ezgif.com Open in urlscan Pro
2a01:4f8:110:4258::2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ezgif.com/split
Effective URL:
https://ezgif.com/split
Submission: On August 09 via api (August 9th 2020, 2:26:19 am UTC) from US

Summary HTTP 201 Redirects Behaviour Indicators

Summary

This website contacted 42 IPs in 12 countries across 32 domains to perform 201 HTTP transactions. The main IP is 2a01:4f8:110:4258::2, located in Germany and belongs to HETZNER-AS, DE. The main domain is ezgif.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 14th 2020. Valid for: 3 months.

This is the only time ezgif.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a01:4f8:110:... 2a01:4f8:110:4258::2	24940 (HETZNER-AS) (HETZNER-AS)
3	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
10	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
5	35.190.77.178 35.190.77.178	15169 (GOOGLE) (GOOGLE)
4	104.111.245.249 104.111.245.249	16625 (AKAMAI-AS) (AKAMAI-AS)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e2:... 2606:4700:e2::ac40:8720	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	99.86.0.120 99.86.0.120	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2606:4700:e6:... 2606:4700:e6::ac40:c90e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 7	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
4	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
7	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
3	198.148.27.134 198.148.27.134	19189 (PULSEPOINT) (PULSEPOINT)
2	18.196.104.43 18.196.104.43	16509 (AMAZON-02) (AMAZON-02)
3	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
2 8	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 9	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
2 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	185.86.138.122 185.86.138.122	201081 (SMARTADSE...) (SMARTADSERVER)
2 7	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.243.142 104.111.243.142	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:818::2001	15169 (GOOGLE) (GOOGLE)
3 6	52.95.123.41 52.95.123.41	16509 (AMAZON-02) (AMAZON-02)
1 2	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
15	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
2	85.206.143.247 85.206.143.247	43811 (TELIA-LIE...) (TELIA-LIETUVA)
4	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
3	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
201	42

2 2a01:4f8:110:4258::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

ezgif.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

static.ezgif.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.77.178 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 178.77.190.35.bc.googleusercontent.com

cloud.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.245.249 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-245-249.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:8720 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 99.86.0.120 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-0-120.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:e6::ac40:c90e (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.148.27.134 (New York, United States)

ASN19189 (PULSEPOINT, US)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.244.159.8 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

setupad-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Ascension Island) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.111.230.142 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.243.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-243-142.deploy.static.akamaitechnologies.com

www.aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c0df949b4ca340bf031a1a3ba40a9a8b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d4ea9042bc9aa3e2b7a83d5d50873c89.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ef5eede768a1212db9627597e24d8d4f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.95.123.41 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.246 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.206.143.247 (Kaunas, Lithuania)

ASN43811 (TELIA-LIETUVA, LT)
PTR: 85-206-143-247.static.zebra.lt

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com c0df949b4ca340bf031a1a3ba40a9a8b.safeframe.googlesyndication.com tpc.googlesyndication.com d4ea9042bc9aa3e2b7a83d5d50873c89.safeframe.googlesyndication.com ef5eede768a1212db9627597e24d8d4f.safeframe.googlesyndication.com pagead2.googlesyndication.com	399 KB
15	ampproject.org cdn.ampproject.org	324 KB
15	amazon-adsystem.com 3 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	94 KB
15	doubleclick.net securepubads.g.doubleclick.net pubads.g.doubleclick.net googleads.g.doubleclick.net	358 KB
11	rubiconproject.com 2 redirects fastlane.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com	7 KB
10	adnxs.com ib.adnxs.com acdn.adnxs.com	8 KB
9	betweendigital.com 2 redirects ads.betweendigital.com	3 KB
9	setupad.net prebid-stag.setupad.net	3 KB
8	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	224 B
8	openx.net 2 redirects setupad-d.openx.net eu-u.openx.net	2 KB
8	google.com 3 redirects adservice.google.com www.google.com	2 KB
7	lijit.com 1 redirects ap.lijit.com	3 KB
7	criteo.com 2 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	3 KB
7	setupad.com cloud.setupad.com node.setupad.com	572 KB
6	contextweb.com bid.contextweb.com bh.contextweb.com	2 KB
5	adform.net 1 redirects adx.adform.net cm.adform.net	2 KB
5	ezgif.com 1 redirects ezgif.com static.ezgif.com	26 KB
4	criteo.net static.criteo.net	88 KB
4	smartadserver.com prg.smartadserver.com	5 KB
4	casalemedia.com 2 redirects as-sec.casalemedia.com ssum.casalemedia.com	4 KB
4	districtm.io dmx.districtm.io cdn.districtm.io	484 B
4	4dex.io script.4dex.io	38 KB
4	aaxads.com c.aaxads.com l3.aaxads.com	102 KB
3	indexww.com js-sec.indexww.com
3	googletagservices.com www.googletagservices.com	62 KB
3	creativecdn.com prebid-eu.creativecdn.com	489 B
2	brealtime.com biddr.brealtime.com
2	google.de adservice.google.de	336 B
2	emxdgt.com hb.emxdgt.com	602 B
1	aaxdetect.com www.aaxdetect.com	323 B
1	google.fr adservice.google.fr	829 B
1	google-analytics.com www.google-analytics.com	18 KB
201	32

	Domain	Requested by
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net ezgif.com cdn.ampproject.org tpc.googlesyndication.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
10	securepubads.g.doubleclick.net	ezgif.com securepubads.g.doubleclick.net www.googletagservices.com
9	ads.betweendigital.com	2 redirects ezgif.com cloud.setupad.com
9	prebid-stag.setupad.net	cloud.setupad.com ezgif.com
9	c.amazon-adsystem.com	ezgif.com cloud.setupad.com c.amazon-adsystem.com
7	ib.adnxs.com	cloud.setupad.com
7	ap.lijit.com	1 redirects cloud.setupad.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
6	aax-eu.amazon-adsystem.com	3 redirects c.amazon-adsystem.com
5	eu-u.openx.net	2 redirects cloud.setupad.com
5	www.google.com	3 redirects ezgif.com
5	ads.pubmatic.com	cloud.setupad.com
5	eus.rubiconproject.com	ezgif.com cloud.setupad.com
5	cloud.setupad.com	ezgif.com
4	static.criteo.net	cloud.setupad.com static.criteo.net
4	prg.smartadserver.com	cloud.setupad.com
4	fastlane.rubiconproject.com	cloud.setupad.com
4	script.4dex.io	cloud.setupad.com script.4dex.io
3	bh.contextweb.com	cloud.setupad.com
3	js-sec.indexww.com	cloud.setupad.com
3	acdn.adnxs.com	cloud.setupad.com
3	googleads.g.doubleclick.net	ezgif.com
3	www.googletagservices.com	ezgif.com securepubads.g.doubleclick.net
3	hbopenbid.pubmatic.com	cloud.setupad.com
3	setupad-d.openx.net	cloud.setupad.com
3	adx.adform.net	cloud.setupad.com
3	bid.contextweb.com	cloud.setupad.com
3	prebid-eu.creativecdn.com	cloud.setupad.com
3	bidder.criteo.com	cloud.setupad.com
3	adservice.google.com	securepubads.g.doubleclick.net www.googletagservices.com
3	static.ezgif.com	ezgif.com
2	cdn.districtm.io	cloud.setupad.com
2	biddr.brealtime.com	cloud.setupad.com
2	node.setupad.com	ezgif.com
2	cm.adform.net	1 redirects ezgif.com
2	d4ea9042bc9aa3e2b7a83d5d50873c89.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.de	www.googletagservices.com
2	l3.aaxads.com	ezgif.com
2	ssum.casalemedia.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	as-sec.casalemedia.com	cloud.setupad.com
2	dmx.districtm.io	cloud.setupad.com
2	hb.emxdgt.com	cloud.setupad.com
2	mug.criteo.com	ezgif.com
2	gum.criteo.com	2 redirects
2	pubads.g.doubleclick.net	ezgif.com
2	c.aaxads.com	ezgif.com
2	ezgif.com	1 redirects
1	ef5eede768a1212db9627597e24d8d4f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	c0df949b4ca340bf031a1a3ba40a9a8b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.aaxdetect.com	ezgif.com
1	adservice.google.fr	securepubads.g.doubleclick.net
1	www.google-analytics.com	ezgif.com
201	54

This site contains no links.

Subject Issuer	Validity	Valid
ezgif.com Let's Encrypt Authority X3	`2020-05-14` - `2020-08-12`	3 months	crt.sh
static.ezgif.com Let's Encrypt Authority X3	`2020-06-17` - `2020-09-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
cloud.setupad.com GTS CA 1D2	`2020-08-03` - `2020-11-01`	3 months	crt.sh
*.aaxads.com DigiCert Secure Site ECC CA-1	`2020-02-11` - `2021-05-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google.fr GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-08` - `2021-08-08`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.emxdgt.com Amazon	`2020-07-31` - `2021-08-30`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-17` - `2022-02-16`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.aaxdetect.com DigiCert Secure Site ECC CA-1	`2020-02-11` - `2021-05-12`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
*.adform.net DigiCert SHA2 Secure Server CA	`2020-04-02` - `2021-06-02`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
node.setupad.com Let's Encrypt Authority X3	`2020-07-22` - `2020-10-20`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh

This page contains 44 frames:

Primary Page: https://ezgif.com/split
Frame ID: 94EC1B07D5991F02CEF10F4C9A58DCD0
Requests: 48 HTTP requests in this frame

Frame: https://cloud.setupad.com/postbid/ldt3Y37cfk_190527.js
Frame ID: 6367AA85ECB9AB9532D315FDEE5763E6
Requests: 37 HTTP requests in this frame

Frame: https://cloud.setupad.com/postbid/ldt3Y37cfk_190527.js
Frame ID: FBAB17E16BEB1AAC0E4536E7EA4513CA
Requests: 39 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: C2B977FF9D0765FB80106E3466C9F5DA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 83FE71ECACB91B25E44CA4613A1BF789
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3DBO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%26uid%3D
Frame ID: D324B67A6C7B7F228DDC001BB8250FAA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3DBO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%26uid%3D
Frame ID: B047AEA00C06937DE4CB93D09A101694
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv&dcc=t
Frame ID: C4F8ECBF183FE4CD5AF9BFDCE3B041B8
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv&dcc=t
Frame ID: 17DDF38737BE1E17F7CD6CF12279BE90
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv&dcc=t
Frame ID: E669071E5FD30FAC2B621F5A8EFA572E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032007302351000/amp4ads-v0.js
Frame ID: A4679A0B9D46264836B208C8B656F653
Requests: 15 HTTP requests in this frame

Frame: https://d4ea9042bc9aa3e2b7a83d5d50873c89.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Frame ID: EFE28B2B242EC943F3EE384493C4150B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js
Frame ID: 2BC709A79E4E7C7D18BC3F1F07D31DE7
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js
Frame ID: F551A880D3695B8965F522F88E1EFBF9
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 80B7561FA4469B75153E319DBB4C9908
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: E1AF3299F954B7CA9A4979FF3F11C637
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 6202DD6FAC115CC7438AC4FE86ABF383
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Frame ID: 68E95B2EF2F37339095219C3B8E692A7
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Frame ID: AEC30B89203F0104D79BB95163B8BFA1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 196606A254C35D96C7ABA223103E17D0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Frame ID: 7044EFCD48980012175BCD1CDCA02FAE
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3E914531BEEA807E1BAC310326653BA7
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: A522499B1B48A55044195933706ADC48
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&informer=13401985&dnr=1
Frame ID: 1D78E850A1B6D5B3362A95140E9C74F4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6EE413733307924BFD801470BD5B68A6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?gdpr=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Frame ID: 5F53F77CE5177AAE6D0F3F572E82EB7D
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Frame ID: 6C0347A0FCAA0250BDC0336DB5730807
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Frame ID: 7745299C4645B0CAB09549ED90C5AE34
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 1E56B0C059F83DAF19957B4B579EA79E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?gdpr=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Frame ID: 36AD55AE407A54F6AA0E0551EBFEB016
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: C1B03B8876F3334657BA7375381D9924
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: C201433DA4094A7EBEE31464494AC2BE
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CDE752E40D4FA8D62A170C36DF664A6B
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: E1BBDD4ACE86EA913F2C1F6DC98067D8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B6073AC311E7915B707B361514E51504
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&informer=13401985
Frame ID: 033569D7F187B613878C232958D60B76
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Frame ID: AFC25A0BC1E6EF3111EE803BB980D052
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 49D7EA822F0E64E3F45DC4C7B9AEEB36
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&informer=13401985
Frame ID: 73F1546881601F16D5853D1EB538C72B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: AAE1E648288784F319BDC5A392C472EB
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: BD0F359B4A1D4A8046368C54ABBA02CF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3BC062536B84E4C81C884BCBDC34E115
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Frame ID: 400539EB78E0BAB72C36E3C5D07D8665
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8E77E8616250FD7519E17C69E6506991
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ezgif.com/split HTTP 301
https://ezgif.com/split Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

201
Requests

100 %
HTTPS

31 %
IPv6

32
Domains

54
Subdomains

42
IPs

12
Countries

2117 kB
Transfer

5702 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ezgif.com/split HTTP 301
https://ezgif.com/split Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fezgif.com%2F&domain=ezgif.com&gdprString=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=AxV7uHxOUUdSYlZFSDg2T0orRVhsMG41bERkVkdhNFlCTUp3SXJNYm9pYnFrRHBlU2FaRW1RNWx1d3J6Sy81VXhHb2xmU2o2eC91Y1NyRS9rNjdvTDFma1lSSjUreThiYTNQaWR1ZTZvSHNsTHpvTkpkVlhoNGpES0ZSaEJ5N0ZjTHVQTVZPTUpYRnJHZk50eFU0a0loYWphbUZPUGt5OVEwU3ovL2p4NG5UMG5ndzBFRkd6NEhnUngwV282VmRRTHVmVjhjM1VVVHd0cUhQb1dXNW5VL1haWERvcVRWSHAvRTFtV0duOW5zeFFxb1FFPXw&cppv=2

Request Chain 33

https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=2386813914681935.5&tz=-120&fl=0&rr=direct&s=2956066&bidid=322f7350f443779&transactionid=d4bfd308-d11b-4cba-8a54-2cb0bb952e94&auctionid=ffad852c-251b-42f4-9dba-98f7f267aece&gdprApplies=true&consentString=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A HTTP 302
https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=2386813914681935.5&tz=-120&fl=0&rr=direct&s=2956066&bidid=322f7350f443779&transactionid=d4bfd308-d11b-4cba-8a54-2cb0bb952e94&auctionid=ffad852c-251b-42f4-9dba-98f7f267aece&gdprApplies=true&consentString=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&crf=1

Request Chain 38

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 43

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fezgif.com%2F&domain=ezgif.com&gdprString=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=1P3C3nw1YkVpVWp6SjAyNVVyQ29uUHNPdG40dUlyOXRPMVBITzNCanBUd2VRdGEybWduYm5XZy9GU25DU3RrWmxBSGhzdHhidlpmQVA3MDd5RlJoa21aR0RlaElJMTVZZ2llc1JXdG5WZ1FydDZRakF4Sy8wU2xMTjZrdlJvVTl6UGY2U3RqeUhyakxxc1JGQmVYalRWVi9UcDNTZHk4U2hOQ01jVlZnWVdWSDVhSUhYblJVVm9Sc0VJYUpEaUxBdTEwaVlkTFBZZk41ZjhsVk02aXlKb0pWaUhFN1QzRHdTanhhODByM3hycTlObWFRPXw&cppv=2

Request Chain 62

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 83

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3DBO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%26uid%3D HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&uid=Xy9et1VbLnUAAH8YB7YAAAB4%26710

Request Chain 84

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3DBO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%26uid%3D HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&uid=Xy9et1VbLnUAAH8YB7YAAAB4%26693

Request Chain 108

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv&dcc=t

Request Chain 109

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv&dcc=t

Request Chain 113

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv&dcc=t

Request Chain 126

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 156

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 176

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A

Request Chain 177

https://ads.betweendigital.com/sspmatch-iframe HTTP 302
https://ads.betweendigital.com/sspmatch-iframe?crf=1

Request Chain 182

https://ap.lijit.com/beacon?gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&informer=13401985 HTTP 302
https://ap.lijit.com/beacon?gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&informer=13401985&dnr=1

