controlc.com Open in urlscan Pro
2606:4700:3035::681c:17af Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false
Effective URL:
https://controlc.com/819a1bd2
Submission: On October 03 via manual (October 3rd 2020, 8:02:52 am UTC) from AU

Summary HTTP 150 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 23 domains to perform 150 HTTP transactions. The main IP is 2606:4700:3035::681c:17af, located in United States and belongs to CLOUDFLARENET, US. The main domain is controlc.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2020. Valid for: a year.

This is the only time controlc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2606:4700:303... 2606:4700:3035::681c:17af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 32	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	23.111.10.144 23.111.10.144	33438 (HIGHWINDS2) (HIGHWINDS2)
24	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
28	143.204.94.35 143.204.94.35	16509 (AMAZON-02) (AMAZON-02)
1	40.84.148.247 40.84.148.247	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
2	52.218.61.99 52.218.61.99	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2010	15169 (GOOGLE) (GOOGLE)
1	213.19.147.210 213.19.147.210	26120 (RHYTHMONE) (RHYTHMONE)
2 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:818::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
150	23

20 2606:4700:3035::681c:17af (United States)

ASN13335 (CLOUDFLARENET, US)

controlc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.144 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.fancybar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c0a0913d7ca1d75e3de915c4c1606e9a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1f637ea4bd4cbdd82ebac978ebca6f9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 143.204.94.35 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-35.fra50.r.cloudfront.net

yadloop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.84.148.247 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ads3.mthsense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

521c6cb4b39a01c184eae5c33b374caa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
253c53ec30587deb0e43e21134b40413.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.61.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

os4m-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.91 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com c0a0913d7ca1d75e3de915c4c1606e9a.safeframe.googlesyndication.com tpc.googlesyndication.com b1f637ea4bd4cbdd82ebac978ebca6f9.safeframe.googlesyndication.com 521c6cb4b39a01c184eae5c33b374caa.safeframe.googlesyndication.com pagead2.googlesyndication.com 253c53ec30587deb0e43e21134b40413.safeframe.googlesyndication.com	45 KB
28	yadloop.com yadloop.com	38 KB
27	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	431 KB
20	controlc.com controlc.com	280 KB
10	googletagservices.com www.googletagservices.com	257 KB
7	google.com 1 redirects adservice.google.com www.google.com	2 KB
5	ampproject.org cdn.ampproject.org	108 KB
4	openx.net 2 redirects os4m-d.openx.net eu-u.openx.net us-u.openx.net	1 KB
3	google.de adservice.google.de www.google.de	1 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	googleapis.com storage.googleapis.com fonts.googleapis.com	304 KB
2	amazonaws.com s3-eu-west-1.amazonaws.com	90 KB
2	google.pl adservice.google.pl	294 B
2	google-analytics.com www.google-analytics.com	19 KB
1	adnxs.com ib.adnxs.com	708 B
1	1rx.io tag.1rx.io	269 B
1	mthsense.com ads3.mthsense.com	3 KB
1	fancybar.net cdn.fancybar.net	8 KB
0	yieldlift.com Failed x.yieldlift.com Failed
0	lijit.com Failed ap.lijit.com Failed
0	33across.com Failed ssc.33across.com Failed
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
0	casalemedia.com Failed htlb.casalemedia.com Failed
150	23

	Domain	Requested by
28	yadloop.com	controlc.com yadloop.com
24	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net controlc.com yadloop.com
20	controlc.com	controlc.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com controlc.com cdn.ampproject.org
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net controlc.com
10	www.googletagservices.com	controlc.com securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	adservice.google.com	securepubads.g.doubleclick.net
3	www.google.com	1 redirects controlc.com
2	eu-u.openx.net	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	s3-eu-west-1.amazonaws.com	securepubads.g.doubleclick.net
2	adservice.google.pl	securepubads.g.doubleclick.net
2	www.google-analytics.com	controlc.com www.google-analytics.com
2	adservice.google.de	securepubads.g.doubleclick.net
1	us-u.openx.net	controlc.com
1	cm.g.doubleclick.net	1 redirects
1	googleads.g.doubleclick.net	controlc.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	253c53ec30587deb0e43e21134b40413.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ib.adnxs.com	storage.googleapis.com
1	os4m-d.openx.net	storage.googleapis.com
1	tag.1rx.io	storage.googleapis.com
1	storage.googleapis.com	ads3.mthsense.com
1	521c6cb4b39a01c184eae5c33b374caa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	b1f637ea4bd4cbdd82ebac978ebca6f9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	controlc.com
1	ads3.mthsense.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	c0a0913d7ca1d75e3de915c4c1606e9a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.fancybar.net	controlc.com
0	x.yieldlift.com Failed	storage.googleapis.com
0	ap.lijit.com Failed	storage.googleapis.com
0	ssc.33across.com Failed	storage.googleapis.com
0	fastlane.rubiconproject.com Failed	storage.googleapis.com
0	htlb.casalemedia.com Failed	storage.googleapis.com
150	36

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-13` - `2021-08-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.fancybar.net COMODO RSA Domain Validation Secure Server CA	`2018-09-10` - `2020-09-09`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
yadloop.com Amazon	`2020-09-24` - `2021-10-26`	a year	crt.sh
ads3.mthsense.com Go Daddy Secure Certificate Authority - G2	`2019-09-03` - `2020-11-01`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh

This page contains 38 frames:

Primary Page: https://controlc.com/819a1bd2
Frame ID: 5C944EFD4AF5E20A29929EA59C97CA46
Requests: 32 HTTP requests in this frame

Frame: https://controlc.com/819a1bd2/fullscreen.php?hash=5ec82e780f5079ff7a5ee8e580e9b4dd&linenum=false
Frame ID: D3A0C5D10939A0CF92D88CD6E3FC2984
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTLmyJOMjSbrSWOiLCXG_fmrSu2Jp0xnnytTAXr0E8Nasds1KhvP0GXTJQcmWrOtF5la7_r93dXHM3r2AyLOgMW8m50bTo4XhK_C2XYpS7ag5bLEOGFdYOq1vM2zN3v3JjMF-SaHGdfakt7oPW9y3AnadW2YUCVKK_nbbbyREXZ343YafX1LxuezM9uw-v7PlUTVu1kXooSNCffQVLQPGPQQBtrJSqw0wuecpHRLcM_0knIZ3gLZNwfaxm-8LYbAWFMo33iEsRiGw3zHx4tpYY76wRniuvLuuZFw&sai=AMfl-YSqgtcN4Pi0Pw6FJDbqsz_c8IgHM575LnuGoc3zT3O1noffEwW_rfFI6alf1fEnTvFZKWuhF5JCIjMUYX5jp69XAOIsSYXQDgV9xVC5mRNsuvzP-N28Yme6QW41RKs&sig=Cg0ArKJSzBoq9d0FcznSEAE&urlfix=1&adurl=
Frame ID: F571F452D55786D6C6C4E2D5FEC3CB7C
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPgIyB1eVpIrIcbDIqU8x2CsOslfEFSGvKXXXNOcX2h1W5EX-Mm3GgqeCSYsLJLRxVJ44yCH9lPiW765ynEK8uEurKOXMZ8z9vSGEwJsnmFu1zn-xByZC0uPvfFdUbMSN58-NeA0ExwGdE69lpQuGVmTCZhV9bB4FJuv6UXQ-3dppuAx0oQX-0zFqXjmqWhC8Wv3bAJVs1-TtD6xymeq_QtyYdnOOi3r6SmBY7r1Ix2_6ElbTCCMDjbnxoT_5v1uZuAIfVLerlGjE&sai=AMfl-YRxtRSbY6T0Eq2eVVifI2OouqNG6LURcL-k-t8Q9xb9afYPPSFFy1iLztJCeQiXdKOc10Ca_RL-ZBg0eYQ3LH63FS9BriECfuQq_DVO_4PDOh4YsXOCa3NTCGkwY6G6&sig=Cg0ArKJSzCbQ9JHtU3WaEAE&urlfix=1&adurl=
Frame ID: 144C92930FD8B8330AB8A4D6CDF82222
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3-W_IyYiN0XdN6TAdidizIzDTy7nrAD1vIFyevMJkW5DOGa49cGlVTpcxcv1vWJbC28L7vJNRok_C4uCI0UBWo5-llN6SdIuP5FMt4GJWe4EK8O8m_8uEigFJaT_guvAbtPfiL8rvvurM1Sol9-4oesMkYFj9w7TV1I_nKBOTgdHE1SpdAO8nirAQvCh3YFQhiEJEztLGKAKdFf468MgwvLzJzpjdbW0lErHwtLf1LeObNQreT-gzCR60YI65u2ZDi1KM2444V3ngyP5Bjsf0JqjmIA&sai=AMfl-YTNyUi6xBOrLu4Dcw9p7ncPPQHUATVxHKOnEVi7luLIBGjnjthF5Wxj2ILel1zXcppFqMtQPXj8aZZfoZO3Gw39wQpXsF38ssz9HCv4daDYWC7j9aEnwVUqyrXtreg&sig=Cg0ArKJSzMpussntbPA1EAE&urlfix=1&adurl=
Frame ID: 90029856FA22E41D65FE8A5547C030EE
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B7098CC12355DB151CE52C3A6ECD12AF
Requests: 11 HTTP requests in this frame

