS0,VE3 X-Powered-From gantry ETag "2667228d73ad9867b10eb9f24f7633cc" Access-Control-Allow-Methods GET,HEAD,OPTIONS Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,Range,Content-Length,Content-Range Cache-Control public, max-age=27749653 Accept-Ranges bytes Access-Control-Allow-Headers X-Requested-With,Origin,Range,Accept-Encoding,Referer X-Cache-Hits 1
GET H/1.1	200 OK	segment3.ts Show response bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/2688ac34-6c01-4172-8454-f403c56c8134/5x/ Frame 0D77	3 KB 4 KB	69ms 68ms	XHR video/mp2t	2.16.186.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/2688ac34-6c01-4172-8454-f403c56c8134/5x/segment3.ts?akamai_token=exp=1616158726~acl=/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/2688ac34-6c01-4172-8454-f403c56c8134/*~hmac=70830aaa5ff88580edfb264b36f0580231752a72dad4597a291d17b8f2fc8c70 Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-40.deploy.static.akamaitechnologies.com Software / BC Resource Hash 45a0598fe6a066f4258e424c63d971c3de5b05cc666de70686ade75f9a170fff Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:11 GMT X-Powered-By BC Backend-IP 52.54.211.232 BC-MID true Connection keep-alive Content-Length 3384 X-Served-By cache-dca17727-DCA Expires Tue, 04 Jan 2022 16:22:38 GMT Last-Modified Fri, 01 Jan 2016 00:00:00 GMT X-Timer S1609886450.304561,VS0,VE1 X-Powered-From gantry ETag "e93abe8926ff6b39b2649edb34566b4b" Access-Control-Allow-Methods GET,HEAD,OPTIONS Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,Range,Content-Length,Content-Range Cache-Control public, max-age=27747567 Accept-Ranges bytes Access-Control-Allow-Headers X-Requested-With,Origin,Range,Accept-Encoding,Referer X-Cache-Hits 1
GET H/1.1	200 OK	segment2.ts Show response bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/7d0a90dc-2ab4-4355-805b-82da48e207ca/5x/ Frame 0D77	168 KB 169 KB	86ms 85ms	XHR video/mp2t	2.16.186.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/7d0a90dc-2ab4-4355-805b-82da48e207ca/5x/segment2.ts?akamai_token=exp=1616158726~acl=/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/7d0a90dc-2ab4-4355-805b-82da48e207ca/*~hmac=270d8a69757556cac231f122d66a073a833ff6e4fde417ee678793760dc5a6c8 Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-40.deploy.static.akamaitechnologies.com Software / BC Resource Hash a8f458b65d6eb816e30c092d9e68bfef4b5bc9422a5c4d7b29570ec28481da47 Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:11 GMT X-Powered-By BC Backend-IP 3.88.73.212 BC-MID true Connection keep-alive Content-Length 171832 X-Served-By cache-ewr18173-EWR Expires Tue, 04 Jan 2022 16:09:33 GMT Last-Modified Fri, 01 Jan 2016 00:00:00 GMT X-Timer S1609950839.840017,VS0,VE2 X-Powered-From gantry ETag "c58adc3ab969949ea27b58b61eb28f35" Access-Control-Allow-Methods GET,HEAD,OPTIONS Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,Range,Content-Length,Content-Range Cache-Control public, max-age=27746782 Accept-Ranges bytes Access-Control-Allow-Headers X-Requested-With,Origin,Range,Accept-Encoding,Referer X-Cache-Hits 1
GET H/1.1	200 OK	segment3.ts Show response bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/7d0a90dc-2ab4-4355-805b-82da48e207ca/5x/ Frame 0D77	9 KB 10 KB	62ms 61ms	XHR video/mp2t	2.16.186.40 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/7d0a90dc-2ab4-4355-805b-82da48e207ca/5x/segment3.ts?akamai_token=exp=1616158726~acl=/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/7d0a90dc-2ab4-4355-805b-82da48e207ca/*~hmac=270d8a69757556cac231f122d66a073a833ff6e4fde417ee678793760dc5a6c8 Requested by Host: players.brightcove.net URL: https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-40.deploy.static.akamaitechnologies.com Software / BC Resource Hash 0486f881f21c5b6b8d718f5737c49d801dacf09acde62cc8278a949ec957a05f Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 17 Feb 2021 12:43:11 GMT X-Powered-By BC Backend-IP 54.172.71.18 BC-MID true Connection keep-alive Content-Length 9400 X-Served-By cache-ewr18171-EWR Expires Tue, 04 Jan 2022 16:45:53 GMT Last-Modified Fri, 01 Jan 2016 00:00:00 GMT X-Timer S1609886450.341951,VS0,VE1 X-Powered-From gantry ETag "3e2acb0b434e573ddb2794ba657ca23a" Access-Control-Allow-Methods GET,HEAD,OPTIONS Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,Range,Content-Length,Content-Range Cache-Control public, max-age=27748962 Accept-Ranges bytes Access-Control-Allow-Headers X-Requested-With,Origin,Range,Accept-Encoding,Referer X-Cache-Hits 1
GET H2	200	tracker metrics.brightcove.com/v2/ Frame 0D77	35 B 94 B	66ms 65ms	Image image/gif	35.244.232.184 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=23ae04e8620b7e04f8066d3&account=6009760719001&destination=https%3A%2F%2Fwww.courttv.com%2Fmystery%2F&platform_version=6.48.5&player=players.brightcove.com%2F6009760719001%2FZMxpke9Sz_default&player_name=Court%20TV%20Mystery%20&time=1613565799559&usage=hls-demuxed%2Chls-timestamp-offset%2Cvariant%253Aen-us%2Cvhs-demuxed%2Cvhs-timestamp-offset&event=video_engagement&player_height=325&player_width=580&video_duration=30.077266&video=6220064357001&video_name=CTVM_January_February%20Image_30&rendition_url=https%3A%2F%2Fmanifest.prod.boltdns.net%2Fmanifest%2Fv1%2Fhls%2Fv4%2Fclear%2F6009760719001%2F3cef5617-9c6a-4c0c-b33d-37f642dc8dda%2F2688ac34-6c01-4172-8454-f403c56c8134%2F10s%2Frendition.m3u8%3Ffastly_token%3DNjA1NGEwMDRfODg5ODBhMDA3NWVkNDBiYjQyOWEwNjIyYjVjZDNhMzdkNGNlOGUzN2EzMjM4NGQ3NWJhYzEzMGE4N2UwNDBjMg%253D%253D&rendition_indicated_bps=562100&rendition_mime_type=application%2Fvnd.apple.mpegurl&rendition_height=270&rendition_width=480&media_requests=11&media_transfer_duration=2512&media_bytes_transferred=5063968&measured_bps=386742&media_seconds_loaded=80.17&rebuffering_seconds=1&forward_buffer_seconds=21.124909000000002&qos.derived_range=0..7&range=0..8&qos.bitrates=%7B%22bitrates%22%3A%5B%5B1613565790894%2C19629587%5D%2C%5B1613565791088%2C64626424%5D%2C%5B1613565791156%2C423000%5D%2C%5B1613565791554%2C386742%5D%5D%2C%22playlists%22%3A%5B%5B1613565791350%2C423000%2C562100%5D%5D%2C%22rendered%22%3A%5B%5B1613565790590%2C1134100%5D%5D%2C%22throughput%22%3A%5B%5B1613565790894%2C110504535%5D%2C%5B1613565791088%2C200614452%5D%2C%5B1613565791156%2C153844839%5D%2C%5B1613565791554%2C142626298%5D%5D%7D&qos.events.content.durationchange=%5B1613565789552%2C1613565789794%2C1613565791749%5D&qos.events.content.loadstart=1613565789553&qos.events.content.volumechange=1613565789554&qos.events.content.play=1613565789555&qos.events.content.waiting=1613565789556&qos.events.content.resize=1613565790339&qos.events.content.loadedmetadata=1613565790340&qos.events.content.loadeddata=1613565790346&qos.events.content.canplay=1613565790347&qos.events.content.playing=1613565790347&qos.events.content.canplaythrough=1613565790347&qos.player.dimensions=%5B%5B1613565790339%2C%220x0%22%2C%22580x325%22%5D%2C%5B1613565790340%2C%220x0%22%2C%22580x325%22%5D%5D&qos.player.pixelratio=%5B%5B1613565790339%2C1%5D%2C%5B1613565790340%2C1%5D%5D&qos.player.screendimensions=%5B%5B1613565790339%2C%221600x1200%22%5D%2C%5B1613565790340%2C%221600x1200%22%5D%5D&qos.frames.dropped=0&qos.frames.corrupted=0&qos.frames.total=280&seq=7_0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 184.232.244.35.bc.googleusercontent.com Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubDomains Request headers Referer https://players.brightcove.net/6009760719001/ZMxpke9Sz_default/index.html?videoId=6220064357001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=300; includeSubDomains via 1.1 google date Wed, 17 Feb 2021 12:43:19 GMT cache-control must-revalidate,no-cache,no-store alt-svc clear content-length 35 content-type image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