Request Chain 185

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A

Request Chain 203

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3DBO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%26uid%3D%24UID HTTP 303
https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&uid=4366146039510614719

201 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request split Show response
ezgif.com/
Redirect Chain

http://ezgif.com/split
https://ezgif.com/split

12 KB
5 KB

6ms
2ms

Document
text/html

2a01:4f8:110:4258::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:110:4258::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / PHP/7.4.8

Resource Hash

be2410b9f62e6869f780f9f358bac8b3abf8f2e33b25f5737b05f6937cf87e3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: ezgif.com
:scheme: https
:path: /split
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Sun, 09 Aug 2020 02:25:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.8
cache-control: max-age=1200, private
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sun, 09 Aug 2020 02:25:58 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://ezgif.com/split

GET
H2 200 min4.css
static.ezgif.com/css/ 14 KB
5 KB 27ms
11ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ezgif.com/css/min4.css
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: ce451b872ac22eb17b3abac113e2536d9137830e06750cf2d545300b4f657d6e

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:58 GMT
content-encoding: gzip
status: 200
last-modified: Wed, 18 Mar 2020 06:31:21 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"5e71c039-383f"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2591100
link: <https://ezgif.com/css/min4.css>; rel="canonical"
expires: Tue, 08 Sep 2020 02:10:58 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 51 KB
18 KB 126ms
64ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5d99dd559e0477e3fbe7bae0abe23acb39cf15b33c247bb7eb316a9ee3270584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "596 / 926 of 1000 / last-modified: 1596838533"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17511
x-xss-protection: 0
expires: Sun, 09 Aug 2020 02:25:58 GMT

GET
H2 200 ezgifcom.js Show response
cloud.setupad.com/hb/ 527 KB
179 KB 131ms
28ms Script
application/javascript 35.190.77.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.setupad.com/hb/ezgifcom.js
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.77.190.35.bc.googleusercontent.com
Software: nginx/1.14.1 /
Resource Hash: d5732bec8002c839facba602cd623ed9869191e6e6acde06231226df7977d6f8

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 23:17:18 GMT
content-encoding: gzip
age: 11320
status: 200
alt-svc: clear
content-length: 182433
access-control-allow-origin: *
last-modified: Fri, 07 Aug 2020 12:12:58 GMT
server: nginx/1.14.1
etag: W/"5f2d454a-83d5b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 google
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=21600,public
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Sun, 09 Aug 2020 05:17:18 GMT

GET
H2 200 frames-icon.png
static.ezgif.com/images/ 779 B
1 KB 6ms
5ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ezgif.com/images/frames-icon.png
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 8004f0cb81cf8656806c4d50cbd9ad1438cc81147bfd2a81461613cca5c7c98b

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:58 GMT
last-modified: Mon, 22 Oct 2018 12:14:01 GMT
server: keycdn-engine
x-edge-location: defr
etag: "5bcdbf09-30b"
status: 200
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2591100
accept-ranges: bytes
link: <https://ezgif.com/images/frames-icon.png>; rel="canonical"
content-length: 779
expires: Tue, 08 Sep 2020 02:10:58 GMT

GET
H2 200 aax.js Show response
c.aaxads.com/ 399 KB
102 KB 174ms
98ms Script
text/javascript 104.111.245.249
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAX5H4CNQ&hst=ezgif.com&ver=1.2

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.249 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-249.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5b6c380581db3002cf934ee036e57e956c13afb861b71388c76c7121db1948c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Sun, 09 Aug 2020 02:25:58 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=1800
expires: Sun, 09 Aug 2020 02:55:58 GMT

GET
DATA 200
OK truncated
/ 45 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0878caf45ab3e9900e069b7be7d430ca6a3ccd3f8ce3fe3a08632c5a6f3a3ce7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 i.png
static.ezgif.com/images/ 15 KB
15 KB 6ms
6ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ezgif.com/images/i.png
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 020a6982e28e5f1f8bdc8ac4e28eefd1e079a41419b1bde8fd5dd3491dbc7511

Request headers

Referer: https://static.ezgif.com/css/min4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:58 GMT
last-modified: Wed, 19 Feb 2020 14:09:09 GMT
server: keycdn-engine
x-edge-location: defr
etag: "5e4d4185-3a99"
status: 200
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2591100
accept-ranges: bytes
link: <https://ezgif.com/images/i.png>; rel="canonical"
content-length: 15001
expires: Tue, 08 Sep 2020 02:10:58 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 53 KB
13 KB 123ms
59ms XHR
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/ezgif.com_728x90_middle_responsive_DFP&sz=300x250%7C728x90&t=Placement_type%3Dserving&1596939958724

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

f38c240fd5e44fe288d1728431b5f8ddb030540ab6b5667ca7465dcec66c61b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12650
x-xss-protection: 0
google-lineitem-id: 4878396204
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138253017838
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ezgif.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 53 KB
13 KB 76ms
74ms XHR
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/ezgif.com_1200x300_bottom_responsive_DFP&sz=728x90%7C300x250%7C1200x300%7C970x250&t=Placement_type%3Dserving&1596939958789

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

0bf5c4e859717dc23ba70a48acddd680d413b8692c2c071de7a243869cf98fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12807
x-xss-protection: 0
google-lineitem-id: 4878967199
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138318064906
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ezgif.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 6737
date: Sun, 09 Aug 2020 00:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Sun, 09 Aug 2020 02:33:41 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 109 B
829 B 35ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=ezgif.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Aug 2020 02:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
829 B 35ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ezgif.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Aug 2020 02:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020080301.js Show response
securepubads.g.doubleclick.net/gpt/ 261 KB
92 KB 63ms
63ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

sffe /

Resource Hash

3fe88561aca5dc5f9b8d139823310eb6d6911047267407f8facde07d8cd1b81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Aug 2020 15:21:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93494
x-xss-protection: 0
expires: Sun, 09 Aug 2020 02:25:58 GMT

GET
H2 200 ldt3Y37cfk_190527.js Show response
cloud.setupad.com/postbid/ Frame 6367 128 KB
37 KB 27ms
27ms Script
application/javascript 35.190.77.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.setupad.com/postbid/ldt3Y37cfk_190527.js
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.77.190.35.bc.googleusercontent.com
Software: nginx/1.14.1 /
Resource Hash: 3d22a7341ef338dba69bfda9a5e65bb4ddb4dbd276c937fef1f698f78806da79

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 17:29:48 GMT
content-encoding: gzip
age: 550570
status: 200
alt-svc: clear
content-length: 37956
access-control-allow-origin: *
last-modified: Fri, 28 Jun 2019 12:58:40 GMT
server: nginx/1.14.1
etag: W/"5d160f00-1ff27"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 google
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000,public
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Tue, 01 Sep 2020 17:29:48 GMT

GET
H2 200 stpd200611.js Show response
cloud.setupad.com/postbid/ Frame 6367 425 KB
159 KB 31ms
30ms Script
application/javascript 35.190.77.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.setupad.com/postbid/stpd200611.js
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.77.190.35.bc.googleusercontent.com
Software: nginx/1.14.1 /
Resource Hash: 864b128733a17d57f1c8c7f2a499d1908a40c2b72c43580c66ba48c1627390a7

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 15:27:47 GMT
content-encoding: gzip
age: 644291
status: 200
alt-svc: clear
content-length: 163023
access-control-allow-origin: *
last-modified: Fri, 12 Jun 2020 11:57:40 GMT
server: nginx/1.14.1
etag: W/"5ee36db4-6a345"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 google
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000,public
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Mon, 31 Aug 2020 15:27:47 GMT

GET
H2 200 ldt3Y37cfk_190527.js Show response
cloud.setupad.com/postbid/ Frame FBAB 128 KB
37 KB 43ms
43ms Script
application/javascript 35.190.77.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.setupad.com/postbid/ldt3Y37cfk_190527.js
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.77.190.35.bc.googleusercontent.com
Software: nginx/1.14.1 /
Resource Hash: 3d22a7341ef338dba69bfda9a5e65bb4ddb4dbd276c937fef1f698f78806da79

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 17:29:48 GMT
content-encoding: gzip
age: 550570
status: 200
alt-svc: clear
content-length: 37956
access-control-allow-origin: *
last-modified: Fri, 28 Jun 2019 12:58:40 GMT
server: nginx/1.14.1
etag: W/"5d160f00-1ff27"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 google
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000,public
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Tue, 01 Sep 2020 17:29:48 GMT

GET
H2 200 stpd200611.js Show response
cloud.setupad.com/postbid/ Frame FBAB 425 KB
159 KB 44ms
43ms Script
application/javascript 35.190.77.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.setupad.com/postbid/stpd200611.js
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.77.190.35.bc.googleusercontent.com
Software: nginx/1.14.1 /
Resource Hash: 864b128733a17d57f1c8c7f2a499d1908a40c2b72c43580c66ba48c1627390a7

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 01 Aug 2020 15:27:47 GMT
content-encoding: gzip
age: 644291
status: 200
alt-svc: clear
content-length: 163023
access-control-allow-origin: *
last-modified: Fri, 12 Jun 2020 11:57:40 GMT
server: nginx/1.14.1
etag: W/"5ee36db4-6a345"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 google
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000,public
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Mon, 31 Aug 2020 15:27:47 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 6367 450 B
747 B 27ms
11ms Script
application/javascript 2606:4700:e2::ac40:8720
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 972
status: 200
x-amz-request-id: 22D4FB0A3D873EF2
x-amz-id-2: rkq9kWQc9eSCYLU/byP1zqlwSw8AnD701AdSTkfM/vICUTOoB9RsFXp82g2uyrEGoWbNFHyepaM=
last-modified: Thu, 06 Aug 2020 05:51:31 GMT
server: cloudflare
etag: W/"bfa52622781c173885812009122c3f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-request-id: 0472a313040000dfdbc1339200000001
cf-ray: 5bfe07980ca4dfdb-FRA

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 6367 104 KB
27 KB 93ms
32ms Script
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:22:02 GMT
content-encoding: gzip
server: Server
age: 237
etag: 455f576a29240d2cfe83996aefcdb576
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: L-Q_pHPLQZn22IZmJAKiVpjoEk4W_vHfub1N6fQwxlwaccOSYJP_CQ==
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6367
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fezgif.com%2F&domain=ezgif.com&gdprString=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yf...
https://mug.criteo.com/sid?cpp=AxV7uHxOUUdSYlZFSDg2T0orRVhsMG41bERkVkdhNFlCTUp3SXJNYm9pYnFrRHBlU2FaRW1RNWx1d3J6Sy81VXhHb2xmU2o2eC91Y1NyRS9rNjdvTDFma1lSSjUreThiYTNQaWR1ZTZvSHNsTHpvTkpkVlhoNGpES0ZSaE...

363 B
656 B

75ms
20ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=AxV7uHxOUUdSYlZFSDg2T0orRVhsMG41bERkVkdhNFlCTUp3SXJNYm9pYnFrRHBlU2FaRW1RNWx1d3J6Sy81VXhHb2xmU2o2eC91Y1NyRS9rNjdvTDFma1lSSjUreThiYTNQaWR1ZTZvSHNsTHpvTkpkVlhoNGpES0ZSaEJ5N0ZjTHVQTVZPTUpYRnJHZk50eFU0a0loYWphbUZPUGt5OVEwU3ovL2p4NG5UMG5ndzBFRkd6NEhnUngwV282VmRRTHVmVjhjM1VVVHd0cUhQb1dXNW5VL1haWERvcVRWSHAvRTFtV0duOW5zeFFxb1FFPXw&cppv=2

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

670eda79922a2ee9669527d8b79c7f37868d9792def1184a7c299ee1cd002d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 09 Aug 2020 02:25:59 GMT
status: 200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2595
content-length: 363
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
status: 302
date: Sun, 09 Aug 2020 02:25:58 GMT
location: https://mug.criteo.com/sid?cpp=AxV7uHxOUUdSYlZFSDg2T0orRVhsMG41bERkVkdhNFlCTUp3SXJNYm9pYnFrRHBlU2FaRW1RNWx1d3J6Sy81VXhHb2xmU2o2eC91Y1NyRS9rNjdvTDFma1lSSjUreThiYTNQaWR1ZTZvSHNsTHpvTkpkVlhoNGpES0ZSaEJ5N0ZjTHVQTVZPTUpYRnJHZk50eFU0a0loYWphbUZPUGt5OVEwU3ovL2p4NG5UMG5ndzBFRkd6NEhnUngwV282VmRRTHVmVjhjM1VVVHd0cUhQb1dXNW5VL1haWERvcVRWSHAvRTFtV0duOW5zeFFxb1FFPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ezgif.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1771
content-length: 482
expires: 0

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 6367 1 KB
860 B 32ms
15ms XHR
application/json 2606:4700:e6::ac40:c90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0db548d1d44a4ee551ccab83e83827b7946cdf7fbcba7acf76f96f996989d0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ezgif.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bfe07983b8863d7-FRA
cf-request-id: 0472a31321000063d73201d200000001
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 6367 154 B
217 B 88ms
72ms XHR
application/json 2606:4700:e6::ac40:c90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e5e29d0c9833e13c2611b1750b700c7145d7111f8f740796088c031698ab7c6

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://ezgif.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bfe07983b8963d7-FRA
cf-request-id: 0472a31321000063d73201e200000001
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 6367 0
139 B 57ms
19ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.23.0-pre&cb=62217098418
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 09 Aug 2020 02:25:58 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://ezgif.com
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 6367 47 B
718 B 117ms
55ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.23.0-pre
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d14f88ac1fd696cb87b141c4d26240da14c2dda126b472ecb17c811389af656

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 09 Aug 2020 02:25:59 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ezgif.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 65

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 6367 0
163 B 94ms
32ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 09 Aug 2020 02:25:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ezgif.com
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6367 240 B
2 KB 189ms
96ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=227822&zone_id=1134632&size_id=2&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&rp_schain=1.0,1!setupad.com,158,1,,,&rf=https%3A%2F%2Fezgif.com%2Fsplit&tk_flint=pbjs_lite_v3.23.0-pre&x_source.tid=d4bfd308-d11b-4cba-8a54-2cb0bb952e94&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9276176705572885
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ef1f979571397a6f809d42051fddf5fb8db32d0509f42bfeee36a8bf8cb8c722

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6367 145 B
1 KB 118ms
45ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

d41d71e867d1a86caa0e2b4d56663d9c19119a71b53dc2aaec19c53e01efaaa6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.25:80
AN-X-Request-Uuid: 03fa0c34-ba45-4166-af66-fed34ddb9d7c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6367 145 B
1 KB 117ms
44ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

32bf69ac7f51506d5634a3fc621cd8cb9932d9045be2a5ec4470549842a887e9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.42:80
AN-X-Request-Uuid: 991e8b86-0639-4149-a91f-b63021402c67
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 6367 0
694 B 312ms
102ms XHR
text/plain 198.148.27.134
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 09 Aug 2020 02:25:58 GMT
server: envoy
status: 204
cwdl: 22/4211
access-control-allow-origin: https://ezgif.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7
cw-server: bid-deployment-stage-1

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ Frame 6367 0
301 B 129ms
34ms XHR
text/html 18.196.104.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1596939959062&src=pbjs
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 09 Aug 2020 02:25:58 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 6367 5 B
445 B 171ms
86ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTYyNjIzNSZ0cmFuc2FjdGlvbklkPWQ0YmZkMzA4LWQxMWItNGNiYS04YTU0LTJjYjBiYjk1MmU5NA%3D%3D&pt=gross&stid=ffad852c-251b-42f4-9dba-98f7f267aece&gdpr=true&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&fd=1

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ezgif.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 arj Show response
setupad-d.openx.net/w/1.0/ Frame 6367 321 B
666 B 154ms
43ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fezgif.com%2Fsplit&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=d4bfd308-d11b-4cba-8a54-2cb0bb952e94&nocache=1596939959064&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&gdpr=1&x_gdpr_f=1&pubcid=ad653b80-a20a-4ad7-8e6e-41341a280899&schain=1.0%2C1!setupad.com%2C158%2C1%2C%2C%2C&aus=728x90&divIds=div-custom-ad-1596939958878-0&auid=540890850
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.191.0 /
Resource Hash: 14c3c40fc11020d664adfd9173e36de3c26fc51365fcd2f682747d3c8477c323

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
server: OXGW/16.191.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ezgif.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 274
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 6367 0
422 B 66ms
23ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://ezgif.com
access-control-allow-credentials: true
cf-ray: 5bfe07987e39ee54-CDG
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0472a3134b0000ee54f63fc200000001

GET
H2

200

adjson Show response
ads.betweendigital.com/ Frame 6367
Redirect Chain

https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=2386813914681935.5&tz=-120&fl=0&rr=direct&s=2956066&bidid=322f7350f443779&transactionid=d4bfd308-d11b-4cba-8a54-2cb0bb952e94&auctionid=...
https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=2386813914681935.5&tz=-120&fl=0&rr=direct&s=2956066&bidid=322f7350f443779&transactionid=d4bfd308-d11b-4cba-8a54-2cb0bb952e94&auctionid=...