Frame: https://yadloop.com/syncro?i=uml4x413apkiqmcvre&a=ff33ef70b2e2b9a48741989d191427917&cb=4839291601712136353
Frame ID: AA11AE41761F34D336EA2317164EDCB0
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stat?i=uml4x413apkiqmcvre&a=85b4506f143331b6cfb4268b28c6782c9&cb=9442911601712136354
Frame ID: 29F407BBD89609C48428EA705B8B4882
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/async_usersync?i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a7&cb=8296811601712136356
Frame ID: BEAD1199D5AAC3F3257C64E993E32909
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stats?i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f9&cb=3872901601712136357
Frame ID: 4CC3B8271644387409E50E7D147BAF9E
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usync?i=uml4x413apkiqmcvre&a=9792f07ae0a3c3452c98dee5591d78631&cb=6050901601712136359
Frame ID: 099EF367439A4902737DD9F3C329B50B
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/async_usersync?i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475219&cb=2658661601712136360
Frame ID: 43E80D349C9EE14BBAF6A0E72AB7491B
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stats?i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab307&cb=8098111601712136361
Frame ID: D2A16401579A5EE8C4FE3CBFDD2A3F7D
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/count?i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe487&cb=3180321601712136362
Frame ID: CABE375AB0BDC6C5E5ED5DCF500510FE
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usync?i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb39&cb=9366521601712136363
Frame ID: 5AD1CBB474A6557D573D27E6B55C6247
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a93&cb=4478221601712136365
Frame ID: CA89CC86967A605F5F7C1204B333856D
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f1&cb=7130681601712136366
Frame ID: 90DAAEA5E0581A876AD48A03C0B6D7E6
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usync?i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba029&cb=1871541601712136367
Frame ID: 07EDCE998007E156B2341805D4923269
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 3C62FDACB2A0B69E7628B9ED6597BF84
Requests: 12 HTTP requests in this frame

Frame: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc7&cb=2396481601712136387
Frame ID: FE076FB1771F9C03D49BF022BC651162
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usync?i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e705&cb=0651581601712136389
Frame ID: 4CC536DA6B9870F3CE5D755C103E54BC
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usync?i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d87&cb=1122941601712136390
Frame ID: 2ACECD27D3091884D177B49C1D5C1509
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b7&cb=5089541601712136391
Frame ID: C142B967E042C6655470020231B2C0CE
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stats?i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260881&cb=4902021601712136392
Frame ID: 9027DBEF6491361F63F106E108DFE670
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/count?i=qwpqn1ipjtdny52xwe&a=882897f02d8d04f5e2ca7fe9428c3a165&cb=4973141601712136394
Frame ID: 81A45528B06841D91FC3EFB69071105A
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/count?i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a31&cb=8374721601712136395
Frame ID: 98936D3EACB0F433441A6067D591D5D4
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/count?i=qwpqn1ipjtdny52xwe&a=09d0930f2b4393c086049204715f636f3&cb=4505361601712136396
Frame ID: 6FB19E60E5B7779B04FD8B7BD4C8387D
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stat?i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e71&cb=7461481601712136397
Frame ID: B7DD249028DBF0B1C6F12F228C207214
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/user?i=qwpqn1ipjtdny52xwe&a=4c573560928388de17c545349516a3953&cb=1497511601712136399
Frame ID: 60997FB8343C4B3D462F89E44F480541
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/async_usersync?i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1755&cb=7439581601712136400
Frame ID: 7B350B3D4887F583DA636F8A2E9B311A
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stats?i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d37&cb=2220821601712136401
Frame ID: 57A476BEFC8CB055A35B8FD6737917AD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWa5iByL0oYGv-uuLB37X_vKOftEXVHS-WOzob4ub_aWz9eC_d2kS-jqvcFp7A-CAnhFJqBMnAvXE-Mzv1Pw06co84pJCDnW1OkQEqVffTpub1If42xhxR5opDHkraYyYQi-ey3w3PUrBFz0L__gbTcXebWg_C5ov-7ExAevPYsuQYkCTkZk935BDzNYQQzXdQUL1yfyluPWhu3v0iFoGJrNhUcDfgfZXu8S0wZD9dyYCTfJVOC4zex1BT_4IpQjTMYj-LG1l_NuW7_w&sig=Cg0ArKJSzC-S_QmrYG93EAE&urlfix=1&adurl=
Frame ID: 7E46FC44627F18F7501501773B96D67E
Requests: 6 HTTP requests in this frame

Frame: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: 4959B007B808ADE2A0FE1FB841048391
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvypRyvpVdz7-fjzQlOhmb7bMG372vVctkIUG7kkWf_Xiq8dHXfTVKtaGeYlYe22JEmjVZXHptRXBecoAVZwPV7fG1FZ5wpydS0wOzR7P7AgvoSHHHzmIGeP6f21w9FbL98eqFaC6SrCYE-ujpaRcMQt41PxIiEAJVqdkgleKGJ_NZXyksRCkj0QSY2NrJnVc16n7V9sYWeMUFDxWrEXM4g-tQvW39nKefRg3OBos2zhYjLsnw4Ady6255xt-ZCynfWuzFGSJtIcdM&sig=Cg0ArKJSzM0UxQ83HQnBEAE&urlfix=1&adurl=
Frame ID: 0106B952A6DD5FDAB4F687EC6097CD62
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 39B53B68A454C2D99F0BFB66F7E7391F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 136376B9DA901EDF4EFCB472B2DE6C5E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.js
Frame ID: DA7BE564945B57C27E32F6FE2F16A27D
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 9481A7D54709E7D507376EC22E43FD2A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&l... Page URL
https://controlc.com/819a1bd2 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

150
Requests

96 %
HTTPS

64 %
IPv6

23
Domains

36
Subdomains

23
IPs

6
Countries

1617 kB
Transfer

3710 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false Page URL
https://controlc.com/819a1bd2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 147

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 154

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECTS90GMJyBYBjnFMSKiucI&google_cver=1

150 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 fullscreen.php Show response
controlc.com/819a1bd2/ 165 B
760 B 89ms
61ms Document
text/html 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 5a9023d13f0cfe2f947479d63a614c0f1b9d8bff9a206a0216ec3273f94680b4

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 03 Oct 2020 08:02:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d35dfd94bb33e2bef89e61345b307e5471601712135; expires=Mon, 02-Nov-20 08:02:15 GMT; path=/; domain=.controlc.com; HttpOnly; SameSite=Lax PHPSESSID=4a9087d36b1659b06334c4568dcd9e66; path=/
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 058f14b4d2000005dc9d113200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712135"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5dc523ce1f9905dc-FRA
content-encoding: br

GET
H2 200 Primary Request 819a1bd2 Show response
controlc.com/ 10 KB
3 KB 83ms
82ms Document
text/html 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/819a1bd2
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 5080d82d1bf0564f3b06be57f5ee6050c6769de5fb3e69c1fe2b569fc9b947c2

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /819a1bd2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d35dfd94bb33e2bef89e61345b307e5471601712135; PHPSESSID=4a9087d36b1659b06334c4568dcd9e66
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false

Response headers

status: 200
date: Sat, 03 Oct 2020 08:02:15 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: tinychat_box=1601712135; expires=Sun, 04-Oct-2020 08:02:15 GMT; Max-Age=86400; path=/; domain=.tinypaste.com
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 058f14b517000005dc9d11d200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5dc523ce88da05dc-FRA
content-encoding: br

GET
H2 200 global.css
controlc.com/public/css/ 12 KB
3 KB 17ms
12ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/global.css
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1858
cf-polished: origSize=15109
status: 200
cf-request-id: 058f14b57f000005dc9d124200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-3b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5dc523cf3a9105dc-FRA
cf-bgj: minify

GET
H2 200 bootstrap.css
controlc.com/public/css/ 80 KB
13 KB 19ms
14ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/bootstrap.css
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1858
cf-polished: origSize=99036
status: 200
cf-request-id: 058f14b580000005dc9d125200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-182dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5dc523cf3a9505dc-FRA
cf-bgj: minify

GET
H2 200 bootstrap-responsive.css
controlc.com/public/css/ 10 KB
2 KB 17ms
12ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/bootstrap-responsive.css
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1858
cf-polished: origSize=14308
status: 200
cf-request-id: 058f14b580000005dc9d126200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-37e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5dc523cf3a9a05dc-FRA
cf-bgj: minify