google2waycm.netmng.com

URL

https://google2waycm.netmng.com/cm/?google_gid=CAESEBXE3kcRUsJbow5shDtLuVM&google_cver=1&google_push=AQvitUJgJJSWo7aX26NOKIJOrNIXU7Tju8BdW2DzEAWzxSBaWpJI2X76UvsI9Z372i7YxgVQyoIE1nBJqjYaqImh4IiVY7aCVfVV

Domain

google2waycm.netmng.com

URL

https://google2waycm.netmng.com/cm/?google_gid=CAESEBXE3kcRUsJbow5shDtLuVM&google_cver=1&google_push=AQvitUJbYQej1TeIQfXq1BLVza0knu3r8HZyIPVO5OSFjzjhkx9bUEI6nxrfZaj90z6kvbjeN1a8py3qf9PjwHU6vqsSyfpKs9tl2w

Domain

google2waycm.netmng.com

URL

https://google2waycm.netmng.com/cm/?google_gid=CAESEBXE3kcRUsJbow5shDtLuVM&google_cver=1&google_push=AQvitUI3uyIwUhRnmCqqpDypAhh2ZxNr8pWF13ADpaV2UctFQR029g5f9M2XsL7Re4iDvQrXAiOgkEqZYVIafvGTlbbeNZSdxhc

Domain

bcbolt446c5271-a.akamaihd.net

URL

https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/4c98de83-1828-4aaa-8c2e-40eb4ecffd11/5x/segment3.ts?akamai_token=exp=1616158724~acl=/media/v1/hls/v4/clear/6009760719001/3cef5617-9c6a-4c0c-b33d-37f642dc8dda/4c98de83-1828-4aaa-8c2e-40eb4ecffd11/*~hmac=d172bf730dbdb90c0904bd5d61896a48da93c7536004c11803356567537b196d