2 B
247 B

32ms
32ms

XHR
application/json

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=2386813914681935.5&tz=-120&fl=0&rr=direct&s=2956066&bidid=322f7350f443779&transactionid=d4bfd308-d11b-4cba-8a54-2cb0bb952e94&auctionid=ffad852c-251b-42f4-9dba-98f7f267aece&gdprApplies=true&consentString=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&crf=1
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://ezgif.com
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://ezgif.com
content-length: 0
location: /adjson?sizes=728x90&jst=hb&ord=2386813914681935.5&tz=-120&fl=0&rr=direct&s=2956066&bidid=322f7350f443779&transactionid=d4bfd308-d11b-4cba-8a54-2cb0bb952e94&auctionid=ffad852c-251b-42f4-9dba-98f7f267aece&gdprApplies=true&consentString=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&crf=1

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 6367 25 B
983 B 189ms
119ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=321807&v=7.2&r=%7B%22id%22%3A%2233cb98f9165c9e9%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22344454d9417e05c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_728x90_desktop_middle%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fezgif.com%2Fsplit%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%22158%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb8549cc52deeac2372454c8de72e57f08d50bcaf10e8bf9895627d23a44430c

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Sun, 09 Aug 2020 02:25:59 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 6367 0
112 B 173ms
97ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 09 Aug 2020 02:25:59 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://ezgif.com

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6367 0
1 KB 191ms
107ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
x-smrt-d: 4%3b5%3b87
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://ezgif.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 6367 51 KB
18 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9679fda99fc363c35b1b53da2732fea174a33b93603f3058c1f0f59dce2c6b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "596 / 378 of 1000 / last-modified: 1596838610"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17511
x-xss-protection: 0
expires: Sun, 09 Aug 2020 02:25:59 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame C2B9
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

0
0

135ms
54ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 29 Jul 2020 16:40:43 GMT
Content-Encoding: gzip
Content-Length: 9469
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=81936
Expires: Mon, 10 Aug 2020 01:11:35 GMT
Date: Sun, 09 Aug 2020 02:25:59 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date: Sun, 09 Aug 2020 02:25:59 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
206 B 38ms
37ms Image
image/gif 104.111.245.249
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.249 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-245-249.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
status: 200
cache-control: max-age=795087
accept-ranges: bytes
content-length: 43
expires: Tue, 18 Aug 2020 07:17:26 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
323 B 109ms
34ms Image
image/gif 104.111.243.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.243.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-243-142.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 09 Aug 2020 02:25:59 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=853491
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 18 Aug 2020 23:30:50 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame FBAB 450 B
307 B 11ms
9ms Script
application/javascript 2606:4700:e2::ac40:8720
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 972
status: 200
x-amz-request-id: 22D4FB0A3D873EF2
x-amz-id-2: rkq9kWQc9eSCYLU/byP1zqlwSw8AnD701AdSTkfM/vICUTOoB9RsFXp82g2uyrEGoWbNFHyepaM=
last-modified: Thu, 06 Aug 2020 05:51:31 GMT
server: cloudflare
etag: W/"bfa52622781c173885812009122c3f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-request-id: 0472a313880000dfdbc1340200000001
cf-ray: 5bfe0798ddb1dfdb-FRA

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame FBAB 104 KB
27 KB 30ms
30ms Script
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:22:02 GMT
content-encoding: gzip
server: Server
age: 237
etag: 455f576a29240d2cfe83996aefcdb576
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZB0mmsbzRDl52OxDk9dX-qtjfu4v572fofQSrfV4F3vplpCa_oj0nA==
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)

GET
H2

200

sid Show response
mug.criteo.com/ Frame FBAB
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fezgif.com%2F&domain=ezgif.com&gdprString=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yf...
https://mug.criteo.com/sid?cpp=1P3C3nw1YkVpVWp6SjAyNVVyQ29uUHNPdG40dUlyOXRPMVBITzNCanBUd2VRdGEybWduYm5XZy9GU25DU3RrWmxBSGhzdHhidlpmQVA3MDd5RlJoa21aR0RlaElJMTVZZ2llc1JXdG5WZ1FydDZRakF4Sy8wU2xMTjZrdl...

350 B
643 B

41ms
19ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=1P3C3nw1YkVpVWp6SjAyNVVyQ29uUHNPdG40dUlyOXRPMVBITzNCanBUd2VRdGEybWduYm5XZy9GU25DU3RrWmxBSGhzdHhidlpmQVA3MDd5RlJoa21aR0RlaElJMTVZZ2llc1JXdG5WZ1FydDZRakF4Sy8wU2xMTjZrdlJvVTl6UGY2U3RqeUhyakxxc1JGQmVYalRWVi9UcDNTZHk4U2hOQ01jVlZnWVdWSDVhSUhYblJVVm9Sc0VJYUpEaUxBdTEwaVlkTFBZZk41ZjhsVk02aXlKb0pWaUhFN1QzRHdTanhhODByM3hycTlObWFRPXw&cppv=2

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d344c61f14cf04732d751b775ddd9ff0fc6edf7b6933599a9e403f0dcd29c9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 09 Aug 2020 02:25:58 GMT
status: 200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1512
content-length: 350
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
status: 302
date: Sun, 09 Aug 2020 02:25:58 GMT
location: https://mug.criteo.com/sid?cpp=1P3C3nw1YkVpVWp6SjAyNVVyQ29uUHNPdG40dUlyOXRPMVBITzNCanBUd2VRdGEybWduYm5XZy9GU25DU3RrWmxBSGhzdHhidlpmQVA3MDd5RlJoa21aR0RlaElJMTVZZ2llc1JXdG5WZ1FydDZRakF4Sy8wU2xMTjZrdlJvVTl6UGY2U3RqeUhyakxxc1JGQmVYalRWVi9UcDNTZHk4U2hOQ01jVlZnWVdWSDVhSUhYblJVVm9Sc0VJYUpEaUxBdTEwaVlkTFBZZk41ZjhsVk02aXlKb0pWaUhFN1QzRHdTanhhODByM3hycTlObWFRPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ezgif.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2354
content-length: 482
expires: 0

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame FBAB 1 KB
470 B 12ms
12ms XHR
application/json 2606:4700:e6::ac40:c90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5fd0da9de60e9ac06d150a0b8af0df0a5e6ce0c68c548874763ce959987c880

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ezgif.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bfe0798fba663d7-FRA
cf-request-id: 0472a3139b000063d73201f200000001
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame FBAB 154 B
206 B 75ms
75ms XHR
application/json 2606:4700:e6::ac40:c90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc77a6abedf64177e5881fa21f66bc9de67659b988640939939cf3ecc44b1a11

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://ezgif.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bfe0798fba763d7-FRA
cf-request-id: 0472a3139c000063d732020200000001
expires: 0

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ Frame FBAB 0
301 B 38ms
38ms XHR
text/html 18.196.104.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1596939959194&src=pbjs
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 09 Aug 2020 02:25:58 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

GET
H2 200 adjson Show response
ads.betweendigital.com/ Frame FBAB 2 B
247 B 32ms
31ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?sizes=970x250%252C728x90%252C980x300%252C800x250%252C980x240%252C930x180%252C750x200%252C980x150%252C750x100%252C750x150%252C920x200%252C930x150%252C980x120%252C970x90%252C750x300%252C840x250%252C850x250%252C852x210%252C860x200%252C880x250%252C930x180%252C950x90%252C960x90%252C970x66%252C970x120%252C970x200%252C970x210%252C970x240%252C970x300%252C970x310%252C980x90%252C980x180%252C980x200%252C980x250%252C980x310%252C1000x90%252C1000x100%252C1000x120%252C1000x150%252C1000x200%252C1000x300%252C1000x300%252C1100x210%252C1100x250&jst=hb&ord=4775018868851542&tz=-120&fl=0&rr=direct&s=2956068&bidid=12ba5dec6284d7c&transactionid=3af5b34f-10fb-4a20-8f9c-9f66e4e5cd7f&auctionid=9493961d-ae9e-4e7a-821a-9eba44e380b9&gdprApplies=true&consentString=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://ezgif.com
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ Frame FBAB 5 B
444 B 119ms
119ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTYyNjIzOCZ0cmFuc2FjdGlvbklkPTNhZjViMzRmLTEwZmItNGEyMC04ZjljLTlmNjZlNGU1Y2Q3Zg%3D%3D&pt=gross&stid=9493961d-ae9e-4e7a-821a-9eba44e380b9&gdpr=true&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&fd=1

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ezgif.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FBAB 145 B
1 KB 45ms
45ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2268c14baf1b41fe936101e5d36aa1d832a243f62a394e73c2185be686a23c27

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.39:80
AN-X-Request-Uuid: 2c01dafe-a8ae-449b-88cf-beb8b6456752
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame FBAB 0
163 B 32ms
31ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 09 Aug 2020 02:25:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ezgif.com
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 arj Show response
setupad-d.openx.net/w/1.0/ Frame FBAB 322 B
471 B 123ms
123ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fezgif.com%2Fsplit&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=3af5b34f-10fb-4a20-8f9c-9f66e4e5cd7f&nocache=1596939959197&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&gdpr=1&x_gdpr_f=1&pubcid=ad653b80-a20a-4ad7-8e6e-41341a280899&schain=1.0%2C1!setupad.com%2C158%2C1%2C%2C%2C&aus=970x250%2C728x90%2C980x300%2C800x250%2C980x240%2C930x180%2C750x200%2C980x150%2C750x100%2C750x150%2C920x200%2C930x150%2C980x120%2C970x90%2C750x300%2C840x250%2C850x250%2C852x210%2C860x200%2C880x250%2C930x180%2C950x90%2C960x90%2C970x66%2C970x120%2C970x200%2C970x210%2C970x240%2C970x300%2C970x310%2C980x90%2C980x180%2C980x200%2C980x250%2C980x310%2C1000x90%2C1000x100%2C1000x120%2C1000x150%2C1000x200%2C1000x300%2C1000x300%2C1100x210%2C1100x250&divIds=div-custom-ad-1596939958884-0&auid=540890956
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.191.0 /
Resource Hash: c641070cac80b08e2de649bc915e2f3177c8a1e44e132abd2ae091d1cfe9dd4c

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
server: OXGW/16.191.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ezgif.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 275
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame FBAB 0
1 KB 181ms
117ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:58 GMT
x-smrt-d: 4%3b17%3b96
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://ezgif.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame FBAB 0
139 B 20ms
19ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.23.0-pre&cb=89030528882
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 09 Aug 2020 02:25:58 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://ezgif.com
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame FBAB 47 B
716 B 59ms
59ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.23.0-pre
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: f1f168b5eda190ee7bbfb4f50fb3b9f6ea90eb7bea1dfa0ae43ba82df4ea0204

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 09 Aug 2020 02:25:59 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ezgif.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 63

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame FBAB 269 B
2 KB 144ms
96ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=227822&zone_id=1134638&size_id=2&alt_size_ids=31%2C38%2C38%2C39%2C40%2C41%2C55%2C57%2C58%2C78%2C79%2C94%2C96%2C113%2C113%2C125%2C145&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&rp_schain=1.0,1!setupad.com,158,1,,,&rf=https%3A%2F%2Fezgif.com%2Fsplit&tk_flint=pbjs_lite_v3.23.0-pre&x_source.tid=3af5b34f-10fb-4a20-8f9c-9f66e4e5cd7f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.17903728581702882
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6500adfadc14bb183ccc1eea0e9679913ff77aa9194849362dd8d2663e69c990

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 269
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET cygnus
as-sec.casalemedia.com/ Frame FBAB 0
0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame FBAB 0
62 B 23ms
23ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://ezgif.com
access-control-allow-credentials: true
cf-ray: 5bfe07991ebfee54-CDG
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0472a313ad0000ee54f63ff200000001

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FBAB 145 B
1 KB 44ms
44ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c634b29c3985d2fece18dd7a8d8b82e7909476c2c4821f3db359136bccb8dbd8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.115:80
AN-X-Request-Uuid: aa55747e-b45a-46d2-9348-ea60d72e9b6a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame FBAB 0
56 B 75ms
74ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 09 Aug 2020 02:25:59 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://ezgif.com

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame FBAB 0
550 B 166ms
103ms XHR
text/plain 198.148.27.134
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 09 Aug 2020 02:25:58 GMT
server: envoy
status: 204
cwdl: 22/4211
access-control-allow-origin: https://ezgif.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 8
cw-server: bid-deployment-7f6f48c97b-sb4h6

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame FBAB 51 KB
17 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3f542f904faa40728ec73c89bd88d360cfd49bcd3c08de009bb83a5de1d2c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "596 / 737 of 1000 / last-modified: 1596838533"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17510
x-xss-protection: 0
expires: Sun, 09 Aug 2020 02:25:59 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 83FE
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

0
0

112ms
42ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KDMGTIM6-1B-21D9; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu3J56GbFHOusT2oB2bGFUXAVCH6K1Kp8wNUuQw1v0N7O/GHFHInoAX9UM8CP6/6VPKGajCebujdy0A1b3+vmJA0ZLc6w/UqGezzEVT+cKs1w81vXQ==; ses2=; vis2=227822^1; audit=1|hLZGFuTafB0XVzWOR+oYAXQnVL2heOLCSnfLvUJF21/xnt8vYVdrYOESfcaEOUPUJhsHlJbldDdXUdXZeUiMXCN0j1MvJhxNknvi6yGyAcpDHLaRTSX1IbzA/h2FuvTqg5A8UiRG5nbsbZG1mQ6sKAGNpaXQrT4uIEfrDqq3DvCz/iA81XmYckGqru1LDVXCd1wrH7a4rVF7wlBWXO2varjvMPVjGH/Mr61SzIvacXtPXNvusw9/2Qtq+6hNyqs4JaJm8yg64HKma+WVcS1g3g==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 29 Jul 2020 16:40:43 GMT
Content-Encoding: gzip
Content-Length: 9469
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=81936
Expires: Mon, 10 Aug 2020 01:11:35 GMT
Date: Sun, 09 Aug 2020 02:25:59 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date: Sun, 09 Aug 2020 02:25:59 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 104 KB
27 KB 30ms
30ms Script
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:22:02 GMT
content-encoding: gzip
server: Server
age: 237
etag: 455f576a29240d2cfe83996aefcdb576
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: bgAzkcuyj1aTz9lEFmlLQxA3PnJ11CeOXlPlOtBRS8ldr95NLfCqyw==
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ 42 B
129 B 23ms
23ms XHR
application/json 2606:4700:e6::ac40:c90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ezgif.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bfe07994baa63d7-FRA
content-length: 42
cf-request-id: 0472a313c8000063d732021200000001
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ 139 B
200 B 82ms
82ms XHR
application/json 2606:4700:e6::ac40:c90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca0d37e8ee3be75dbde6527864819b3f079d63d2d0338bb3c526ecca3b83055

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://ezgif.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bfe07994bab63d7-FRA
cf-request-id: 0472a313c9000063d732022200000001
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 256 B
1 KB 57ms
57ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4cd95bfc06e06b221a8f5038a47c1ae4b78e6ed28d5a1d3b046e3cbc04b901fb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.50:80
AN-X-Request-Uuid: 53974069-a4ba-46c7-852b-3da79ed6536c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 256
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
975 B 159ms
150ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=321807&v=7.2&r=%7B%22id%22%3A%2215cf6e44fa58d1a%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2216bbb02e09fbbec%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_728x90_desktop_top%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221759090e5baebdd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_300x600_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22185bd5f772d94cd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_300x600_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2219230d2a43a3a42%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_300x600_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A300%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2220f33aa517c4888%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_300x600_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22217b8979577d3c4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_300x600_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2222dfe7ecaea8e95%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_300x600_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A200%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2223fd55eeb276529%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_300x600_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22242608906c2dbdc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_300x600_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A240%2C%22h%22%3A400%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22255133182232f9e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_300x600_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A240%2C%22h%22%3A500%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2226ec57c336d8e1e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_300x600_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A360%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2227f596d691e4a61%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_300x600_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A500%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fezgif.com%2Fsplit%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%22158%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2bf23eba6f370559951e9b9d8ac0d6de3b9d76d90492f071d8932061b49811c9