GET
H2 200 view.css
controlc.com/public/css/ 598 B
370 B 17ms
13ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/view.css
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 467b1db9776e63a47ad4b041976647f292a3ce02da70383613325e4dea1ef734

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1858
cf-polished: origSize=752
status: 200
cf-request-id: 058f14b580000005dc9d127200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-2f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5dc523cf3a9e05dc-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
controlc.com/public/js/ 148 KB
30 KB 19ms
15ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/jquery.js
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1858
cf-polished: origSize=153534
status: 200
cf-request-id: 058f14b580000005dc9d128200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-257be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5dc523cf3aa005dc-FRA
cf-bgj: minify

GET
H2 200 view.js Show response
controlc.com/public/js/ 2 KB
726 B 42ms
39ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/view.js?x=1601712135
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb1720927d146fe5dc6901717017a7b373a4a55acbb15ed36677cfa5d2abcb08

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-7f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5dc523cf3aa105dc-FRA
cf-request-id: 058f14b582000005dc9d129200000001

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 50 KB
18 KB 60ms
38ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3510ca509526b21b5f61ecd5db3123d95084dd998d8f4ee0d9afca092101fa71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "651 / 286 of 1000 / last-modified: 1601676732"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17349
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:15 GMT

GET
H2 200 getpaid.png
controlc.com/public/images/ 6 KB
6 KB 10ms
10ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/getpaid.png
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:15 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1858
status: 200
content-length: 6510
cf-request-id: 058f14b5a9000005dc9d12b200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: "555139ee-196e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5dc523cf7b3905dc-FRA

GET
H2 200 logo.png
controlc.com/public/images/ 12 KB
12 KB 20ms
19ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/logo.png
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:15 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1858
status: 200
content-length: 12078
cf-request-id: 058f14b5b9000005dc9d12d200000001
last-modified: Thu, 19 Sep 2019 14:03:25 GMT
server: cloudflare
etag: "5d838aad-2f2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5dc523cf8b7005dc-FRA

GET
H/1.1 200
OK fancybar.js Show response
cdn.fancybar.net/ac/ 21 KB
8 KB 260ms
53ms Script
application/javascript 23.111.10.144
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fancybar.net/ac/fancybar.js?zoneid=1502&serve=C6ADVKE&placement=tinypaste
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.10.144 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f5a1212852709b2be58bf29e94fb8b53575c6596d744b192d2979474b062c4b3

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 03 Oct 2020 08:02:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 14:20:27 GMT
Server: NetDNA-cache/2.2
ETag: W/"5362-5900057953202"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 ab.png
controlc.com/ 67 KB
67 KB 22ms
22ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/ab.png
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 249a47240c54580905210bdba65667fee54315dc6ed4c35c080569b2526ac056

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:15 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1858
status: 200
content-length: 68149
cf-request-id: 058f14b6c8000005dc9d144200000001
last-modified: Mon, 30 Mar 2020 10:19:31 GMT
server: cloudflare
etag: "5e81c7b3-10a35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5dc523d1484605dc-FRA

GET
H2 200 pubads_impl_2020092201.js Show response
securepubads.g.doubleclick.net/gpt/ 264 KB
93 KB 175ms
61ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

5e1390f7c515a04fbd18d7c3e864de65e7fc473f8a2e5134f74a79e122911dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 03 Oct 2020 08:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 08:40:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94816
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:15 GMT

GET
H2 200 bg.png
controlc.com/public/images/ 987 B
1 KB 11ms
11ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/bg.png
Requested by: Host: controlc.com
URL: https://controlc.com/public/css/bootstrap.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6

Request headers

Referer: https://controlc.com/public/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:15 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1853
status: 200
content-length: 987
cf-request-id: 058f14b6e1000005dc9d148200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: "555139ee-3db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5dc523d168a405dc-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 35ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 36ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 417 B
936 B 146ms
93ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1961027524099818&correlator=4330464429677973&output=ldjh&impl=fif&eid=21067389&vrg=2020092201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201003&iu_parts=1025874%2CPasted_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1601712135&dt=1601712135913&dlt=1601712135535&idt=360&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=0&adks=765271295&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F819a1bd2&ref=https%3A%2F%2Fcontrolc.com%2F819a1bd2%2Ffullscreen.php%3Fhash%3De774f02fcc36bb67160952feb0310c8f%26toolbar%3Dtrue%26linenum%3Dfalse&dssz=9&icsg=4010&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=212704922.1601712136&ga_sid=1601712136&ga_hid=1004881494&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

cb65bb2668b1dca4ae5cefab77b317f9dbd747be01209d12ad8602857432f507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 224
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c0a0913d7ca1d75e3de915c4c1606e9a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 57ms
13ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c0a0913d7ca1d75e3de915c4c1606e9a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
5ms Other
text/html 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 139ms
101ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1961027524099818&correlator=4330464429677973&output=ldjh&impl=fif&eid=21067389&vrg=2020092201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201003&iu_parts=1025874%2CPasted_728x90_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1601712135&dt=1601712135937&dlt=1601712135535&idt=360&frm=20&biw=1600&bih=1200&oid=3&adxs=50&adys=127&adks=1406371575&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F819a1bd2&ref=https%3A%2F%2Fcontrolc.com%2F819a1bd2%2Ffullscreen.php%3Fhash%3De774f02fcc36bb67160952feb0310c8f%26toolbar%3Dtrue%26linenum%3Dfalse&dssz=13&icsg=64162&std=0&csl=89&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1500x90&msz=1500x90&ga_vid=212704922.1601712136&ga_sid=1601712136&ga_hid=1004881494&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

be2ae35b6e5252293439ab3e9dfb76e6bb1bb3bae50cabbdde30db734bf2225e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2703
x-xss-protection: 0
google-lineitem-id: 4654736569
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138231783466
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ab.js Show response
controlc.com/ 5 KB
2 KB 12ms
12ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/ab.js
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1853
status: 200
cf-request-id: 058f14b70e000005dc9d14d200000001
last-modified: Sun, 29 Mar 2020 09:43:08 GMT
server: cloudflare
etag: W/"5e806dac-1285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5dc523d1b94905dc-FRA
cf-bgj: minify

GET
H2 200 fullscreen.php Show response
controlc.com/819a1bd2/ Frame D3A0 272 KB
92 KB 108ms
108ms Document
text/html 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/819a1bd2/fullscreen.php?hash=5ec82e780f5079ff7a5ee8e580e9b4dd&linenum=false
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 16c9cad97b9e133e3c218464b50468087876bdb944ced2e28ea49d6ed316cf8e

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /819a1bd2/fullscreen.php?hash=5ec82e780f5079ff7a5ee8e580e9b4dd&linenum=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d35dfd94bb33e2bef89e61345b307e5471601712135; PHPSESSID=4a9087d36b1659b06334c4568dcd9e66
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
date: Sat, 03 Oct 2020 08:02:16 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 058f14b70f000005dc9d14f200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5dc523d1b95005dc-FRA
content-encoding: br

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 134ms
111ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1961027524099818&correlator=4330464429677973&output=ldjh&impl=fif&eid=21067389&vrg=2020092201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201003&iu_parts=1025874%2CPasted_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1601712135&dt=1601712135952&dlt=1601712135535&idt=360&frm=20&biw=1600&bih=1200&oid=3&adxs=1390&adys=91&adks=2762401180&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F819a1bd2&ref=https%3A%2F%2Fcontrolc.com%2F819a1bd2%2Ffullscreen.php%3Fhash%3De774f02fcc36bb67160952feb0310c8f%26toolbar%3Dtrue%26linenum%3Dfalse&dssz=18&icsg=1026762&std=0&csl=87&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=160x600&ga_vid=212704922.1601712136&ga_sid=1601712136&ga_hid=1004881494&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

75da1804ac6fe18d163dce4d780f1b5c93a0174b35460beeaf4aa16d62c3d61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2636
x-xss-protection: 0
google-lineitem-id: 5215140857
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293261120
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 116ms
98ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1961027524099818&correlator=4330464429677973&output=ldjh&impl=fif&eid=21067389&vrg=2020092201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201003&iu_parts=1025874%2CPasted_728x90_Bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1601712135&dt=1601712135957&dlt=1601712135535&idt=360&frm=20&biw=1600&bih=1200&oid=3&adxs=50&adys=704&adks=2507290776&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F819a1bd2&ref=https%3A%2F%2Fcontrolc.com%2F819a1bd2%2Ffullscreen.php%3Fhash%3De774f02fcc36bb67160952feb0310c8f%26toolbar%3Dtrue%26linenum%3Dfalse&dssz=22&icsg=4107050&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1520x687&msz=728x-1&ga_vid=212704922.1601712136&ga_sid=1601712136&ga_hid=1004881494&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