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Sun, 09 Aug 2020 02:25:59 GMT

GET
H2 200 arj Show response
setupad-d.openx.net/w/1.0/ 323 B
472 B 142ms
142ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fezgif.com%2Fsplit&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=f9e9f25d-fd75-4d75-90f8-fa8c45610fdb%2C62aa265b-3241-4848-806e-460276f27d5b&nocache=1596939959263&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&gdpr=1&x_gdpr_f=1&pubcid=ad653b80-a20a-4ad7-8e6e-41341a280899&schain=1.0%2C1!setupad.com%2C158%2C1%2C%2C%2C&aus=728x90%7C300x600%2C300x250%2C300x300%2C160x600%2C250x600%2C300x200%2C120x600%2C240x400%2C240x500%2C250x360%2C250x500&divIds=ezgif.com_728x90_top_responsive%2Cezgif.com_300x600_1&auid=540890850%2C541010027
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.191.0 /
Resource Hash: 759776de13776c14d10dcafc9bfe18af17d9e8273058d2b5d5301da18e53f398

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
server: OXGW/16.191.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ezgif.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 276
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 127ms
116ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:58 GMT
x-smrt-d: 4%3b2%3b91
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://ezgif.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 227ms
128ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
x-smrt-d: 4%3b20%3b73
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://ezgif.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 96ms
96ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 09 Aug 2020 02:25:59 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://ezgif.com

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 134ms
79ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=227822&zone_id=1134626&size_id=2&gdpr=1&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&rp_schain=1.0,1!setupad.com,158,1,,,&rf=https%3A%2F%2Fezgif.com%2Fsplit&tk_flint=pbjs_lite_v3.22.0-pre&x_source.tid=f9e9f25d-fd75-4d75-90f8-fa8c45610fdb&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.02080650631791059
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d7067de289f4ec12ce0de329069f6d7b78a459127404eec84fed2bc02244fd27

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 270 B
1 KB 176ms
100ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=227822&zone_id=1610166&size_id=15&alt_size_ids=9%2C8%2C10%2C17%2C32%2C48%2C179&gdpr=1&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&rp_schain=1.0,1!setupad.com,158,1,,,&rf=https%3A%2F%2Fezgif.com%2Fsplit&tk_flint=pbjs_lite_v3.22.0-pre&x_source.tid=62aa265b-3241-4848-806e-460276f27d5b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3601202268307928
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e96cb7ecc756edd58a9dc0d9bbbe82c7bf4ea2c8ca4b27734ba7a6c08dc15671

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 270
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
891 B 47ms
47ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.165:80
AN-X-Request-Uuid: 6238b9fa-d200-4b07-9372-4159cea312b4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 46 B
717 B 55ms
55ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.22.0-pre
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: e24c7b6d63e9ca9f4b51d7b88947656b34ced12f8f9aa40ef1cb0a8067a8fd46

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 09 Aug 2020 02:25:59 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ezgif.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 64

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
139 B 19ms
19ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.22.0-pre&cb=93692042735
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 09 Aug 2020 02:25:58 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://ezgif.com
timing-allow-origin: *
vary: Origin

GET
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
247 B 44ms
44ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?sizes=728x90&jst=hb&ord=8335666323169881&tz=-120&fl=0&rr=direct&s=2956066&bidid=506c9a4fcdb9797&transactionid=f9e9f25d-fd75-4d75-90f8-fa8c45610fdb&auctionid=b85a5e43-db85-470d-860a-e1c484ed1936&gdprApplies=true&consentString=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://ezgif.com
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
247 B 44ms
44ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250%252C300x300%252C160x600%252C250x600%252C300x200%252C120x600%252C240x400%252C240x500%252C250x360%252C250x500&jst=hb&ord=7604234181737690&tz=-120&fl=0&rr=direct&s=2956069&bidid=51fbfe76fa9b683&transactionid=62aa265b-3241-4848-806e-460276f27d5b&auctionid=b85a5e43-db85-470d-860a-e1c484ed1936&gdprApplies=true&consentString=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://ezgif.com
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
562 B 104ms
104ms XHR
text/plain 198.148.27.134
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 09 Aug 2020 02:25:58 GMT
server: envoy
status: 204
cwdl: 22/4211,22/4211
access-control-allow-origin: https://ezgif.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
cw-server: bid-deployment-7f6f48c97b-5wkgz

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
163 B 43ms
43ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 09 Aug 2020 02:25:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ezgif.com
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 / Show response
adx.adform.net/adx/ 10 B
450 B 119ms
119ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTYyNjIzMiZ0cmFuc2FjdGlvbklkPWY5ZTlmMjVkLWZkNzUtNGQ3NS05MGY4LWZhOGM0NTYxMGZkYg%3D%3D&bWlkPTc5MDk5MCZ0cmFuc2FjdGlvbklkPTYyYWEyNjViLTMyNDEtNDg0OC04MDZlLTQ2MDI3NmYyN2Q1Yg%3D%3D&pt=gross&stid=b85a5e43-db85-470d-860a-e1c484ed1936&gdpr=true&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&fd=1

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ezgif.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 10
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 256 B
1 KB 94ms
46ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

62130ceb5bf26289869eae5719b7d04837cd9b4cc3d467dcf172d522ff477e30

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.9:80
AN-X-Request-Uuid: 2944b626-d18f-4148-af54-58928ff5b91a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ezgif.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 256
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
prebid-stag.setupad.net/ Frame 6367
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3DBO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v...
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk8...

0
267 B

14ms
14ms

Image
text/plain

2606:4700:e6::ac40:c90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&uid=Xy9et1VbLnUAAH8YB7YAAAB4%26710
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 5bfe079a7bd463d7-FRA
content-length: 0
cf-request-id: 0472a31487000063d732025200000001
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&uid=Xy9et1VbLnUAAH8YB7YAAAB4%26710
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 435
Expires: Sun, 09 Aug 2020 02:25:59 GMT

GET
H2

200

setuid
prebid-stag.setupad.net/ Frame FBAB
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3DBO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v...
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk8...

0
264 B

14ms
13ms

Image
text/plain

2606:4700:e6::ac40:c90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&uid=Xy9et1VbLnUAAH8YB7YAAAB4%26693
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 5bfe079a9bd863d7-FRA
content-length: 0
cf-request-id: 0472a3149a000063d732026200000001
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 09 Aug 2020 02:25:59 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&uid=Xy9et1VbLnUAAH8YB7YAAAB4%26693
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 435
Expires: Sun, 09 Aug 2020 02:25:59 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 6367 63 KB
19 KB 39ms
20ms Fetch
application/javascript 2606:4700:e2::ac40:8720
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 821c12bc3b602cc96e2289a5142e4a67402342ee44fee3145412fdc542ed4cb3

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 157
status: 200
x-amz-request-id: 8874951D7F7AF416
x-amz-id-2: FN2Hi0kZpNRHb35P5K0VsyAAV74sKyeVC/W2BEDSV/6XWg43vvYWIYoPZQongncDdglCgFeypwg=
last-modified: Thu, 06 Aug 2020 05:51:29 GMT
server: cloudflare
etag: W/"4a229fdde14f5a9d448571b8f77782b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-request-id: 0472a3142f0000c29a38a3b200000001
cf-ray: 5bfe0799e972c29a-FRA

GET
H2 200 log
l3.aaxads.com/ 35 B
194 B 40ms
34ms Image
image/gif 104.111.245.249
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dewh=SSP_CLIENT&dgeg=0&dgw=desktop&flg=AAX5H4CNQ&fw=PARIS&ff=FR&xjg=4&skw=1200&slg=8PR6YK195&gq=ezgif.com&vhuyqdph=rtb-nv-dcos-ssp-10-6-34-208-4366&vg=1&vyu=0606_63_0613_38_ssp&vf=IDF&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001596939959125013824209929962&vvsDeExfnhw=CONTROL&qsd=1&oz=0&gdss=green&jgsu_hqi=1&fvha=0&jgivwu=YYN&jgsu=1&fvvwu=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&wfi_fps=&wfi_vwdwxv=&wfi_sus=&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=false&xvs_vwulqj=&xifd=-1&jixqgo=1000&jwg=100&qjixqgo=1000&ugo=800&deg=2&gvwduw=39&ghqg=231&uhtxuo=https%3A%2F%2Fezgif.com%2Fsplit&nzui=
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.245.249 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-245-249.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:25:59 GMT
server: Jetty(9.4.25.v20191220)
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sun, 09 Aug 2020 02:25:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6367 109 B
168 B 16ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ezgif.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6367 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ezgif.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020080301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6367 261 KB
91 KB 63ms
62ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js?21067000

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

sffe /

Resource Hash

3fe88561aca5dc5f9b8d139823310eb6d6911047267407f8facde07d8cd1b81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Aug 2020 15:21:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93494
x-xss-protection: 0
expires: Sun, 09 Aug 2020 02:25:59 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 6367 280 B
616 B 172ms
171ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fezgif.com%2Fsplit&pid=ZYyrnBJRatEJA&cb=0&ws=728x150&v=7.53.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F147246189%2Fezgif.com_728x90_desktop_middle%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=1&gdprc=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&gdprl=%7B%22status%22%3A%22cmp-success%22%2C%22rtimes%22%3A%5B1%5D%2C%22cc%22%3A%222%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 3867b5671385543c1cb10513e86267fb397515555b9ef3a1b12447d2afca6670

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ezgif.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 245
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-id: VxuitDGZHlIiOVInHKGmK1U-WcRBo7DQDzHCJCw1zuW_TAx23-Uaow==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6367 6 KB
3 KB 395ms
30ms XHR
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 01:00:51 GMT
content-encoding: gzip
vary: Origin
age: 5109
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 23 Jun 2020 10:10:39 GMT
server: AmazonS3
etag: "a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: h7di8ZdkKnhCENqbxpv_0dEfYFiN5Mcy_FHh0F5jxKpeqXhorcI-xQ==

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame FBAB 63 KB
18 KB 19ms
18ms Fetch
application/javascript 2606:4700:e2::ac40:8720
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 821c12bc3b602cc96e2289a5142e4a67402342ee44fee3145412fdc542ed4cb3

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 157
status: 200
x-amz-request-id: 8874951D7F7AF416
x-amz-id-2: FN2Hi0kZpNRHb35P5K0VsyAAV74sKyeVC/W2BEDSV/6XWg43vvYWIYoPZQongncDdglCgFeypwg=
last-modified: Thu, 06 Aug 2020 05:51:29 GMT
server: cloudflare
etag: W/"4a229fdde14f5a9d448571b8f77782b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-request-id: 0472a314310000c29a38a3c200000001
cf-ray: 5bfe0799e976c29a-FRA

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame FBAB 280 B
616 B 160ms
159ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fezgif.com%2Fsplit&pid=khUn19gS2hLA1&cb=0&ws=1100x150&v=7.53.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22980x300%22%2C%22800x250%22%2C%22980x240%22%2C%22930x180%22%2C%22750x200%22%2C%22980x150%22%2C%22750x100%22%2C%22750x150%22%2C%22920x200%22%2C%22930x150%22%2C%22980x120%22%2C%22970x90%22%2C%22750x300%22%2C%22840x250%22%2C%22850x250%22%2C%22852x210%22%2C%22860x200%22%2C%22880x250%22%2C%22930x180%22%2C%22950x90%22%2C%22960x90%22%2C%22970x66%22%2C%22970x120%22%2C%22970x200%22%2C%22970x210%22%2C%22970x240%22%2C%22970x300%22%2C%22970x310%22%2C%22980x90%22%2C%22980x180%22%2C%22980x200%22%2C%22980x250%22%2C%22980x310%22%2C%221000x90%22%2C%221000x100%22%2C%221000x120%22%2C%221000x150%22%2C%221000x200%22%2C%221000x300%22%2C%221000x300%22%2C%221100x210%22%2C%221100x250%22%5D%2C%22sn%22%3A%22%2F147246189%2Fezgif.com_1200x300_desktop_bottom%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=1&gdprc=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&gdprl=%7B%22lsStatus%22%3A%22cmp-override%22%2C%22status%22%3A%22cmp-success%22%2C%22rtimes%22%3A%5B0%5D%2C%22cc%22%3A%221%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 990762a2c214a6b4a9399750234da158ae672856924ab8d0c851c9926a802026

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ezgif.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 245
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-id: -yHPcd0DR5Dxg_SZh_BuBXnHSkrap7DwAO0RD7ei_uVdfKL0EfA4BQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame FBAB 6 KB
3 KB 388ms
32ms XHR
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 01:00:51 GMT
content-encoding: gzip
vary: Origin
age: 5109
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 23 Jun 2020 10:10:39 GMT
server: AmazonS3
etag: "a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: VTIscLgZoGDLqPhIacZt_9mGv1vE6dEMMmKozinD0BJB6CpnUROjzA==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame FBAB 109 B
168 B 16ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ezgif.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame FBAB 109 B
168 B 16ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ezgif.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020080301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame FBAB 261 KB
91 KB 64ms
63ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

sffe /

Resource Hash

3fe88561aca5dc5f9b8d139823310eb6d6911047267407f8facde07d8cd1b81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Aug 2020 15:21:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93494
x-xss-protection: 0
expires: Sun, 09 Aug 2020 02:25:59 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 678 B
834 B 237ms
236ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fezgif.com%2Fsplit&pid=uoglECwgIYp07&cb=0&ws=1600x1200&v=7.53.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F147246189%2Fezgif.com_728x90_desktop_top%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x300%22%2C%22160x600%22%2C%22250x600%22%2C%22300x200%22%2C%22120x600%22%2C%22240x400%22%2C%22240x500%22%2C%22250x360%22%2C%22250x500%22%5D%2C%22sn%22%3A%22%2F147246189%2Fezgif.com_300x600_1%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=1&gdprc=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&gdprl=%7B%22lsStatus%22%3A%22cmp-override%22%2C%22status%22%3A%22cmp-success%22%2C%22rtimes%22%3A%5B0%5D%2C%22cc%22%3A%221%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 52cfc5499d44aa6b7a069c213845a6a8528a5152d672262b5d35fecaae46af9d

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ezgif.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 463
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-id: SE-VwNpbExMBYnOx1H2uupZrkc2B2zgxcgMNH7zX1RDCaxiWoIIodw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 373ms
32ms XHR
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 01:00:51 GMT
content-encoding: gzip
vary: Origin
age: 5109
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 23 Jun 2020 10:10:39 GMT
server: AmazonS3
etag: "a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: -Yig90xTCz-9TGYXiofT8qMRnE27n5sZW9Ys3V2LnDQPTiYbggDWwA==

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D324 0
0 111ms
38ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3DBO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%26uid%3D
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:40 GMT
ETag: "1300708-1f7d-5abd2241d66f9"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2655
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=149037
Expires: Mon, 10 Aug 2020 19:49:56 GMT
Date: Sun, 09 Aug 2020 02:25:59 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B047 0
0 129ms
35ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3DBO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%26uid%3D
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:40 GMT
ETag: "1300708-1f7d-5abd2241d66f9"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2655
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=149037
Expires: Mon, 10 Aug 2020 19:49:56 GMT
Date: Sun, 09 Aug 2020 02:25:59 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FBAB 40 KB
11 KB 289ms
289ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1932040509885999&correlator=3417478806418469&output=ldjh&impl=fifs&adsid=NT&vrg=2020080301&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200809&iu_parts=147246189%2Cezgif.com_1200x300_desktop_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C728x90%7C980x300%7C800x250%7C980x240%7C930x180%7C750x200%7C980x150%7C750x100%7C750x150%7C920x200%7C930x150%7C980x120%7C970x90%7C750x300%7C840x250%7C850x250%7C852x210%7C860x200%7C880x250%7C930x180%7C950x90%7C960x90%7C970x66%7C970x120%7C970x200%7C970x210%7C970x240%7C970x300%7C970x310%7C980x90%7C980x180%7C980x200%7C980x250%7C980x310%7C1000x90%7C1000x100%7C1000x120%7C1000x150%7C1000x200%7C1000x300%7C1000x300%7C1100x210%7C1100x250&prev_scp=amznbid%3D2%26amznp%3D2&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=ezgif.com&bc=31&abxe=1&dt=1596939959526&dlt=1596939958876&idt=604&frm=23&biw=1600&bih=1200&isw=1100&ish=150&oid=3&adxs=200&adys=1341&adks=4283089616&ucis=5dl3dk4uqguz&ifi=1&ifk=3656120352&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=ezgif.com&loc=https%3A%2F%2Fezgif.com%2Fsplit&top=ezgif.com&dssz=11&icsg=32810&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1100x150&msz=1100x250&ga_vid=1008930625.1596939959&ga_sid=1596939960&ga_hid=1217405835&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d6ff40ec934f8753de538cec4cd282ee62ca47872ca6e69df8181caff22a5bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10396
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ezgif.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c0df949b4ca340bf031a1a3ba40a9a8b.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame FBAB 0
0 56ms
13ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c0df949b4ca340bf031a1a3ba40a9a8b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame FBAB 0
0 29ms
7ms Other
text/html 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6367 62 KB
17 KB 384ms
384ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3205658554451811&correlator=4214881197914819&output=ldjh&impl=fifs&adsid=NT&eid=21065645%2C21067000%2C21065113&vrg=2020080301&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200809&iu_parts=147246189%2Cezgif.com_728x90_desktop_middle&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=ezgif.com&bc=31&abxe=1&dt=1596939959550&dlt=1596939958869&idt=586&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=150&oid=3&adxs=601&adys=864&adks=232130148&ucis=5c8tz0s8l8up&ifi=1&ifk=344585975&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=ezgif.com&loc=https%3A%2F%2Fezgif.com%2Fsplit&top=ezgif.com&dssz=11&icsg=32810&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x150&msz=728x90&ga_vid=1008930625.1596939959&ga_sid=1596939960&ga_hid=604210371&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js?21067000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

36c2be95cac2ae8ea95af1e95dfaf10d6f7caeb5e5a902619dd6a68eeabaa69c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJTbk_iIjesCFR3Luwgdh6MFeg&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJTbk_iIjesCFR3Luwgdh6MFeg&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16399
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 09 Aug 2020 02:25:59 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ezgif.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d4ea9042bc9aa3e2b7a83d5d50873c89.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 6367 0
0 48ms
14ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d4ea9042bc9aa3e2b7a83d5d50873c89.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js?21067000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 6367 0
0 10ms
6ms Other
text/html 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js?21067000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame C4F8
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur...
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur...