6b80bf8b9b3f8d1a821b323cc19d249f429c3f46af4317a8e61507bc161ef22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2647
x-xss-protection: 0
google-lineitem-id: 5214351027
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293538274
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 glyphicons-halflings.png
controlc.com/img/ 14 KB
14 KB 11ms
10ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/img/glyphicons-halflings.png
Requested by: Host: controlc.com
URL: https://controlc.com/public/css/bootstrap.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced

Request headers

Referer: https://controlc.com/public/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:15 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1853
status: 200
content-length: 13826
cf-request-id: 058f14b71a000005dc9d151200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: "555139ee-3602"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5dc523d1c98305dc-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 5315
date: Sat, 03 Oct 2020 06:33:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Sat, 03 Oct 2020 08:33:40 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
395 B 39ms
13ms XHR
text/plain 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1004881494&t=pageview&_s=1&dl=https%3A%2F%2Fcontrolc.com%2F819a1bd2&ul=en-us&de=UTF-8&dt=function%20Invoke-NGHCPPVTOZNKELK%20%7B%20%5BCmdletBinding()%5D%20Param(%20%5BParameter(Position..%20-%20819a1bd2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=213850557&gjid=561707369&cid=212704922.1601712136&tid=UA-62963607-1&_gid=428884618.1601712136&_r=1&_slc=1&z=204179410

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://controlc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
432 B 42ms
14ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-62963607-1&cid=212704922.1601712136&jid=213850557&gjid=561707369&_gid=428884618.1601712136&_u=IAhAAEAAAAAAAC~&z=1843586175

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 03 Oct 2020 08:02:16 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://controlc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 global.css
controlc.com/public/css/ Frame D3A0 12 KB
3 KB 13ms
12ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/global.css
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2/fullscreen.php?hash=5ec82e780f5079ff7a5ee8e580e9b4dd&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

Referer: https://controlc.com/819a1bd2/fullscreen.php?hash=5ec82e780f5079ff7a5ee8e580e9b4dd&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1859
cf-polished: origSize=15109
status: 200
cf-request-id: 058f14b77e000005dc9d154200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-3b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5dc523d26b5505dc-FRA
cf-bgj: minify

GET
H2 200 fullscreen.css
controlc.com/public/css/ Frame D3A0 312 B
282 B 13ms
13ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/fullscreen.css
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2/fullscreen.php?hash=5ec82e780f5079ff7a5ee8e580e9b4dd&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b

Request headers

Referer: https://controlc.com/819a1bd2/fullscreen.php?hash=5ec82e780f5079ff7a5ee8e580e9b4dd&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1853
cf-polished: origSize=426
status: 200
cf-request-id: 058f14b77e000005dc9d155200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-1aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5dc523d26b5705dc-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
controlc.com/public/js/ Frame D3A0 148 KB
30 KB 18ms
17ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/jquery.js
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2/fullscreen.php?hash=5ec82e780f5079ff7a5ee8e580e9b4dd&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

Referer: https://controlc.com/819a1bd2/fullscreen.php?hash=5ec82e780f5079ff7a5ee8e580e9b4dd&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1859
cf-polished: origSize=153534
status: 200
cf-request-id: 058f14b77e000005dc9d156200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-257be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5dc523d26b5b05dc-FRA
cf-bgj: minify

GET
H2 200 tinypaste.js Show response
controlc.com/public/js/ Frame D3A0 3 KB
1 KB 15ms
15ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/tinypaste.js
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2/fullscreen.php?hash=5ec82e780f5079ff7a5ee8e580e9b4dd&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9

Request headers

Referer: https://controlc.com/819a1bd2/fullscreen.php?hash=5ec82e780f5079ff7a5ee8e580e9b4dd&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1853
cf-polished: origSize=3335
status: 200
cf-request-id: 058f14b781000005dc9d157200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-d07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712136"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5dc523d26b5e05dc-FRA
cf-bgj: minify

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F571 0
0 56ms
56ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTLmyJOMjSbrSWOiLCXG_fmrSu2Jp0xnnytTAXr0E8Nasds1KhvP0GXTJQcmWrOtF5la7_r93dXHM3r2AyLOgMW8m50bTo4XhK_C2XYpS7ag5bLEOGFdYOq1vM2zN3v3JjMF-SaHGdfakt7oPW9y3AnadW2YUCVKK_nbbbyREXZ343YafX1LxuezM9uw-v7PlUTVu1kXooSNCffQVLQPGPQQBtrJSqw0wuecpHRLcM_0knIZ3gLZNwfaxm-8LYbAWFMo33iEsRiGw3zHx4tpYY76wRniuvLuuZFw&sai=AMfl-YSqgtcN4Pi0Pw6FJDbqsz_c8IgHM575LnuGoc3zT3O1noffEwW_rfFI6alf1fEnTvFZKWuhF5JCIjMUYX5jp69XAOIsSYXQDgV9xVC5mRNsuvzP-N28Yme6QW41RKs&sig=Cg0ArKJSzBoq9d0FcznSEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:16 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H2 200 t.js Show response
yadloop.com/ Frame F571 18 KB
18 KB 254ms
138ms Script
application/javascript 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash: 023de4efb18edc28e481886960f85313c1ed1f07caf219a3ee8004e340c91da4

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 03 Oct 2020 08:02:16 GMT
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: UJm3xNY0N2loxym_w3NAfOxGIySlxecDwOyXSGdQVBp9_Ocw7YS9Pg==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F571 74 KB
28 KB 64ms
49ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

269191242ce327a0d4f592a6e93d29b6de04d495102fc73857ccb465bc965ed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601638337046233"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 55ms
46ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cf3d8b564224817bcd1412754de14a9da75185587f47047c878fe0b0ec12b5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601638337046233"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27576
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 144C 0
0 62ms
61ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPgIyB1eVpIrIcbDIqU8x2CsOslfEFSGvKXXXNOcX2h1W5EX-Mm3GgqeCSYsLJLRxVJ44yCH9lPiW765ynEK8uEurKOXMZ8z9vSGEwJsnmFu1zn-xByZC0uPvfFdUbMSN58-NeA0ExwGdE69lpQuGVmTCZhV9bB4FJuv6UXQ-3dppuAx0oQX-0zFqXjmqWhC8Wv3bAJVs1-TtD6xymeq_QtyYdnOOi3r6SmBY7r1Ix2_6ElbTCCMDjbnxoT_5v1uZuAIfVLerlGjE&sai=AMfl-YRxtRSbY6T0Eq2eVVifI2OouqNG6LURcL-k-t8Q9xb9afYPPSFFy1iLztJCeQiXdKOc10Ca_RL-ZBg0eYQ3LH63FS9BriECfuQq_DVO_4PDOh4YsXOCa3NTCGkwY6G6&sig=Cg0ArKJSzCbQ9JHtU3WaEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:16 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 144C 8 KB
3 KB 762ms
201ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.mthsense.com/RenderAd.aspx?id=14895&width=728&height=90
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d3271da198476fff8ec766602e7de156bf0a68fd9b6b8c6bdcb6adeb8669c6da

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 03 Oct 2020 08:02:16 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 2865

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 144C 74 KB
28 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

269191242ce327a0d4f592a6e93d29b6de04d495102fc73857ccb465bc965ed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601638337046233"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9002 0
0 55ms
55ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3-W_IyYiN0XdN6TAdidizIzDTy7nrAD1vIFyevMJkW5DOGa49cGlVTpcxcv1vWJbC28L7vJNRok_C4uCI0UBWo5-llN6SdIuP5FMt4GJWe4EK8O8m_8uEigFJaT_guvAbtPfiL8rvvurM1Sol9-4oesMkYFj9w7TV1I_nKBOTgdHE1SpdAO8nirAQvCh3YFQhiEJEztLGKAKdFf468MgwvLzJzpjdbW0lErHwtLf1LeObNQreT-gzCR60YI65u2ZDi1KM2444V3ngyP5Bjsf0JqjmIA&sai=AMfl-YTNyUi6xBOrLu4Dcw9p7ncPPQHUATVxHKOnEVi7luLIBGjnjthF5Wxj2ILel1zXcppFqMtQPXj8aZZfoZO3Gw39wQpXsF38ssz9HCv4daDYWC7j9aEnwVUqyrXtreg&sig=Cg0ArKJSzMpussntbPA1EAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:16 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H2 200 t.js Show response
yadloop.com/ Frame 9002 18 KB
18 KB 195ms
102ms Script
application/javascript 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash: 593057c59c9b6f5197c9c0abbfe82ea779c97f2db3511d57ae19b7fe686d6ba0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 03 Oct 2020 08:02:16 GMT
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nlnMyc4PynsQZokIL6jB33fVajbo5yXVvxqDqoVawxvBufpVQtYuIA==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9002 74 KB
28 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

269191242ce327a0d4f592a6e93d29b6de04d495102fc73857ccb465bc965ed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601638337046233"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 19ms
18ms Image
image/gif 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-62963607-1&cid=212704922.1601712136&jid=213850557&_u=IAhAAEAAAAAAAC~&z=1434971954

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 18ms
18ms Image
image/gif 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-62963607-1&cid=212704922.1601712136&jid=213850557&_u=IAhAAEAAAAAAAC~&z=1434971954

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9002 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3117876f0ed9d2ba6b2dbdc3d77dbd5c7a19804233ab61da8a2ab0d19bff04a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F571 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de89b06cd79307155ff4614c60f75559356ad48ef7b66e8a72dce8c49272fb1c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B709 50 KB
17 KB 54ms
53ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

e309964826f179ea8cd93d24e345eacd0434e6f5a906f4dd47df9ea6cce8a3a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "651 / 993 of 1000 / last-modified: 1601676732"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17349
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H2 200 syncro
yadloop.com/ Frame AA11 0
0 76ms
76ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/syncro?i=uml4x413apkiqmcvre&a=ff33ef70b2e2b9a48741989d191427917&cb=4839291601712136353
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /syncro?i=uml4x413apkiqmcvre&a=ff33ef70b2e2b9a48741989d191427917&cb=4839291601712136353
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: J_cGQOnP2Bc_awnR8aN-1sGkD3JNgvMP4s3JelNJf9LywIq6YMTTIA==

GET
H2 200 stat
yadloop.com/ Frame 29F4 0
0 103ms
102ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stat?i=uml4x413apkiqmcvre&a=85b4506f143331b6cfb4268b28c6782c9&cb=9442911601712136354
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stat?i=uml4x413apkiqmcvre&a=85b4506f143331b6cfb4268b28c6782c9&cb=9442911601712136354
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: e_zOHZXeFz6A7KirbAH8mAY_0ISj4GPsOr0WzAuKHqLyudLhFxeezw==

GET
H2 200 async_usersync
yadloop.com/ Frame BEAD 0
0 101ms
101ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/async_usersync?i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a7&cb=8296811601712136356
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /async_usersync?i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a7&cb=8296811601712136356
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _QhxantFsjUR4tN-NV39nqTCYIp5eIvLftmOyW2TLj4oy7oju0iFBA==

GET
H2 200 stats
yadloop.com/ Frame 4CC3 0
0 101ms
101ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f9&cb=3872901601712136357
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f9&cb=3872901601712136357
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1722
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HKaY32CPtBAmJYeeRer06iZdeuj9w5RrUJenleaQafdLGA8L699Gzw==

GET
H2 200 usync
yadloop.com/ Frame 099E 0
0 105ms
105ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usync?i=uml4x413apkiqmcvre&a=9792f07ae0a3c3452c98dee5591d78631&cb=6050901601712136359
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usync?i=uml4x413apkiqmcvre&a=9792f07ae0a3c3452c98dee5591d78631&cb=6050901601712136359
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Zjm3Vw21ZiBAjMmk43KO_mOOc1pscSZ47ansXJBIVMjb9aJ1xSOJ4g==

GET
H2 200 async_usersync
yadloop.com/ Frame 43E8 0
0 101ms
101ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/async_usersync?i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475219&cb=2658661601712136360
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /async_usersync?i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475219&cb=2658661601712136360
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: podJ4wFjI61lIEQbyWPC8QzP25EgCphzBOzwxWNaN1DfmBiPRm0QRQ==

GET
H2 200 stats
yadloop.com/ Frame D2A1 0
0 98ms
98ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab307&cb=8098111601712136361
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab307&cb=8098111601712136361
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1667
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: wt4Z2IHU7F961-RVc_bRzBh88uX16jhKhOpLqBxgOKKunmPgeeUUqw==

GET
H2 200 count
yadloop.com/ Frame CABE 0
0 102ms
102ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/count?i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe487&cb=3180321601712136362
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /count?i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe487&cb=3180321601712136362
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: wrFMs0it-xm3dQKFSfvRMKxMV1UmMNmd2rb87tEAwlkyLdfqOByrng==

GET
H2 200 usync
yadloop.com/ Frame 5AD1 0
0 105ms
105ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usync?i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb39&cb=9366521601712136363
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usync?i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb39&cb=9366521601712136363
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1710
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: xxZeAd7yNCrjaYZm1sozBb4VKPFy8-QMuS3quCD9fik3hKmHspWZmg==

GET
H2 200 user
yadloop.com/ Frame CA89 0
0 103ms
102ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a93&cb=4478221601712136365
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /user?i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a93&cb=4478221601712136365
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ziU-JLcHIkGu12Z1isRYhHlaTPrTxji-00vUMf_ke9f2y80YOh73aw==

GET
H2 200 user
yadloop.com/ Frame 90DA 0
0 119ms
119ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f1&cb=7130681601712136366
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /user?i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f1&cb=7130681601712136366
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1633
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6jJrFLRsv94w3ISrS_J0NtEF88thMw9k09vWpLh_6FudSo9T4qu6Ug==

GET
H2 200 usync
yadloop.com/ Frame 07ED 0
0 117ms
117ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usync?i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba029&cb=1871541601712136367
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usync?i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba029&cb=1871541601712136367
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1874
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: fo2PaQXwXFMWRGdVcpEUUn3bcIrRVNZ_oIBFMN4sNfRcWHa99LobAA==

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9002 0
21 B 58ms
57ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssC7aI_vKqRA9PjU4E54e34_KQ-qqT8qGbAWW_Fo2cNuVtIo6NCitbaXB50c075KihnqcOHB9urF1q6rB9Q58dMEon9BZKBfgUCfRnPMy-WYpu-Gdz5aqtfTwNMWJ0zuNnJ_Tnp8n7ptUmBAJZdJNKBeiFGcJpWh0sOc9UjGGoSd5yAYRDXJ-4cyJo0toaDYcIel9RRMiJvXjvM3LNLOs7oGYn4XW6PGfgCJHNgV8Ee64JbSoZfQ8sID0vjGH6Yv4AiVq6eUzMhDQ&sai=AMfl-YRAGPDZlQyz_4W6JoWx6fdt3S_KNkSp49U1ExHFE9JpB_TkvCwx5sXmw3WFeWIW9IC62B-ueHYjW-7DVBZncneZ_aGNuvKw72c1P9e9fyt53nC0XaQMX9qWUjA_MTY&sig=Cg0ArKJSzJE-KFHfmWBDEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:16 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 3C62 50 KB
17 KB 54ms
54ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

5ceba5a73aed243bf677df25fc8baef6b16ecc87727f168aaff642b016bd9295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "651 / 874 of 1000 / last-modified: 1601676856"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17350
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H2 200 usersync
yadloop.com/ Frame FE07 0
0 100ms
100ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc7&cb=2396481601712136387
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usersync?i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc7&cb=2396481601712136387
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1710
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: c0brp26iq4INCNr1aGTZGLnlh4AQ-066s8KzUmO4LijTYdI3KnW-Qg==

GET
H2 200 usync
yadloop.com/ Frame 4CC5 0
0 77ms
77ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usync?i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e705&cb=0651581601712136389
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usync?i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e705&cb=0651581601712136389
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1873
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ry-PC-zA6RMM3y_V4gWB2aNMeBoeTp6wdU6mcQy8LtrrvvO-IK90Jw==

GET
H2 200 usync
yadloop.com/ Frame 2ACE 0
0 103ms
103ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usync?i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d87&cb=1122941601712136390
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usync?i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d87&cb=1122941601712136390
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Pb7L2MM05AyGmnycerfA8Gdq51fz32gRT35zefXsNo7-3oRTTFk6Ng==

GET
H2 200 usersync
yadloop.com/ Frame C142 0
0 96ms
96ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b7&cb=5089541601712136391
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usersync?i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b7&cb=5089541601712136391
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1719
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HUijMrR7nM49YbCyKS-YkyXHhNxz1iGUGHUf6PYgVGSCwunO1cQH6A==

GET
H2 200 stats
yadloop.com/ Frame 9027 0
0 96ms
96ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260881&cb=4902021601712136392
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260881&cb=4902021601712136392
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: WpjiwLlqexPKPa6Ferz4OeT892MYryScLHKjxYCADR40yvqE-Gc_Sg==

GET
H2 200 count
yadloop.com/ Frame 81A4 0
0 105ms
105ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/count?i=qwpqn1ipjtdny52xwe&a=882897f02d8d04f5e2ca7fe9428c3a165&cb=4973141601712136394
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /count?i=qwpqn1ipjtdny52xwe&a=882897f02d8d04f5e2ca7fe9428c3a165&cb=4973141601712136394
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mRVn6ga8eMN3eBo_py8MI9_h3CcUBuvya8z0jqjmlsvvjo0Vd2OaQQ==