0
0

277ms
193ms

Document
text/html

52.95.123.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A5XOD-xHWEEFkkPFDGnb1wM|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Server: Server
Date: Sun, 09 Aug 2020 02:25:59 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 196
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A5XOD-xHWEEFkkPFDGnb1wM; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 02:25:59 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Oct-2025 02:25:59 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Sun, 09 Aug 2020 02:25:59 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv&dcc=t
Set-Cookie: ad-id=A5XOD-xHWEEFkkPFDGnb1wM|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 02:25:59 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 17DD
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur...
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur...

0
0

287ms
207ms

Document
text/html

52.95.123.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A6gLqCKyEUhsolot9nU-z1o|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Server: Server
Date: Sun, 09 Aug 2020 02:25:59 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 196
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A6gLqCKyEUhsolot9nU-z1o; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 02:25:59 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Oct-2025 02:25:59 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Sun, 09 Aug 2020 02:25:59 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv&dcc=t
Set-Cookie: ad-id=A6gLqCKyEUhsolot9nU-z1o|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 02:25:59 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 80 KB
13 KB 364ms
364ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3953866542261378&correlator=1815394994419884&output=ldjh&impl=fifs&adsid=NT&eid=21066986%2C21066806&vrg=2020080301&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200809&iu_parts=147246189%2Cezgif.com_728x90_desktop_top%2Cezgif.com_300x600_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C300x600&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3Dcuxmv4%26amznp%3Db209vk%26amzniid%3DIhNm-TfNdf44eFo4EPKUgBoAAAFz0Qn9FQMAAAJYATEnfbk%26amznsz%3D300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1596939959&dt=1596939959612&dlt=1596939958679&idt=539&frm=20&biw=1600&bih=1200&oid=3&adxs=762%2C126&adys=30%2C230&adks=1042479694%2C3673696432&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fezgif.com%2Fsplit&dssz=16&icsg=554&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90%7C300x600&msz=728x90%7C300x600&ga_vid=1008930625.1596939959&ga_sid=1596939960&ga_hid=361944536&fws=0%2C0&ohw=0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

acfcd382a2dbd3a3d15cd0dd97a93f7b990b0d8357492f2ab1fd408da4e2246f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12730
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ezgif.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ef5eede768a1212db9627597e24d8d4f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 40ms
14ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ef5eede768a1212db9627597e24d8d4f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame E669
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur...
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur...

0
0

393ms
199ms

Document
text/html

52.95.123.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A44aqdIDHE1Km5yDF_dT4v8|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Server: Server
Date: Sun, 09 Aug 2020 02:26:00 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 196
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A44aqdIDHE1Km5yDF_dT4v8; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 02:25:59 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Oct-2025 02:26:00 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Sun, 09 Aug 2020 02:25:59 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_oath_n-vmg_r1u_cnv&dcc=t
Set-Cookie: ad-id=A44aqdIDHE1Km5yDF_dT4v8|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 02:25:59 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 cookie
cm.adform.net/ Frame FBAB 43 B
106 B 396ms
59ms Image
image/gif 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3DBO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%26uid%3D%24UID
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 09 Aug 2020 02:26:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032007302351000/ Frame A467 206 KB
57 KB 40ms
5ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007302351000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b808c252cca93c3b16aa98c24e158120f47265dfe20269f193d9e88c159c143

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 364723
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57433
x-xss-protection: 0
server: sffe
date: Tue, 04 Aug 2020 21:07:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1b289c0f66cb3b54"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Aug 2021 21:07:16 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/032007302351000/v0/ Frame A467 16 KB
6 KB 53ms
18ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007302351000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee1ed7b578e1ef6fc0b4eac9c4f9eaa16f3301fce096666526e9d08e4956bb5d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 364720
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5908
x-xss-protection: 0
server: sffe
date: Tue, 04 Aug 2020 21:07:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "da3eb6a12045948e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Aug 2021 21:07:19 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032007302351000/v0/ Frame A467 96 KB
29 KB 51ms
17ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007302351000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41f07eced66e12809bec654b0a18677a78a7814525dcb6b99934d0b4bcecfc4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 364723
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29738
x-xss-protection: 0
server: sffe
date: Tue, 04 Aug 2020 21:07:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c56a9dc6dcfd844b"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Aug 2021 21:07:16 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/032007302351000/v0/ Frame A467 4 KB
2 KB 50ms
15ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007302351000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c44f4e64c66d0c037bfd7ed0c8fae6f4e25f395135d2a6e06aa233f01173f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 364720
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1782
x-xss-protection: 0
server: sffe
date: Tue, 04 Aug 2020 21:07:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9975c81b3db44358"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Aug 2021 21:07:19 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/032007302351000/v0/ Frame A467 48 KB
15 KB 47ms
13ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032007302351000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187ef47cfc091c4fc645d78e6e4c56951cdd6144e5b9a6adddfacc286f1b1aa6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 364720
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14954
x-xss-protection: 0
server: sffe
date: Tue, 04 Aug 2020 21:07:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "536b0698dfd565aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Aug 2021 21:07:19 GMT

GET
DATA 200
OK truncated
/ Frame A467 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc86f6eaeda0b5739129bdbbcd28d987858aa2b5984025927b6fd7bd60010553

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 18369911136030177499
tpc.googlesyndication.com/simgad/ Frame A467 55 KB
55 KB 9ms
7ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18369911136030177499?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlt7kbN752PjA7tTxZRupF_kgB-hA

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc9cba7811c9949e5c015e7aa21f589ffef8d83604d3333acd8d2c6660f5891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 03:53:41 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Mar 2020 06:26:37 GMT
server: sffe
age: 81138
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55963
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:53:41 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A467 2 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 08 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 55021
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 09 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A467 295 B
519 B 7ms
6ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 08 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 17941
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 09 Aug 2020 21:26:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A467 0
0 15ms
14ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoDbKVCfha0cWgrB_ePLoic2O3MHcw-qtH24iFwt7BHTyqDJZ4pTn63uPrny07Y5kooHfM
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A467 0
0 65ms
64ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf4Cdt14vX-yWI9aK7_UPtael6Auf8IX1XKem7Kr4C8CNtwEQASCN5L0pYPuBgICICqABtJ_V_QLIAQLgAgCoAwHIAwiqBLgBT9AMpFj1lJoeRGJIuLlfknDNsee8KwOcCFtVB0R5ibYcFyJQ5DwpQm3foasvFAqupPNWzb8XzerswAUTbzoJyZqYXzkYYJjW8jTs3NKbWc5jyDeDuxNWZqSijnCm1PA7jTJ6bzMMCcclAP1bZWQEtMMXI9IhEFNmEQLlr2jWwcYSGWoyHSkEZiNP6gorNdwQ1dKBUcdWTiuuoNYRKImfXqWo6iQzLj1m7wurzyQymQhiFZMxwHqM_MAEstCQxfEC4AQBkgUECAQYAZIFBAgFGASgBgKAB7TgqoIBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEENjJBdIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tMTM5NDUwMTEwODc5Mjk5M4AKA8gLAdgTAg&sigh=X8srkKMfBGc&tpd=AGWhJmsN4sXpmxcV6aEm1PM9L-QF5qF1IUjRn9M-5uGO93fE9w
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A467
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 09 Aug 2020 02:25:59 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 container.html
d4ea9042bc9aa3e2b7a83d5d50873c89.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame EFE2 0
0 8ms
8ms Document
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d4ea9042bc9aa3e2b7a83d5d50873c89.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js?21067000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d4ea9042bc9aa3e2b7a83d5d50873c89.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezgif.com/split
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sun, 09 Aug 2020 02:25:59 GMT
expires: Mon, 09 Aug 2021 02:25:59 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6367 71 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js?21067000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

067cd2fd3f72ea2ce0db4d57214f569d99a2f6d485098adf28885dd2f2038b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596800120297106"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
expires: Sun, 09 Aug 2020 02:25:59 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007280015000/ Frame 2BC7 206 KB
56 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f44a1114717d339dae9565b73af58004d4cee95749f24fb666dbcce5f0ee7096

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21487
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57348
x-xss-protection: 0
server: sffe
date: Sat, 08 Aug 2020 20:27:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "67e3cc633414a037"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Aug 2021 20:27:52 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 2BC7 16 KB
6 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf1325ce561c93e54c85fe261dca05c1d4954f0604daa0cb52742c9ae0adcd0a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245518
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5911
x-xss-protection: 0
server: sffe
date: Thu, 06 Aug 2020 06:14:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2b698f14ce780d2f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Aug 2021 06:14:02 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 2BC7 96 KB
29 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1dc200eea43da1fcbdd99f977309e0004ad62b2d8e774c95275600414638a1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21500
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29729
x-xss-protection: 0
server: sffe
date: Sat, 08 Aug 2020 20:27:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "343248c140f42a43"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Aug 2021 20:27:40 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 2BC7 4 KB
2 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b746d08f061ee964adb088db7f87a27ee9d5ea58bf6111f082a025942ddfce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245541
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1779
x-xss-protection: 0
server: sffe
date: Thu, 06 Aug 2020 06:13:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9949b381080a26e"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Aug 2021 06:13:39 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 2BC7 48 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c244b38a3f62fee32b4e6f32a69d40865af2e1f7bc2dd73397b8fd0f96125e7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245494
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15002
x-xss-protection: 0
server: sffe
date: Thu, 06 Aug 2020 06:14:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a54c33253427c91"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Aug 2021 06:14:26 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2BC7 2 KB
3 KB 12ms
12ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 08 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 55022
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 09 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2BC7 295 B
357 B 13ms
12ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 08 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 17942
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 09 Aug 2020 21:26:58 GMT

GET
DATA 200
OK truncated
/ Frame 2BC7 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32cca8f0038008367b9ca1e445c1d950b5f626d23c19f1a6cc0b4351b7fff1b6

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7140672471451775437
tpc.googlesyndication.com/simgad/ Frame 2BC7 58 KB
58 KB 17ms
16ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7140672471451775437?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmNJZT-gATbPyTglMQk48qEvXUY5Q

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68e6a0e5b1215bc7547193172ca7eb7e8f6d0e29746471f84a58fc0fe6e0510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 23:28:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Mar 2020 06:26:29 GMT
server: sffe
age: 2689078
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59540
x-xss-protection: 0
expires: Thu, 08 Jul 2021 23:28:02 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2BC7 0
0 72ms
72ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuUwgt14vX7z_J6WL7_UPn8KS0Aaf8IX1XLek7Kr4C8CNtwEQASCN5L0pYPuBgICICqABtJ_V_QLIAQLgAgCoAwHIAwiqBL0BT9AyetjnHljH3EhAS-5Aj4vuhstaVfL4BAkTCtSeZOps2WA6ttwjEGUt2zOi1NPxPwHyMEzITwD3y21TQEUGs5yCTwtpNFQSjjasdZu6SlFbzg_WJppmNrTQ20VbTcYkVM16xQSLVTSuZtbZjkZmnHobhblp4QfIeLvhbEKjzgOdSQ5xV8RqUnSLZf2bDpOkwgaLRN8AxdH2qyBZPRVuBAnCCcVKz7_RhyLXz_DCMF5k4xFDQpjYJoZR82jHwASy0JDF8QLgBAGSBQQIBBgBkgUECAUYBKAGAoAHtOCqggGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQnMwK0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi0xMzk0NTAxMTA4NzkyOTkzgAoDyAsB2BMC&sigh=B52dbKPJbpw&tpd=AGWhJmv6m3I8MFoTh5Js63XXfmCS8jjKdTMlZLU7JXiIO8GeFQ
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007280015000/ Frame F551 206 KB
56 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f44a1114717d339dae9565b73af58004d4cee95749f24fb666dbcce5f0ee7096

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21488
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57348
x-xss-protection: 0
server: sffe
date: Sat, 08 Aug 2020 20:27:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "67e3cc633414a037"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Aug 2021 20:27:52 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012007280015000/v0/ Frame F551 16 KB
6 KB 38ms
35ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf1325ce561c93e54c85fe261dca05c1d4954f0604daa0cb52742c9ae0adcd0a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245518
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5911
x-xss-protection: 0
server: sffe
date: Thu, 06 Aug 2020 06:14:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2b698f14ce780d2f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Aug 2021 06:14:02 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007280015000/v0/ Frame F551 96 KB
29 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1dc200eea43da1fcbdd99f977309e0004ad62b2d8e774c95275600414638a1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 21500
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29729
x-xss-protection: 0
server: sffe
date: Sat, 08 Aug 2020 20:27:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "343248c140f42a43"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Aug 2021 20:27:40 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012007280015000/v0/ Frame F551 4 KB
2 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b746d08f061ee964adb088db7f87a27ee9d5ea58bf6111f082a025942ddfce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245541
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1779
x-xss-protection: 0
server: sffe
date: Thu, 06 Aug 2020 06:13:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9949b381080a26e"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Aug 2021 06:13:39 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012007280015000/v0/ Frame F551 48 KB
15 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c244b38a3f62fee32b4e6f32a69d40865af2e1f7bc2dd73397b8fd0f96125e7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245494
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15002
x-xss-protection: 0
server: sffe
date: Thu, 06 Aug 2020 06:14:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a54c33253427c91"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Aug 2021 06:14:26 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F551 2 KB
2 KB 26ms
24ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 08 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 55022
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 09 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F551 295 B
352 B 25ms
23ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 08 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 17942
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 09 Aug 2020 21:26:58 GMT

GET
DATA 200
OK truncated
/ Frame F551 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60dedb34c1fe1c1fda17b0a1b0aea56ee24c5a1761cf4b8b2fe6b39b91aebbad

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 16261664334782386764
tpc.googlesyndication.com/simgad/ Frame F551 134 KB
134 KB 32ms
7ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16261664334782386764?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkmMTWCKMP-B5g_PcgnqkrtJxz8YQ