GET
H2 200 count
yadloop.com/ Frame 9893 0
0 77ms
76ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/count?i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a31&cb=8374721601712136395
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /count?i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a31&cb=8374721601712136395
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1667
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PB94yKTXtUshrCsVq6iwROpGdOvC9Xt1bYPh8OepfS4TuV1oOTYikw==

GET
H2 200 count
yadloop.com/ Frame 6FB1 0
0 100ms
100ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/count?i=qwpqn1ipjtdny52xwe&a=09d0930f2b4393c086049204715f636f3&cb=4505361601712136396
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /count?i=qwpqn1ipjtdny52xwe&a=09d0930f2b4393c086049204715f636f3&cb=4505361601712136396
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zkLQLDa6CJrjRm3NYU2TQxLoWT3jvCNoCvhFiPBDSiMrC51tXAv1cA==

GET
H2 200 stat
yadloop.com/ Frame B7DD 0
0 94ms
94ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stat?i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e71&cb=7461481601712136397
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stat?i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e71&cb=7461481601712136397
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _cNHQ072QGXuO_vXr99vKLcSb2gH7HfqT7vZOStFGezlmzQrbakilQ==

GET
H2 200 user
yadloop.com/ Frame 6099 0
0 103ms
102ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/user?i=qwpqn1ipjtdny52xwe&a=4c573560928388de17c545349516a3953&cb=1497511601712136399
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /user?i=qwpqn1ipjtdny52xwe&a=4c573560928388de17c545349516a3953&cb=1497511601712136399
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mJZPdevfMW3xYkHwWocDetsjqJQ-2YmWxYPyG_LVyndv4b4g7YPDYA==

GET
H2 200 async_usersync
yadloop.com/ Frame 7B35 0
0 103ms
103ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/async_usersync?i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1755&cb=7439581601712136400
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /async_usersync?i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1755&cb=7439581601712136400
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1633
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: MfylllapyIBlMpmFqutu27YGiLI4BWzrXz4c597G541Xe8BYpL2Umg==

GET
H2 200 stats
yadloop.com/ Frame 57A4 0
0 102ms
102ms Document
text/html 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d37&cb=2220821601712136401
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d37&cb=2220821601712136401
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=a02e841843cc75ed2a73aa648d550dbd47629fc2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sat, 03 Oct 2020 08:02:16 GMT
x-cache: Miss from cloudfront
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Y_LSKZBwctGgRugV3YyU1sVmOUa2VZynSd2dbs76Am-DO2uAglsqgw==

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F571 0
21 B 58ms
58ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWu9BwOF1a-zP-xD4UXJodCCQcpE_hlO-pGjLrYaMuRLxoEkl9xBFMBL941hQOCoqIVxZ01JfWCaz0-l7_jkFHMecEyO-xd_TFumesPYiAAxuMaAc8pK1WGUD_P_84ivZPe0sJoujlKDqrzcmoOMjEEdgL-IfI0wPGSWz_80XdULZqn3tYvXb1g5de3AEAnAHuFnmvQ-6L0uYvJkoslqo6j6AnM3Vn6rWYxm2b4Z1kL7rXNY1oPi5nQqZrguSBuD7MFYsbbBeuTVNFj_6hJQ&sai=AMfl-YSsprthykcSiRMSrRRr6HLYnuWp2_jSFUGvPAzmegXrjQUxPPvpoeWsTKK2vFU_PfzHv9fge5i3l9shfuBBkwK1lkyo4lUcLbYlTlkWxU_2FJ_i6rIEJ2xr10nlVlI&sig=Cg0ArKJSzCyKOAZ9jPr2EAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:16 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 pubads_impl_2020092201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B709 264 KB
93 KB 54ms
54ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

5e1390f7c515a04fbd18d7c3e864de65e7fc473f8a2e5134f74a79e122911dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 08:40:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94816
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H3-Q050 200 pubads_impl_2020092201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3C62 264 KB
93 KB 92ms
90ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067592

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

5e1390f7c515a04fbd18d7c3e864de65e7fc473f8a2e5134f74a79e122911dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 08:40:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94816
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H2 200 pxl.jpg
yadloop.com/ Frame 9002 597 B
831 B 83ms
83ms Image
image/jpeg 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yadloop.com/pxl.jpg?i=uml4x413apkiqmcvre&s=781&p=https%3A%2F%2Fcontrolc.com%2F819a1bd2&rstk=https%3A%2F%2Fcontrolc.com%2F819a1bd2&h=6379681601712136475
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8
status: 200
content-length: 597
x-amz-cf-id: uyfkho2eE6Ca9Mf-wGbTKUA9jqrkukxl3rptvbcXPgt9IgszZSHa4Q==

GET
H2 200 pxl.jpg
yadloop.com/ Frame F571 597 B
832 B 154ms
96ms Image
image/jpeg 143.204.94.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yadloop.com/pxl.jpg?i=qwpqn1ipjtdny52xwe&s=781&p=https%3A%2F%2Fcontrolc.com%2F819a1bd2&rstk=https%3A%2F%2Fcontrolc.com%2F819a1bd2&h=1857511601712136504
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-35.fra50.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8
status: 200
content-length: 597
x-amz-cf-id: -agTlq7BMN84PZxIkQnuldnGYq_TFVc_pfKOoqZhX3OPDYixaa-SrA==

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame B709 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame B709 109 B
868 B 38ms
24ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B709 4 KB
2 KB 203ms
203ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1135635453791587&correlator=2545389784368359&output=ldjh&impl=fifs&eid=21067447%2C21067518&vrg=2020092201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201003&iu_parts=21671350435%2C160x600-controlc.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&cookie=ID%3D55f67571bd700b26-22314a30eeb800d2%3AT%3D1601712136%3AS%3DALNI_MZgZrlyru1eNZMipUCLWqRsmqCw3Q&cdm=controlc.com&bc=31&abxe=1&lmt=1601712136&dt=1601712136580&dlt=1601712136350&idt=222&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adxs=1390&adys=160&adks=2407567311&ucis=9523oouw34me&ifi=1&ifk=3262021706&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F819a1bd2&top=https%3A%2F%2Fcontrolc.com%2F819a1bd2&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=160x-1&ga_vid=212704922.1601712136&ga_sid=1601712137&ga_hid=634604176&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5c1a881a5a0e5682d5bb7468d4db9ab27bff03c75d815389a4a5f8c642cf390a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2241
x-xss-protection: 0
google-lineitem-id: 4920373360
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138257300386
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b1f637ea4bd4cbdd82ebac978ebca6f9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame B709 0
0 75ms
49ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b1f637ea4bd4cbdd82ebac978ebca6f9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame B709 0
0 27ms
13ms Other
text/html 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 3C62 109 B
126 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067592

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3C62 109 B
126 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067592

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3C62 4 KB
2 KB 183ms
183ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2896613494850509&correlator=3080015652849375&output=ldjh&impl=fifs&eid=21067592%2C21065517&vrg=2020092201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201003&iu_parts=21671350435%2C728x90-controlc.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D55f67571bd700b26-22314a30eeb800d2%3AT%3D1601712136%3AS%3DALNI_MZgZrlyru1eNZMipUCLWqRsmqCw3Q&cdm=controlc.com&bc=31&abxe=1&lmt=1601712136&dt=1601712136684&dlt=1601712136384&idt=285&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=50&adys=704&adks=1088513110&ucis=1w9cyztornjb&ifi=1&ifk=4222758319&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F819a1bd2&top=https%3A%2F%2Fcontrolc.com%2F819a1bd2&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=212704922.1601712136&ga_sid=1601712137&ga_hid=1602355768&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067592

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

00426e13669f7a3de4f60ca5753cf6c782ea9dfaa24ad032b20eafbad5929f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2225
x-xss-protection: 0
google-lineitem-id: 4920373360
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138259026187
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
521c6cb4b39a01c184eae5c33b374caa.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 3C62 0
0 109ms
38ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://521c6cb4b39a01c184eae5c33b374caa.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067592
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 3C62 0
0 6ms
5ms Other
text/html 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067592
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7E46 0
0 75ms
74ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWa5iByL0oYGv-uuLB37X_vKOftEXVHS-WOzob4ub_aWz9eC_d2kS-jqvcFp7A-CAnhFJqBMnAvXE-Mzv1Pw06co84pJCDnW1OkQEqVffTpub1If42xhxR5opDHkraYyYQi-ey3w3PUrBFz0L__gbTcXebWg_C5ov-7ExAevPYsuQYkCTkZk935BDzNYQQzXdQUL1yfyluPWhu3v0iFoGJrNhUcDfgfZXu8S0wZD9dyYCTfJVOC4zex1BT_4IpQjTMYj-LG1l_NuW7_w&sig=Cg0ArKJSzC-S_QmrYG93EAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:16 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E46 74 KB
28 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