Requested by

Host: ezgif.com
URL: https://ezgif.com/split

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8dbc58dfe02f314f15d12c44ed0a4e76d823c80b5ee6fd1e6342a7e52b93546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 22 Jul 2020 02:19:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Mar 2020 06:26:19 GMT
server: sffe
age: 1555562
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137440
x-xss-protection: 0
expires: Thu, 22 Jul 2021 02:19:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F551 0
0 39ms
14ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR071fs68DXHgGAZT8s344nqjlQgvnFRcwT51PXu20tjm3VXBfOUEpYWImrwNK0ICIOnoND
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F551 0
0 122ms
97ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cx2EOt14vX73_J6WL7_UPn8KS0Aaf8IX1XP-g7Kr4C8CNtwEQASCN5L0pYPuBgICICqABtJ_V_QLIAQLgAgCoAwHIAwiqBMEBT9D2URnH6GGmyQ6cxiTxrZLVCeJCSeK_0Xe3Vbg6gzWrhej2R45h7v64tosjCi8GtfhG1zlI5xTV2Sq40JV0dH36LKt9NxeybhGYFDDz870F5ashBT4HK1xYagZZZYP9mh5w812hl9ZSz8O0lLtKghzLPYl4efDg7xICXCcxtDSgJ77ZFLkpeNd3Ui1dMUB20Cm6WFIcvQyGIcUNIhhcVUgACWHOUw7hHUaVfqwUNT67O3gv63FwngLYw2sV50yAY8AEstCQxfEC4AQBkgUECAQYAZIFBAgFGASgBgKAB7TgqoIBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEKyCFdIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tMTM5NDUwMTEwODc5Mjk5M4AKA8gLAdgTAg&sigh=j0QlJp0URA0&tpd=AGWhJmuLEzad9Uovr3Wla9uHHlVtAuzHwheVsSRasFHZTFvkLQ
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 197ms
85ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020080301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

826f69808f13f87a81bb59890eb89244dab3eb2c08838cd4476506948140a1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Aug 2020 02:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6249
x-xss-protection: 0

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame FBAB 0
208 B 292ms
94ms XHR
text/html 85.206.143.247
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.206.143.247 Kaunas, Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS: 85-206-143-247.static.zebra.lt
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 09 Aug 2020 02:26:00 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
status: 200
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With

GET
H2 200 18369911136030177499
tpc.googlesyndication.com/simgad/ Frame A467 55 KB
55 KB 11ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18369911136030177499?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlt7kbN752PjA7tTxZRupF_kgB-hA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007302351000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc9cba7811c9949e5c015e7aa21f589ffef8d83604d3333acd8d2c6660f5891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 03:53:41 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Mar 2020 06:26:37 GMT
server: sffe
age: 81139
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55963
x-xss-protection: 0
expires: Sun, 08 Aug 2021 03:53:41 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A467 2 KB
2 KB 14ms
8ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007302351000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 08 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 55022
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 09 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A467 295 B
352 B 13ms
8ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007302351000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 08 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 17942
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 09 Aug 2020 21:26:58 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Sun, 09 Aug 2020 02:26:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 2BC7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 09 Aug 2020 02:26:00 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 6367 0
208 B 98ms
95ms XHR
text/html 85.206.143.247
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.206.143.247 Kaunas, Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS: 85-206-143-247.static.zebra.lt
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 09 Aug 2020 02:26:00 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
status: 200
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 72 KB
22 KB 118ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8d00e4343987593afa91865c8407fea36971df89c736d5d70ad6d717d4992d1d

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:26:00 GMT
content-encoding: gzip
last-modified: Tue, 21 Jul 2020 07:47:50 GMT
server: nginx
etag: W/"5f169da6-121cc"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 10 Aug 2020 02:26:00 GMT

GET
H2 200 7140672471451775437
tpc.googlesyndication.com/simgad/ Frame 2BC7 58 KB
58 KB 9ms
8ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7140672471451775437?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmNJZT-gATbPyTglMQk48qEvXUY5Q

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68e6a0e5b1215bc7547193172ca7eb7e8f6d0e29746471f84a58fc0fe6e0510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 23:28:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Mar 2020 06:26:29 GMT
server: sffe
age: 2689078
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59540
x-xss-protection: 0
expires: Thu, 08 Jul 2021 23:28:02 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2BC7 2 KB
3 KB 71ms
70ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 08 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 55022
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 09 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2BC7 295 B
353 B 71ms
70ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 08 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 17942
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 09 Aug 2020 21:26:58 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F551
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

48ms
47ms

Image
text/html

2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 09 Aug 2020 02:26:00 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 80B7 0
0 48ms
47ms Document
text/html 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezgif.com/split
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sat, 08 Aug 2020 23:03:03 GMT
expires: Sun, 08 Aug 2021 23:03:03 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12177
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 72 KB
22 KB 39ms
14ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8d00e4343987593afa91865c8407fea36971df89c736d5d70ad6d717d4992d1d

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:26:00 GMT
content-encoding: gzip
last-modified: Tue, 21 Jul 2020 07:47:50 GMT
server: nginx
etag: W/"5f169da6-121cc"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 10 Aug 2020 02:26:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
216 B 75ms
74ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020080301&jk=3953866542261378&bg=!09Cl0MhYnfzO7xvgT-ACAAAAZ1IAAAASmQGgW6E2rtXKlKzTGXoxt_YcQoA1RKjz6iG7g6nMNdZFOiU3B0hkHQtrmi0SW08ayY2pMPymTZ92XAeL3f04jb7IU-4Q0WPzRz5pKdKucrqlXEXQnxbQXUYRjHkJsbjr5TMF0COOJbXsrc2OKIXLEt05LRmaI8dO7SIIT8uB7J5_faHtOtwStlUteB8DtRwrxJGfHTF88QyZtV454drufk0PTwIH7kBOmFUz3vr3W5biTdCTdjlmS8CcbDNXDqAt9Bz5pXaEvNi_KDMst5DVskS7qSoCop8mtaG5TNefxujFaZSAB81j6p8qrQCtfVPmuagUXlsGzKR9HWqgt89AkmcMb4hfzJlUVXIbAtdIY0GPp-cVIsO8VMZpSAfM_5eKFh4RXFf0ze10nA9ehu8bSwSdKtJs0QsvD7hn8Ujn0y1_6IAOaKZOORhyQ17zOh_UtT2lQLzws0orncl52lRDaOK3XVq5oOclk5sH5_9-8uYVipGfuQOXb_kTYTZ_i94njc-l7cbEVavMXSrxWvbuOSvoFBAJL0-NpFdN4G_K7qPgLCU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:26:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 log
l3.aaxads.com/ 35 B
194 B 34ms
34ms Image
image/gif 104.111.245.249
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=25bccp7ihn5fs6949k6cjst5iltv5zda4r85fx7&lwbsh=AAX&dewh=SSP_CLIENT&dgeg=0&dgw=desktop&flg=AAX5H4CNQ&fw=PARIS&ff=FR&xjg=4&skw=1200&slg=8PR6YK195&gq=ezgif.com&vhuyqdph=rtb-nv-dcos-ssp-10-6-34-208-4366&vg=-1&vyu=0606_63_0613_38_ssp&vf=IDF&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001596939959125013824209929962&vvsDeExfnhw=CONTROL&qsd=1&oz=0&gdss=green&jgsu_hqi=1&fvha=0&jgivwu=YYN&jgsu=1&fvvwu=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&wfi_fps=&wfi_vwdwxv=&wfi_sus=&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=false&xvs_vwulqj=&xifd=-1&jixqgo=1000&jwg=100&qjixqgo=1000&ugo=800&vlg=ezgif.com_728x90_top_responsive&gvlg=%2F147246189%2Fezgif.com_728x90_desktop_top_0&vcv=728x90&ws=&odwh=0&vuw=-1&oco=1&wrs=30&ewp=30&oiw=762&ujkw=1490&vlg=ezgif.com_300x600_1&gvlg=%2F147246189%2Fezgif.com_300x600_1_0&vcv=300x600&ws=&odwh=0&vuw=-1&oco=1&wrs=230&ewp=230&oiw=126&ujkw=126&uhtxuo=https%3A%2F%2Fezgif.com%2Fsplit&nzui=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.245.249 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-245-249.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:26:01 GMT
server: Jetty(9.4.25.v20191220)
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sun, 09 Aug 2020 02:26:01 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2BC7 42 B
112 B 15ms
15ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstetBAinGrx92WDYqVShYzErNNuiRWQ0PK7b0N96Kd3Q6AwgYCP5t5oe_f3j7sppzCrzZrFKuQLMFligDVgT-mWq5JpqoODlv4nS5xtu944i1TMBj1v6YL-GpZsKg&sai=AMfl-YQQINb-TJqV15jYphF5FTBI3uaRkykknCUrnrWcq98w-ayQodSmMENOqg7PrPSmZRx9HCyxgcNJAfxaBTeKsmmH2OJN-_SKHSSBgnz4sQT1b6fTTnGFKmsI44Kt0bE&sig=Cg0ArKJSzPcGdVOGMj5WEAE&cid=CAASPeRo3w5DyA6UXSftu9hrNp-fCy8b9TYaFZw87CPppeC9ztPIDvLBZbr2wc0hdTHOnabvww13Ifr5fyCPCs4&id=ampim&o=762,30&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=431&tls=1431&g=100&h=100&tt=1432&r=v&avms=ampa&adk=1042479694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:26:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F551 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtbS6YxRF8GCJkASWCj-S5z9BSti8jsf92HG7IWmyvMY9FH1DFch3V7X9FjLBKTBBuF4srUEghqlw0ulyzhiEiXJuXrP17MdEI9yrzyip1HgNNIsizqhoJ2upDXg&sai=AMfl-YTFyus1LoGQQAuylqWnVf1XVVt7Cj0TD2gaW0H84YbiM3-LxKKqEtOmC0npN4WKGW3M7m19TRmj9qRErCRfWmMfGiN4wVPxI0qxBd3DR59AYs5T0EsT-e7uq0QsGjI&sig=Cg0ArKJSzAbffOUfjDjUEAE&cid=CAASPeRoQORukBUR40_V930ZjSKT8alGe9pgCG5jaEcnqATZgqw-ASBcWVaA5gW9N_AjEEHp4GnmckVAgErKk_Q&id=ampim&o=126,230&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=205&tls=1205&g=100&h=100&tt=1205&r=v&avms=ampa&adk=3673696432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:26:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FBAB 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020080301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e8a8d88dd64219870da0682ebf38264b7d114fdd39e938f5aaacc4063e6b458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 09 Aug 2020 02:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6276
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FBAB 14 KB
5 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Sun, 09 Aug 2020 02:26:01 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame E1AF 0
0 6ms
5ms Document
text/html 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezgif.com/split
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sat, 08 Aug 2020 23:03:03 GMT
expires: Sun, 08 Aug 2021 23:03:03 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12178
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 6367 72 KB
22 KB 14ms
13ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8d00e4343987593afa91865c8407fea36971df89c736d5d70ad6d717d4992d1d

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:26:02 GMT
content-encoding: gzip
last-modified: Tue, 21 Jul 2020 07:47:50 GMT
server: nginx
etag: W/"5f169da6-121cc"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 10 Aug 2020 02:26:02 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FBAB 0
55 B 41ms
40ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020080301&jk=1932040509885999&bg=!XF-lX0dY-Bbi2PpWCb4CAAAAXlIAAAASmQHGf10xVRwqWvLCjuj3k-jnkUy3Jd0V6gAYR8Iw4sN3u6dRCcidNgE2iQnsQg666UKS-JPZRY7XuCKNhiNREfKH8NdCVMoynaTmOI81BFSH5JC0aT5fIH5ILg2iMz6uqDFVWlo9j0JXJK1Kyg_70C5scP9PkBW-wQk13bhymlg32TuLs-x5To2Wf19VbwP7SFva_MjXaBVZ-wsrMyK5QQDj8CuL8PBodn-Eazh3-msqGtYnrFuGfNvcHiUUZ8tee-jkCxooZkGaXmmsX0CY5tT5Or8-9nov2KkS7YOtsJcS46aGsigA3vckLXYhW5AdfD16L4DqUQXSYzN3qX9DasUTONBbK8LdlNpGQ07VQdjHLkr26fWMe_OyADfVA5mN8cogUq4Ma96D4rt-1M3BDtwVRuMbGBbLycjlQpPB_JRkfhsIbKwqdNpfUkzr3QEtVfZYVkZAqUU85Mv2WOnfNadSc7I3aYB6qGiuf0tzWOYpTV6txJpuT5pDfA3BvJwNPdIovFQ_T1oxE_3WE8_4tCFI8RGScQD-FcogyEstFZhqVRFOMknpwkz-MLQNNXdkAmdWY9HxyzqJ-XxqH514mV9L8rx5JS4xcQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:26:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame FBAB 72 KB
22 KB 15ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8d00e4343987593afa91865c8407fea36971df89c736d5d70ad6d717d4992d1d

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 09 Aug 2020 02:26:02 GMT
content-encoding: gzip
last-modified: Tue, 21 Jul 2020 07:47:50 GMT
server: nginx
etag: W/"5f169da6-121cc"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 10 Aug 2020 02:26:02 GMT

GET
H/1.1 200
OK Cookie set check.html
biddr.brealtime.com/ Frame 6202 0
0 204ms
28ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: biddr.brealtime.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Date: Sun, 09 Aug 2020 02:26:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=daf5a158ec1de6595c6c18476983fb75e1596939962; expires=Tue, 08-Sep-20 02:26:02 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2: RJ+3mfyu3k6CnGcaGTtrNXWmkXkHNg4gntRJIUGnknOniiwzlN8EI3t5EM025whhRUkopX6tsG0=
x-amz-request-id: 0BA5A7C0C24F3F44
Last-Modified: Tue, 11 Feb 2020 20:09:03 GMT
CF-Cache-Status: HIT
Age: 5858
Expires: Sun, 09 Aug 2020 02:27:02 GMT
Cache-Control: public, max-age=60
cf-request-id: 0472a320c80000ee13db989200000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5bfe07ae08c6ee13-CDG
Content-Encoding: gzip

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 68E9
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp...
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7e...

0
0

75ms
75ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.191.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezgif.com/split
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=fb7bebbd-9322-00da-1a8b-9264cd7b94a3|1596939962
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=fb7bebbd-9322-00da-1a8b-9264cd7b94a3|1596939962; Version=1; Expires=Mon, 09-Aug-2021 02:26:02 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1596939962|gekin0vNiygu; Version=1; Expires=Mon, 24-Aug-2020 02:26:02 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.191.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 09 Aug 2020 02:26:02 GMT
content-type: text/html
content-length: 532
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=fb7bebbd-9322-00da-1a8b-9264cd7b94a3|1596939962; Version=1; Expires=Mon, 09-Aug-2021 02:26:02 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.191.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
date: Sun, 09 Aug 2020 02:26:02 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

sspmatch-iframe
ads.betweendigital.com/ Frame AEC3
Redirect Chain

https://ads.betweendigital.com/sspmatch-iframe
https://ads.betweendigital.com/sspmatch-iframe?crf=1

0
0

77ms
77ms

Document
text/html

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ads.betweendigital.com
:scheme: https
:path: /sspmatch-iframe?crf=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezgif.com/split
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=lux1; tuuid=42899bb9-31b0-52de-86de-2910d9f177aa; ut=Xy9eugAGLgjveZDSI4uQO2MKKVNraMFLlVXAlQ==; ss=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

status: 200
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 657

Redirect headers

status: 302
location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=315360000; Expires=Wed, 07 Aug 2030 02:26:02 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure tuuid=42899bb9-31b0-52de-86de-2910d9f177aa; Max-Age=315360000; Expires=Wed, 07 Aug 2030 02:26:02 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ut=Xy9eugAGLgjveZDSI4uQO2MKKVNraMFLlVXAlQ==; Max-Age=315360000; Expires=Wed, 07 Aug 2030 02:26:02 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ss=1; Max-Age=315360000; Expires=Wed, 07 Aug 2030 02:26:02 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
content-length: 0