269191242ce327a0d4f592a6e93d29b6de04d495102fc73857ccb465bc965ed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601638337046233"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H/1.1 200
OK unicef_160x600.jpg
s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/ Frame 7E46 53 KB
53 KB 367ms
87ms Image
image/jpeg 52.218.61.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/unicef_160x600.jpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.61.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 81804a1b2b20350ec009ba6429a4f58124c16ca30683af0af255544cd98c8fa6

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 03 Oct 2020 08:02:18 GMT
Last-Modified: Sun, 23 Sep 2018 17:54:13 GMT
Server: AmazonS3
x-amz-request-id: 615AEA1BFA347902
ETag: "5dcf47442fc7fbb8d0263bbf4869537e"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 54292
x-amz-id-2: Eif4epTS3Uwi4vbW5s26fGDyG8nm/GkIgydHlS8a771yTlPA0BD5CsLfnxWzud8PdCcdZ+PFdYU=

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B709 72 KB
27 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cf3d8b564224817bcd1412754de14a9da75185587f47047c878fe0b0ec12b5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601638337046233"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27576
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B709 8 KB
7 KB 105ms
18ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020092201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a09d17ff37ff505e48bb60d8926bc1da0dc26a6901a8fa4563e54aecc3c912b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6340
x-xss-protection: 0

GET
H2 200 prebid4.7.0.js Show response
storage.googleapis.com/rs-static/ Frame 4959 302 KB
303 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by: Host: ads3.mthsense.com
URL: https://ads3.mthsense.com/RenderAd.aspx?id=14895&width=728&height=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 07:39:19 GMT
age: 1377
x-guploader-uploadid: ABg5-UzXOhUtZdq9BLeMWTv4QIKxNlTdN1iFP1BMt-dLPa6WEoYBieuQ9G0uM1tEBoTcc0CMVZkdWDUS-6XjtZNGz-k
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 309272
last-modified: Tue, 15 Sep 2020 19:30:03 GMT
server: UploadServer
etag: "6093877422c034fe300df8ed44d1e948"
x-goog-hash: crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation: 1600198203919898
cache-control: public, max-age=3600
x-goog-stored-content-length: 309272
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 03 Oct 2020 08:39:19 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4959 50 KB
17 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3510ca509526b21b5f61ecd5db3123d95084dd998d8f4ee0d9afca092101fa71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "651 / 153 of 1000 / last-modified: 1601676732"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17349
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 144C 0
21 B 84ms
83ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvnpqJvm3jT_U7Ehtw3wAgzBjxUtWGV0QalMckl_jd2NMy2b_QOv77hXyHnw669hOj26XtNFm7Whv_V58TLTQWV6FlEYPczp9B0zViUOMpG962oZMKvDW06VE5PTzpXGAVPsl_J5NEPl7qiEVlCASujH2GkxmTtuNzkJEaRPZ6dtmrfnGfclJ1BqLAiahnTV3e8ZMb8hw8bbII3kZAtuDCifLa2_zMZSjUEzNpeYRJI5SwpITCUnhqQgmi63HrG_2Ul-kNH-V2OpkDTw&sai=AMfl-YQcUd9GHi8GiTJEjEoailq3prpUR8yYYmDSGqMtAmxIjHWLJ_4KxtuBhopZwzQblMYqoQsEIL4WkZo6-vfTfBlxWIC1nKTz7GI76BNDfBIugP7CQ-CRRtz_tkdo1aNW&sig=Cg0ArKJSzNBnDavTwxDJEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:16 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 144C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efd999b9e3a01be8759a90662eb9cff99579780ad3ac4353521a0d9a70a99a20

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C62 0
200 B 18ms
18ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=2896613494850509&r=728x90&w=728&h=90&a=0

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0106 0
0 64ms
64ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvypRyvpVdz7-fjzQlOhmb7bMG372vVctkIUG7kkWf_Xiq8dHXfTVKtaGeYlYe22JEmjVZXHptRXBecoAVZwPV7fG1FZ5wpydS0wOzR7P7AgvoSHHHzmIGeP6f21w9FbL98eqFaC6SrCYE-ujpaRcMQt41PxIiEAJVqdkgleKGJ_NZXyksRCkj0QSY2NrJnVc16n7V9sYWeMUFDxWrEXM4g-tQvW39nKefRg3OBos2zhYjLsnw4Ady6255xt-ZCynfWuzFGSJtIcdM&sig=Cg0ArKJSzM0UxQ83HQnBEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2/fullscreen.php?hash=e774f02fcc36bb67160952feb0310c8f&toolbar=true&linenum=false

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:16 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0106 74 KB
28 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067592

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

269191242ce327a0d4f592a6e93d29b6de04d495102fc73857ccb465bc965ed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601638337046233"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H/1.1 200
OK unicef_728x90.jpg
s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/ Frame 0106 36 KB
36 KB 351ms
96ms Image
image/jpeg 52.218.61.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/unicef_728x90.jpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067592
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.61.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e8ff7f3a8926e5b5497d2ab7a1bf47c5655e287a51045f11846f426ac6c7d180

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 03 Oct 2020 08:02:18 GMT
Last-Modified: Sun, 23 Sep 2018 17:54:21 GMT
Server: AmazonS3
x-amz-request-id: 627BA77999475D49
ETag: "58fbb6ffe72ac0c1aa468de39ee18e13"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 36773
x-amz-id-2: gieso88uSkLo5VdbXNW0zL1Ic81Cs7aflgUZgTl6Vdy+YtMihYC6Yf29zTkmtBGIy8YqhaHVH8E=

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C62 72 KB
27 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067592

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cf3d8b564224817bcd1412754de14a9da75185587f47047c878fe0b0ec12b5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601638337046233"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27576
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3C62 8 KB
7 KB 72ms
18ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020092201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067592

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855a3e2f4d26c164ef78b9536d68a15815805e56e87e62b7e5259f5d21d504d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7E46 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afa7ac0bda3dc360e844d91954824adc853b2de9e5e3676704cc17866b5e1d35

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B709 17 KB
6 KB 74ms
13ms Script
text/javascript 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:16 GMT

GET
H3-Q050 200 pubads_impl_2020092201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4959 264 KB
93 KB 83ms
81ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

5e1390f7c515a04fbd18d7c3e864de65e7fc473f8a2e5134f74a79e122911dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 08:40:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94816
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:17 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/74190/0/ Frame 4959 0
269 B 693ms
86ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/74190/0/mvo?z=1r&hbv=4.7,2.1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://controlc.com
Pragma: no-cache
Date: Sat, 03 Oct 2020 08:02:17 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

GET
H2 200 arj Show response
os4m-d.openx.net/w/1.0/ Frame 4959 173 B
555 B 291ms
85ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcontrolc.com%2F819a1bd2&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=06e09527-9275-4d70-929c-fa03873ebc7d&nocache=1601712137071&aus=728x90&divIds=URL_Pasted_728x90_ATF__86&auid=540529560&aumfs=300
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.1 /
Resource Hash: 9e07c2cffb03eab25ad0d73a82fd6d0eea6d531870152014aeb6628e2ee479ae

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:17 GMT
content-encoding: gzip
server: OXGW/16.193.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://controlc.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET cygnus
htlb.casalemedia.com/ Frame 4959 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4959 0
0

POST hb
ssc.33across.com/api/v1/ Frame 4959 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4959 19 B
708 B 81ms
80ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 03 Oct 2020 08:02:17 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid: 93ccf379-0c7e-4b33-b102-eadf10b7f155
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST bid
ap.lijit.com/rtb/ Frame 4959 0
0

POST auction
x.yieldlift.com/ Frame 4959 0
0

GET
DATA 200
OK truncated
/ Frame 0106 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b64748c8e994d4f109c6f14e8428298003f1e3519119bc7e5cc797f7c2afe51a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3C62 17 KB
6 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067592