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 1966 0
0 155ms
89ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 09 Aug 2020 02:26:02 GMT
Age: 8197302
X-Served-By: cache-lga21948-LGA, cache-hhn4076-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 1771002
X-Timer: S1596939962.472087,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 7044 0
0 54ms
53ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KDMGTIOV-7-GPEM; audit=1|hLZGFuTafB1uA/+h7FXSyXQnVL2heOLCSnfLvUJF219+RzFNwJ59565A6y+snvKBaNgdOVL2Yy8CiS2FAaYypa2yxcMIeKhTnrexL3ZqcaUjrpVep0Dm4T2kiOgcElum1H7dm8TrT+resVWLJktP4uHbN5yr2KrEn4cBMF+AcAtFyxXZGyIrIGbimlX+gzLa6CySftjJGISmBUp98se0DvTqiMonLHd56oJIs3E+F+tC380g711H9DYwydt5S6dUrI1yh8IoyTUupEby5Y4IjA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 29 Jul 2020 16:40:43 GMT
Content-Encoding: gzip
Content-Length: 9469
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=81933
Expires: Mon, 10 Aug 2020 01:11:35 GMT
Date: Sun, 09 Aug 2020 02:26:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 3E91 0
0 253ms
92ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Server: Apache
Last-Modified: Mon, 19 Jun 2017 19:18:19 GMT
ETag: "e20015-112-55254ff6a1972"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Date: Sun, 09 Aug 2020 02:26:02 GMT
Connection: keep-alive

GET
H2 200 visitormatch
bh.contextweb.com/ Frame A522 0
0 374ms
99ms Document
text/html 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/visitormatch

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: bh.contextweb.com
:scheme: https
:path: /visitormatch
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezgif.com/split
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

status: 200
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-6bf49f54c9-z5r45
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
content-type: text/html;charset=iso-8859-1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=d88e00f2a2b90159; path=/; HttpOnly; Secure; SameSite=None

GET
H/1.1

200
OK

Cookie set beacon
ap.lijit.com/ Frame 1D78
Redirect Chain

https://ap.lijit.com/beacon?gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&informer=13401985
https://ap.lijit.com/beacon?gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&informer=13401985&dnr=1

0
0

74ms
74ms

Document
text/html

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&informer=13401985&dnr=1
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=ca3eaee1f4cad411694c4fcc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Server: nginx
Date: Sun, 09 Aug 2020 02:26:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxljzkSgDAIRe%2BS2iLs4NUc7%2B6Y2PAtH%2FAXrmGUNk6yStIy52PQwpjs8qJ7X3NH6RgEZrNzVWEcGMbOC1ONTxE%2Fj%2ByThBSCzgktU4GhU6IeGjD48b73SqHF0X8Q8FPQa3U2uLf27%2F0AZ6VW5g%3D%3D;Path=/;Domain=.lijit.com;Expires=Mon, 09-Aug-2021 02:26:02 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=ca3eaee1f4cad411694c4fcc;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap3ams1

Redirect headers

Server: nginx
Date: Sun, 09 Aug 2020 02:26:02 GMT
Content-Length: 0
Set-Cookie: ljt_reader=ca3eaee1f4cad411694c4fcc;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ap.lijit.com/beacon?gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&informer=13401985&dnr=1
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap3ams1

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 6EE4 0
0 44ms
43ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_391=22924-2165431745865483327; PUBMDCID=3; KADUSERCOOKIE=3CA4212E-6FBA-4752-8D7F-5977A0023F57; KRTBCOOKIE_80=16514-CAESELCWjWbiOnFtpfrbNCIV1xU&KRTB&22987-CAESELCWjWbiOnFtpfrbNCIV1xU&KRTB&23025-CAESELCWjWbiOnFtpfrbNCIV1xU; PugT=1596939961; SPugT=1596939936
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=148818
Expires: Mon, 10 Aug 2020 19:46:20 GMT
Date: Sun, 09 Aug 2020 02:26:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 5F53 0
0 40ms
39ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html?gdpr=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html?gdpr=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezgif.com/split
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

status: 204
date: Sun, 09 Aug 2020 02:26:02 GMT
set-cookie: __cfduid=d2e117318cb61f149fe12c97aa1eded5a1596939962; expires=Tue, 08-Sep-20 02:26:02 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0472a320330000ee54f606d200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5bfe07ad1efaee54-CDG

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 6C03
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp...
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7e...

0
0

100ms
98ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.191.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezgif.com/split
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=fb7bebbd-9322-00da-1a8b-9264cd7b94a3|1596939962; pd=v2|1596939962|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=fb7bebbd-9322-00da-1a8b-9264cd7b94a3|1596939962; Version=1; Expires=Mon, 09-Aug-2021 02:26:02 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1596939962|mWkigqiysLommOgevNgunsn0; Version=1; Expires=Mon, 24-Aug-2020 02:26:02 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.191.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 09 Aug 2020 02:26:02 GMT
content-type: text/html
content-length: 430
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=3fc43b6d-08f5-0cf7-3f3b-c799dfd005e6|1596939962; Version=1; Expires=Mon, 09-Aug-2021 02:26:02 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.191.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
date: Sun, 09 Aug 2020 02:26:02 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 7745 0
0 104ms
94ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KDMGTIOV-7-GPEM; audit=1|hLZGFuTafB1uA/+h7FXSyXQnVL2heOLCSnfLvUJF219+RzFNwJ59565A6y+snvKBaNgdOVL2Yy8CiS2FAaYypa2yxcMIeKhTnrexL3ZqcaUjrpVep0Dm4T2kiOgcElum1H7dm8TrT+resVWLJktP4uHbN5yr2KrEn4cBMF+AcAtFyxXZGyIrIGbimlX+gzLa6CySftjJGISmBUp98se0DvTqiMonLHd56oJIs3E+F+tC380g711H9DYwydt5S6dUrI1yh8IoyTUupEby5Y4IjA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 29 Jul 2020 16:40:43 GMT
Content-Encoding: gzip
Content-Length: 9469
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=81933
Expires: Mon, 10 Aug 2020 01:11:35 GMT
Date: Sun, 09 Aug 2020 02:26:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 1E56 0
0 197ms
88ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 09 Aug 2020 02:26:02 GMT
Age: 8197301
X-Served-By: cache-lga21948-LGA, cache-hhn4049-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 677182
X-Timer: S1596939963.574193,VS0,VE0
Vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 36AD 0
0 24ms
23ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html?gdpr=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html?gdpr=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezgif.com/split
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

status: 204
date: Sun, 09 Aug 2020 02:26:02 GMT
set-cookie: __cfduid=d2e117318cb61f149fe12c97aa1eded5a1596939962; expires=Tue, 08-Sep-20 02:26:02 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0472a320600000ee54f606f200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5bfe07ad6f2dee54-CDG

GET
H/1.1 200
OK Cookie set check.html
biddr.brealtime.com/ Frame C1B0 0
0 184ms
82ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: biddr.brealtime.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Date: Sun, 09 Aug 2020 02:26:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d217c774df9f7bebefddc2f54b52f73881596939962; expires=Tue, 08-Sep-20 02:26:02 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2: RJ+3mfyu3k6CnGcaGTtrNXWmkXkHNg4gntRJIUGnknOniiwzlN8EI3t5EM025whhRUkopX6tsG0=
x-amz-request-id: 0BA5A7C0C24F3F44
Last-Modified: Tue, 11 Feb 2020 20:09:03 GMT
CF-Cache-Status: HIT
Age: 5858
Expires: Sun, 09 Aug 2020 02:27:02 GMT
Cache-Control: public, max-age=60
cf-request-id: 0472a320d100000487ae92a200000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5bfe07ae1afc0487-CDG
Content-Encoding: gzip

GET
H2 200 visitormatch
bh.contextweb.com/ Frame C201 0
0 306ms
101ms Document
text/html 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/visitormatch

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: bh.contextweb.com
:scheme: https
:path: /visitormatch
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezgif.com/split
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

status: 200
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-6bf49f54c9-ct52n
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
content-type: text/html;charset=iso-8859-1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=a6189fb799aae69f; path=/; HttpOnly; Secure; SameSite=None

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame CDE7 0
0 279ms
76ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Server: Apache
Last-Modified: Mon, 19 Jun 2017 19:18:19 GMT
ETag: "e20015-112-55254ff6a1972"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Date: Sun, 09 Aug 2020 02:26:02 GMT
Connection: keep-alive

GET
H2 200 sspmatch-iframe
ads.betweendigital.com/ Frame E1BB 0
0 76ms
76ms Document
text/html 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ads.betweendigital.com
:scheme: https
:path: /sspmatch-iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezgif.com/split
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=lux1; tuuid=42899bb9-31b0-52de-86de-2910d9f177aa; ut=Xy9eugAGLgjveZDSI4uQO2MKKVNraMFLlVXAlQ==; ss=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

status: 200
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame B607 0
0 76ms
75ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_391=22924-2165431745865483327; PUBMDCID=3; KADUSERCOOKIE=3CA4212E-6FBA-4752-8D7F-5977A0023F57; KRTBCOOKIE_80=16514-CAESELCWjWbiOnFtpfrbNCIV1xU&KRTB&22987-CAESELCWjWbiOnFtpfrbNCIV1xU&KRTB&23025-CAESELCWjWbiOnFtpfrbNCIV1xU; PugT=1596939961; SPugT=1596939936
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=148818
Expires: Mon, 10 Aug 2020 19:46:20 GMT
Date: Sun, 09 Aug 2020 02:26:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set beacon
ap.lijit.com/ Frame 0335 0
0 168ms
88ms Document
text/html 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?gdpr_consent=BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&informer=13401985
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=ca3eaee1f4cad411694c4fcc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Server: nginx
Date: Sun, 09 Aug 2020 02:26:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxlkEsSAkEIQ%2B%2FSaxcdmk%2FwapZ3t5xxQ1y%2BFAmB18J6Irq25Ul7rADjUgjv%2BCqZk23imViYHHuLgj25u2UjZEXdDSrc6%2BeovwxOhbIFcgWlN11YOlH90sAkz%2B75bB5cXPOGI3kufm%2F5o8wH9auzwfsDBPFd6g%3D%3D;Path=/;Domain=.lijit.com;Expires=Mon, 09-Aug-2021 02:26:02 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=ca3eaee1f4cad411694c4fcc;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap3ams1

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame AFC2 0
0 99ms
94ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.191.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezgif.com/split
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=fb7bebbd-9322-00da-1a8b-9264cd7b94a3|1596939962; pd=v2|1596939962|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=fb7bebbd-9322-00da-1a8b-9264cd7b94a3|1596939962; Version=1; Expires=Mon, 09-Aug-2021 02:26:02 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1596939962|mWkigqiysLommOgevNgunsn0; Version=1; Expires=Mon, 24-Aug-2020 02:26:02 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.191.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 09 Aug 2020 02:26:02 GMT
content-type: text/html
content-length: 430
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 sspmatch-iframe
ads.betweendigital.com/ Frame 49D7 0
0 92ms
89ms Document
text/html 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ads.betweendigital.com
:scheme: https
:path: /sspmatch-iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezgif.com/split
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=lux1; tuuid=42899bb9-31b0-52de-86de-2910d9f177aa; ut=Xy9eugAGLgjveZDSI4uQO2MKKVNraMFLlVXAlQ==; ss=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

status: 200
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK Cookie set beacon
ap.lijit.com/ Frame 73F1 0
0 186ms
74ms Document
text/html 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&informer=13401985
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=ca3eaee1f4cad411694c4fcc; ljtrtbexp=eJxljzkSgDAIRe%2BS2iLs4NUc7%2B6Y2PAtH%2FAXrmGUNk6yStIy52PQwpjs8qJ7X3NH6RgEZrNzVWEcGMbOC1ONTxE%2Fj%2ByThBSCzgktU4GhU6IeGjD48b73SqHF0X8Q8FPQa3U2uLf27%2F0AZ6VW5g%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Server: nginx
Date: Sun, 09 Aug 2020 02:26:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxlkEsSAkEIQ%2B%2FSaxcdmk%2FwapZ3t5xxQ1y%2BFAmB18J6Irq25Ul7rADjUgjv%2BCqZk23imViYHHuLgj25u2UjZEXdDSrc6%2BeovwxOhbIFcgWlN11YOlH90sAkz%2B75bB5cXPOGI3kufm%2F5o8wH9auzwfsDBPFd6g%3D%3D;Path=/;Domain=.lijit.com;Expires=Mon, 09-Aug-2021 02:26:02 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=ca3eaee1f4cad411694c4fcc;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap3ams1

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame AAE1 0
0 91ms
91ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 09 Aug 2020 02:26:02 GMT
Age: 8197302
X-Served-By: cache-lga21948-LGA, cache-hhn4076-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 1771003
X-Timer: S1596939963.584167,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 visitormatch
bh.contextweb.com/ Frame BD0F 0
0 198ms
100ms Document
text/html 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/visitormatch

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: bh.contextweb.com
:scheme: https
:path: /visitormatch
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezgif.com/split
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

status: 200
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-6bf49f54c9-t2qmx
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
content-type: text/html;charset=iso-8859-1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=37e0abeb42b423f7; path=/; HttpOnly; Secure; SameSite=None

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 3BC0 0
0 106ms
77ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_391=22924-2165431745865483327; PUBMDCID=3; KADUSERCOOKIE=3CA4212E-6FBA-4752-8D7F-5977A0023F57; KRTBCOOKIE_80=16514-CAESELCWjWbiOnFtpfrbNCIV1xU&KRTB&22987-CAESELCWjWbiOnFtpfrbNCIV1xU&KRTB&23025-CAESELCWjWbiOnFtpfrbNCIV1xU; PugT=1596939961; SPugT=1596939936; KTPCACOOKIE=YES; KCCH=YES; pi=156191:3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=148818
Expires: Mon, 10 Aug 2020 19:46:20 GMT
Date: Sun, 09 Aug 2020 02:26:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 4005 0
0 88ms
77ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=BO32bMlO32bMlAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KDMGTIOV-7-GPEM; audit=1|hLZGFuTafB1uA/+h7FXSyXQnVL2heOLCSnfLvUJF219+RzFNwJ59565A6y+snvKBaNgdOVL2Yy8CiS2FAaYypa2yxcMIeKhTnrexL3ZqcaUjrpVep0Dm4T2kiOgcElum1H7dm8TrT+resVWLJktP4uHbN5yr2KrEn4cBMF+AcAtFyxXZGyIrIGbimlX+gzLa6CySftjJGISmBUp98se0DvTqiMonLHd56oJIs3E+F+tC380g711H9DYwydt5S6dUrI1yh8IoyTUupEby5Y4IjA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 29 Jul 2020 16:40:43 GMT
Content-Encoding: gzip
Content-Length: 9469
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=81933
Expires: Mon, 10 Aug 2020 01:11:35 GMT
Date: Sun, 09 Aug 2020 02:26:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 8E77 0
0 186ms
83ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/hb/ezgifcom.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezgif.com/split
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ezgif.com/split

Response headers

Server: Apache
Last-Modified: Mon, 19 Jun 2017 19:18:19 GMT
ETag: "e20015-112-55254ff6a1972"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Date: Sun, 09 Aug 2020 02:26:02 GMT
Connection: keep-alive

GET
H2

200

setuid
prebid-stag.setupad.net/ Frame 6367
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3DBO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_...
https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phP...

0
529 B

17ms
15ms

Image
text/plain

2606:4700:e6::ac40:c90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&uid=4366146039510614719
Requested by: Host: ezgif.com
URL: https://ezgif.com/split
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezgif.com/split
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Aug 2020 02:26:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 5bfe07b1bf8463d7-FRA
content-length: 0
cf-request-id: 0472a32317000063d732060200000001
expires: 0

Redirect headers

status: 303
date: Sun, 09 Aug 2020 02:26:03 GMT
server: nginx
content-length: 0
location: https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=1&gdpr_consent=BO32bMlO32bMmAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&uid=4366146039510614719
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: as-sec.casalemedia.com
URL: https://as-sec.casalemedia.com/cygnus?s=321807&v=7.2&r=%7B%22id%22%3A%2229406c6d8c00135%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22303bd0cc2d192f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2231a00347b77fb78%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22329e95b40a8ce4a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2233f94e478fb156b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A800%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2234626a840b6288b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A240%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22359ce4720f81f8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A930%2C%22h%22%3A180%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2236d1d3a65eba5e7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22371c94eaa34630b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A150%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2238d1b01639ee78c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A100%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22393f7db3e4b253b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A150%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2240dbbcdc6ae21db%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A920%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22414b1cd75fbb95%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A930%2C%22h%22%3A150%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%224285e5802a8b86b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A120%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22432f4a83c36767d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2244b8e16452afdfc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2245f11d29e6db76e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A840%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2246e409c55beb585%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A850%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%224722558a6e82d8c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A852%2C%22h%22%3A210%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2248328bd9e9afebf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A860%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22492510006b9cb71%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A880%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2250db1f2d9909ffb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A930%2C%22h%22%3A180%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2251114ae3de8b623%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A950%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%225202fe63915791f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A960%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2253b657594bc7a1b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A66%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%225414203b4112b7c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A120%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22559af7b27101028%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22566dbefdc6d2677%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A210%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22575483db4795de9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A240%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2258ad641f28b24a4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%225992195cd7fdc8c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A310%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2260cd462fe476e7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2261e89b256f88f38%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A180%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%226296e7216674727%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2263d6c15b517ac08%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22647284ec65456ce%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A310%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2265b15fac2a34924%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A1000%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2266babe48f2cad2f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A1000%2C%22h%22%3A100%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2267fda589ec88d1d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A1000%2C%22h%22%3A120%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2268dfd2793193373%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A1000%2C%22h%22%3A150%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2269c1a369c7a9102%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A1000%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2270633a9efa9702%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A1000%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2271d4af66ec6d81%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A1000%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2272cd44f4f5a2ae3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A1100%2C%22h%22%3A210%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22731fc0a00c567da%22%2C%22ext%22%3A%7B%22siteID%22%3A%22321807%22%2C%22sid%22%3A%22ezgif.com_1200x300_desktop_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A1100%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fezgif.com%2Fsplit%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%22158%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BO32bMnO32bMnAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%22%7D%7D%7D&ac=j&sd=1

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-19 20:21:15	Name: audit Value: 1\|hLZGFuTafB0XVzWOR+oYAXQnVL2heOLCSnfLvUJF21/xnt8vYVdrYOESfcaEOUPUJhsHlJbldDdXUdXZeUiMXCN0j1MvJhxNknvi6yGyAcpDHLaRTSX1IbzA/h2FuvTqg5A8UiRG5nbsbZG1mQ6sKAGNpaXQrT4uIEfrDqq3DvCz/iA81XmYckGqru1LDVXCd1wrH7a4rVF7wlBWXO2varjvMPVjGH/Mr61SzIvacXtPXNvusw9/2Qtq+6hNyqs4JaJm8yg64HKma+WVcS1g3g==
eus.rubiconproject.com/	1970-01-19 13:45:15	Name: pux Value: 1512%3D92955%262249%3D92955%262307%3D92955%262974%3D92955%263778%3D92955%26brx%3D92955%26goog%3D92955%262249-DV360-Hosted%3D92955%26
.ezgif.com/	1970-01-19 11:37:06	Name: _gid Value: GA1.2.1113362137.1596939959
ezgif.com/	1969-12-31 23:59:59	Name: mnet_session_depth Value: 1%7C1596939959125
ezgif.com/	1969-12-31 23:59:59	Name: __aaxsc Value: 2
.rubiconproject.com/	1970-01-19 20:21:15	Name: khaos Value: KDMGTIOV-7-GPEM
.rubiconproject.com/	1970-01-19 11:37:19	Name: vis2 Value: 227822^2
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu3J56GbFHOusT2oB2bGFUXAVCH6K1Kp8wNUuQw1v0N7O/GHFHInoAX9UM8CP6/6VPKGajCebujdy0A1b3+vmJA0ZLc6w/UqGezzEVT+cKs1w81vXQ==
ezgif.com/	1970-01-19 20:57:23	Name: cto_bundle Value: DEU5i19xU25CVUFyZXRGdlh4ZVBucUpBSXVVY1R4VUJEZ0dwYXpwVU1mbk9MOVBrM3JNSEV3bDk5R1Z5WEE4ZllMQ1NDWnJ1a1p5TFY5MElZcnlNJTJCVnpMSTRlWXpLVUsyajRVVVFuVFhZS01iaXFwM20lMkZwYUNwU0l5djFSJTJCMnAlMkZYdVlI
ezgif.com/	1970-01-19 20:57:23	Name: cto_bidid Value: gpC_A18xaUElMkIlMkZ0MGRoSUZNeWx1MWt0ek91JTJCN2lRVzMlMkJCJTJGR3clMkZaYzMzS3VrSDlSMTBXVSUyRnpRbUVKVU9kMEI2WmRCZDRLJTJGeURFMldVMnpUeGU4dlBreGZXOHclM0QlM0Q
ezgif.com/	1970-01-19 11:45:44	Name: crfgL0cSt0r Value: true
.rubiconproject.com/	1970-01-19 11:37:19	Name: ses2 Value:
.ezgif.com/	1970-01-20 05:06:51	Name: _ga Value: GA1.2.1008930625.1596939959
ezgif.com/	1970-01-19 20:21:15	Name: _pubcid Value: ad653b80-a20a-4ad7-8e6e-41341a280899

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cloud.setupad.com/hb/ezgifcom.js(Line 1105) Message: =============================
console-api	log	URL: https://cloud.setupad.com/hb/ezgifcom.js(Line 1106) Message: adunit.code:
console-api	log	URL: https://cloud.setupad.com/hb/ezgifcom.js(Line 1107) Message: adunit.path: ezgif.com_728x90_desktop_top
console-api	log	URL: https://cloud.setupad.com/hb/ezgifcom.js(Line 1108) Message: slot.id: ezgif.com_728x90_top_responsive
console-api	log	URL: https://cloud.setupad.com/hb/ezgifcom.js(Line 1109) Message: slot.path: ezgif.com_728x90_desktop_top
console-api	log	URL: https://cloud.setupad.com/hb/ezgifcom.js(Line 1110) Message: =============================
console-api	log	URL: https://cloud.setupad.com/hb/ezgifcom.js(Line 1105) Message: =============================
console-api	log	URL: https://cloud.setupad.com/hb/ezgifcom.js(Line 1106) Message: adunit.code:
console-api	log	URL: https://cloud.setupad.com/hb/ezgifcom.js(Line 1107) Message: adunit.path: ezgif.com_300x600_1
console-api	log	URL: https://cloud.setupad.com/hb/ezgifcom.js(Line 1108) Message: slot.id: ezgif.com_300x600_1
console-api	log	URL: https://cloud.setupad.com/hb/ezgifcom.js(Line 1109) Message: slot.path: ezgif.com_300x600_1
console-api	log	URL: https://cloud.setupad.com/hb/ezgifcom.js(Line 1110) Message: =============================
console-api	info	URL: https://cdn.ampproject.org/rtv/032007302351000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2007302351000 https://ezgif.com/split
console-api	info	URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js(Line 421) Message: Powered by AMP ⚡ HTML – Version 2007280015000 https://ezgif.com/split
console-api	info	URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js(Line 421) Message: Powered by AMP ⚡ HTML – Version 2007280015000 https://ezgif.com/split

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adservice.google.fr
adx.adform.net
ap.lijit.com
as-sec.casalemedia.com
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
biddr.brealtime.com
c.aaxads.com
c.amazon-adsystem.com
c0df949b4ca340bf031a1a3ba40a9a8b.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.districtm.io
cloud.setupad.com
cm.adform.net
d4ea9042bc9aa3e2b7a83d5d50873c89.safeframe.googlesyndication.com
dmx.districtm.io
ef5eede768a1212db9627597e24d8d4f.safeframe.googlesyndication.com
eu-u.openx.net
eus.rubiconproject.com
ezgif.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
js-sec.indexww.com
l3.aaxads.com
mug.criteo.com
node.setupad.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prg.smartadserver.com
pubads.g.doubleclick.net
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
setupad-d.openx.net
ssum.casalemedia.com
static.criteo.net
static.ezgif.com
tpc.googlesyndication.com
www.aaxdetect.com
www.google-analytics.com
www.google.com
www.googletagservices.com
as-sec.casalemedia.com
104.111.230.142
104.111.243.142
104.111.245.249
104.16.68.69
104.17.119.107
151.101.113.108
178.250.0.157
178.250.0.165
18.196.104.43
185.184.8.30
185.64.189.112
185.86.138.122
188.42.196.115
198.148.27.134
198.148.27.139
2.18.233.180
2.18.234.21
216.58.208.34
216.58.212.130
2606:4700:e2::ac40:8720
2606:4700:e6::ac40:c90e
2a00:1450:4001:800::2004
2a00:1450:4001:814::2002
2a00:1450:4001:815::200e
2a00:1450:4001:818::2001
2a00:1450:4001:819::2001
2a00:1450:4001:81f::2002
2a00:1450:4001:825::2001
2a01:4f8:110:4258::2
2a02:2638:1::3
2a02:2638::1c
2a0b:4d07:102::1
35.190.77.178
35.244.159.8
37.157.6.246
37.157.6.253
37.252.173.22
52.95.123.41
69.173.144.140
72.251.249.9
85.206.143.247
99.86.0.120
020a6982e28e5f1f8bdc8ac4e28eefd1e079a41419b1bde8fd5dd3491dbc7511
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
067cd2fd3f72ea2ce0db4d57214f569d99a2f6d485098adf28885dd2f2038b56
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0878caf45ab3e9900e069b7be7d430ca6a3ccd3f8ce3fe3a08632c5a6f3a3ce7
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0bf5c4e859717dc23ba70a48acddd680d413b8692c2c071de7a243869cf98fa5
14c3c40fc11020d664adfd9173e36de3c26fc51365fcd2f682747d3c8477c323
187ef47cfc091c4fc645d78e6e4c56951cdd6144e5b9a6adddfacc286f1b1aa6
18c44f4e64c66d0c037bfd7ed0c8fae6f4e25f395135d2a6e06aa233f01173f4
2268c14baf1b41fe936101e5d36aa1d832a243f62a394e73c2185be686a23c27
2bf23eba6f370559951e9b9d8ac0d6de3b9d76d90492f071d8932061b49811c9
2d14f88ac1fd696cb87b141c4d26240da14c2dda126b472ecb17c811389af656
32bf69ac7f51506d5634a3fc621cd8cb9932d9045be2a5ec4470549842a887e9
32cca8f0038008367b9ca1e445c1d950b5f626d23c19f1a6cc0b4351b7fff1b6
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36c2be95cac2ae8ea95af1e95dfaf10d6f7caeb5e5a902619dd6a68eeabaa69c
3867b5671385543c1cb10513e86267fb397515555b9ef3a1b12447d2afca6670
3d22a7341ef338dba69bfda9a5e65bb4ddb4dbd276c937fef1f698f78806da79
3fe88561aca5dc5f9b8d139823310eb6d6911047267407f8facde07d8cd1b81c
4b808c252cca93c3b16aa98c24e158120f47265dfe20269f193d9e88c159c143
4ca0d37e8ee3be75dbde6527864819b3f079d63d2d0338bb3c526ecca3b83055
4cd95bfc06e06b221a8f5038a47c1ae4b78e6ed28d5a1d3b046e3cbc04b901fb
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52cfc5499d44aa6b7a069c213845a6a8528a5152d672262b5d35fecaae46af9d
55b746d08f061ee964adb088db7f87a27ee9d5ea58bf6111f082a025942ddfce
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
5b6c380581db3002cf934ee036e57e956c13afb861b71388c76c7121db1948c7
5d1dc200eea43da1fcbdd99f977309e0004ad62b2d8e774c95275600414638a1
5d99dd559e0477e3fbe7bae0abe23acb39cf15b33c247bb7eb316a9ee3270584
60dedb34c1fe1c1fda17b0a1b0aea56ee24c5a1761cf4b8b2fe6b39b91aebbad
62130ceb5bf26289869eae5719b7d04837cd9b4cc3d467dcf172d522ff477e30
6500adfadc14bb183ccc1eea0e9679913ff77aa9194849362dd8d2663e69c990
66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb
670eda79922a2ee9669527d8b79c7f37868d9792def1184a7c299ee1cd002d0d
6c244b38a3f62fee32b4e6f32a69d40865af2e1f7bc2dd73397b8fd0f96125e7
759776de13776c14d10dcafc9bfe18af17d9e8273058d2b5d5301da18e53f398
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8004f0cb81cf8656806c4d50cbd9ad1438cc81147bfd2a81461613cca5c7c98b
821c12bc3b602cc96e2289a5142e4a67402342ee44fee3145412fdc542ed4cb3
826f69808f13f87a81bb59890eb89244dab3eb2c08838cd4476506948140a1f2
864b128733a17d57f1c8c7f2a499d1908a40c2b72c43580c66ba48c1627390a7
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8d00e4343987593afa91865c8407fea36971df89c736d5d70ad6d717d4992d1d
8e5e29d0c9833e13c2611b1750b700c7145d7111f8f740796088c031698ab7c6
990762a2c214a6b4a9399750234da158ae672856924ab8d0c851c9926a802026
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
9e8a8d88dd64219870da0682ebf38264b7d114fdd39e938f5aaacc4063e6b458
acc9cba7811c9949e5c015e7aa21f589ffef8d83604d3333acd8d2c6660f5891
acfcd382a2dbd3a3d15cd0dd97a93f7b990b0d8357492f2ab1fd408da4e2246f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bc86f6eaeda0b5739129bdbbcd28d987858aa2b5984025927b6fd7bd60010553
be2410b9f62e6869f780f9f358bac8b3abf8f2e33b25f5737b05f6937cf87e3e
bf1325ce561c93e54c85fe261dca05c1d4954f0604daa0cb52742c9ae0adcd0a
c5fd0da9de60e9ac06d150a0b8af0df0a5e6ce0c68c548874763ce959987c880
c634b29c3985d2fece18dd7a8d8b82e7909476c2c4821f3db359136bccb8dbd8
c641070cac80b08e2de649bc915e2f3177c8a1e44e132abd2ae091d1cfe9dd4c
ce451b872ac22eb17b3abac113e2536d9137830e06750cf2d545300b4f657d6e
d344c61f14cf04732d751b775ddd9ff0fc6edf7b6933599a9e403f0dcd29c9d1
d41d71e867d1a86caa0e2b4d56663d9c19119a71b53dc2aaec19c53e01efaaa6
d5732bec8002c839facba602cd623ed9869191e6e6acde06231226df7977d6f8
d6ff40ec934f8753de538cec4cd282ee62ca47872ca6e69df8181caff22a5bbf
d7067de289f4ec12ce0de329069f6d7b78a459127404eec84fed2bc02244fd27
d9679fda99fc363c35b1b53da2732fea174a33b93603f3058c1f0f59dce2c6b1
e24c7b6d63e9ca9f4b51d7b88947656b34ced12f8f9aa40ef1cb0a8067a8fd46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f542f904faa40728ec73c89bd88d360cfd49bcd3c08de009bb83a5de1d2c04
e41f07eced66e12809bec654b0a18677a78a7814525dcb6b99934d0b4bcecfc4
e8dbc58dfe02f314f15d12c44ed0a4e76d823c80b5ee6fd1e6342a7e52b93546
e96cb7ecc756edd58a9dc0d9bbbe82c7bf4ea2c8ca4b27734ba7a6c08dc15671
ea0db548d1d44a4ee551ccab83e83827b7946cdf7fbcba7acf76f96f996989d0
eb8549cc52deeac2372454c8de72e57f08d50bcaf10e8bf9895627d23a44430c
ee1ed7b578e1ef6fc0b4eac9c4f9eaa16f3301fce096666526e9d08e4956bb5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1f979571397a6f809d42051fddf5fb8db32d0509f42bfeee36a8bf8cb8c722
f1f168b5eda190ee7bbfb4f50fb3b9f6ea90eb7bea1dfa0ae43ba82df4ea0204
f38c240fd5e44fe288d1728431b5f8ddb030540ab6b5667ca7465dcec66c61b2
f44a1114717d339dae9565b73af58004d4cee95749f24fb666dbcce5f0ee7096
f68e6a0e5b1215bc7547193172ca7eb7e8f6d0e29746471f84a58fc0fe6e0510
fc77a6abedf64177e5881fa21f66bc9de67659b988640939939cf3ecc44b1a11
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

ezgif.com Open in urlscan Pro 2a01:4f8:110:4258::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

201 Requests

100 %HTTPS

31 %IPv6

32 Domains

54 Subdomains

42 IPs

12 Countries

2117 kBTransfer

5702 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

201 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ezgif.com Open in urlscan Pro
2a01:4f8:110:4258::2 Public Scan

Screenshot
Live screenshot

Full Image

201
Requests

100 %
HTTPS

31 %
IPv6

32
Domains

54
Subdomains

42
IPs

12
Countries

2117 kB
Transfer

5702 kB
Size

14
Cookies

201 HTTP transactions
4 data transactions