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:17 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 39B5 0
0 6ms
5ms Document
text/html 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Sat, 03 Oct 2020 07:40:33 GMT
expires: Sun, 03 Oct 2021 07:40:33 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1304
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 1363 0
0 6ms
5ms Document
text/html 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Sat, 03 Oct 2020 07:40:33 GMT
expires: Sun, 03 Oct 2021 07:40:33 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1304
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7E46 0
21 B 86ms
85ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVPBjt5GrFyM30L4eP8DtQLWpWnQP16j7fXqnjUHHmDRtmnFzoD-c6NSfXtKmEuU8fY9jv3cITP4oVYbpvdylTgn7iqEnnrq2vFLJlZagWs7pHik2PjN39_vmjzrVzROhjo5HZWsWbHwnVIHDjxk09N7V3W1GABXmrcXPfgDVga82XTtQuNWOxJNQBFMojb1dVfISMR0b6Tkmv5PdH5mgNa5IQjVut8-lMwcIdf3X8MKkurig2C3CdwN68G3NWWiGFJUVvfCgHQXfynEMf&sig=Cg0ArKJSzNV1UFWx-eBbEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:17 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0106 0
21 B 105ms
87ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufCYhsbVHkCiX9KKQWrsF0RQ7C7MUr-XIyRkV3la1SYY8ikNyIv1WW3_ueu4AkgVPLJa0k8KLNlN6amSOYbPyniv02YC6DlZkr1Z93UmF_uIj_Jg6TY7G-RL9pfuwGjya01be4hnYS2P0XIhT-g774IcMO1y9kMVCy0GGbKYq7PdSegTWIYCBdxuJiSDB49OEButmqCeq3NrdfYY0OTzWhFYIsuBSTYJ5Wr0EylKQaozt9NQQ5fy8DusNj4yiF6xLJeK1oHBUH9QU1eg&sig=Cg0ArKJSzEZnBKHDFdDjEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:17 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9002 42 B
65 B 99ms
83ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudmbSiuSuFEtUN8jp3zq-EUnr5gao19BgzSkk1b0ZUcSB7QLIWymiEJ3GRqIFZQ7F8Y_MUDW-PG4rJ4Fc27AxjsSxvZqx57nn0sFntn7Y&sig=Cg0ArKJSzFrIymmMbE2IEAE&adk=2762401180&tt=-1&bs=1600%2C1200&mtos=1102,1102,1102,1102,1102&tos=1102,0,0,0,0&p=160,1390,760,1550&postrxl=1&mcvt=1102&rs=3&ht=0&tfs=253&tls=1355&mc=1&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=147&niot_cbk=177&md=2&btr=0&cpmav=0&lm=2&rst=1601712136110&dlt&rpt=129&isd=0&msd=0&xdi=0&ps=1600%2C1110&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-10-5-9-9-0-0-0&tvt=1352&is=160%2C600&iframe_loc=https%3A%2F%2Fcontrolc.com%2F819a1bd2&r=v&id=osdim&vs=4&uc=10&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201002

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F571 42 B
93 B 18ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTP2DnTmD3Yht295dc68GwXMk5u02GPchRGJcbjd3UJK4i-RWvnTfBISJUB464J06q2iKiI8VmVxpkETWq06KrCsx9Rr1mSVBI2VtZT0s&sig=Cg0ArKJSzCGjYqdWa6FPEAE&adk=2507290776&tt=-1&bs=1600%2C1200&mtos=1087,1087,1087,1087,1087&tos=1087,0,0,0,0&p=704,50,794,778&postrxl=1&mcvt=1087&rs=3&ht=0&tfs=276&tls=1363&mc=1&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=173&niot_cbk=177&md=2&btr=0&cpmav=0&lm=2&rst=1601712136088&dlt&rpt=152&isd=0&msd=0&xdi=0&ps=1600%2C1110&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-10-3-9-9-0-0-0&tvt=1362&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2F819a1bd2&r=v&id=osdim&vs=4&uc=10&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201002

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 144C 42 B
88 B 101ms
99ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSWPfNsVS7dlHCKBm2m7QT1tgeJ2kUBNmSZ-zbnxN6Rx7QKkPjFHlTk9UYgE2AMaTdM_vvWZPHJQl70P795TbrjWsym31TtJ0So8NHW1U&sig=Cg0ArKJSzKgTCtgwjGH-EAE&adk=1406371575&tt=-1&bs=1600%2C1200&mtos=0,1094,1094,1094,1094&tos=0,1094,0,0,0&p=127,50,221,778&postrxl=1&mcvt=1094&rs=0&ht=0&tfs=207&tls=1301&mc=0.95&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=1&niot_cbk=41&md=2&btr=0&cpmav=0&lm=2&rst=1601712136101&dlt&rpt=819&isd=0&msd=0&xdi=0&ps=1600%2C1110&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-9-2-8-8-0-0-0&tvt=1301&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2F819a1bd2&r=v&id=osdim&vs=4&uc=9&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201002

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4959 109 B
126 B 106ms
98ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4959 109 B
149 B 104ms
96ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4959 56 KB
12 KB 383ms
381ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2091644278745733&correlator=702646328340934&output=ldjh&impl=fifs&eid=21067118&vrg=2020092201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201003&iu_parts=289026909%2CYieldLift%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=hb_name%3DURL_Pasted_728x90_ATF__86%26passback_pb%3D0.20%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie=ID%3D55f67571bd700b26%3AT%3D1601712136%3AS%3DALNI_MbhlMEQCJ2bYtFA2ph3uOoZ6fkKkA&cdm=controlc.com&bc=31&abxe=1&lmt=1601712138&dt=1601712138388&dlt=1601712136878&idt=306&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=50&adys=127&adks=3275641473&ucis=y8z9njry410b&ifi=1&ifk=4222758319&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F819a1bd2&top=https%3A%2F%2Fcontrolc.com%2F819a1bd2&dssz=11&icsg=554&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=212704922.1601712136&ga_sid=1601712138&ga_hid=871673503&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

02f4a257a6c6008145376e295a870a860ba62616640f054caf275a1152e52238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11958
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
253c53ec30587deb0e43e21134b40413.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4959 0
0 162ms
49ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://253c53ec30587deb0e43e21134b40413.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4959 0
0 81ms
79ms Other
text/html 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7E46 42 B
65 B 21ms
15ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2tj1dRltSByMYqZVe99PezEfCjw_GBUsaTnQZL7VDRjK0YnX2aDsnXf4JRRulWSxV-yma_HoyXkikP9AH6g28J2TxisQ4FucSnnMLESA&sig=Cg0ArKJSzIQ3JBcf8N4IEAE&adk=2407567311&tt=-1&bs=1600%2C1200&mtos=1096,1096,1096,1096,1096&tos=1096,0,0,0,0&p=0,0,600,160&postrxl=1&mcvt=1096&rs=0&ht=0&tfs=645&tls=1741&mc=1&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=459&niot_cbk=586&md=2&btr=0&cpmav=0&lm=2&rst=1601712136796&dlt&rpt=793&isd=0&msd&xdi=0&ps=1600%2C1110&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-9-3-8-8-0-0-0&tvt=1741&is=160%2C600&iframe_loc=https%3A%2F%2Fcontrolc.com%2F819a1bd2&r=v&id=osdim&vs=4&uc=9&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201002

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0106 42 B
65 B 154ms
72ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzm0-1LYRGac5rRSxyQvoBL-3O3KTJvvRIbxkSVIveAFbmQiUs8PrWsSQP9aQSumcASllNwQjy_SEYlyXiFTpL7pFMhT50gtQyyI9m5bs&sig=Cg0ArKJSzK6rQD_MKl4PEAE&adk=1088513110&tt=-1&bs=1600%2C1200&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&p=0,0,90,728&postrxl=1&mcvt=1020&rs=0&ht=0&tfs=603&tls=1623&mc=1&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=425&niot_cbk=512&md=2&btr=0&cpmav=0&lm=2&rst=1601712136913&dlt&rpt=862&isd=0&msd&xdi=0&ps=1600%2C1110&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-9-3-8-8-0-0-0&tvt=1622&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2F819a1bd2&r=v&id=osdim&vs=4&uc=9&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201002

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012009190410000/ Frame DA7B 206 KB
57 KB 166ms
61ms Script
text/javascript 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8887246fdae6a5bde33313c306ca108fbb99f4bd5fc82eab0d675a4162105b4f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 91933
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57293
x-xss-protection: 0
server: sffe
date: Fri, 02 Oct 2020 06:30:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40f11599aebc3d57"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Oct 2021 06:30:05 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame DA7B 16 KB
6 KB 191ms
87ms Script
text/javascript 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d66a122d9849ec2d6665a9b55df6ac3fef29e50b712588ab729aaab7b6e949a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 91934
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
server: sffe
date: Fri, 02 Oct 2020 06:30:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a50d2865a1d0cb41"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Oct 2021 06:30:05 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame DA7B 95 KB
29 KB 178ms
75ms Script
text/javascript 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e922793ef5dbb2417f3143a2e24b33be1fd6b3ba412df3a31e0173ca46f021c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 91934
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29338
x-xss-protection: 0
server: sffe
date: Fri, 02 Oct 2020 06:30:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a163175640c67d70"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Oct 2021 06:30:05 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame DA7B 4 KB
2 KB 176ms
74ms Script
text/javascript 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be33982ff67c790e285661853e12db59cb0cc76f417f924715f366ee1e269881

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 91971
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1802
x-xss-protection: 0
server: sffe
date: Fri, 02 Oct 2020 06:29:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "beb17f489aa4c72c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Oct 2021 06:29:28 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame DA7B 47 KB
14 KB 173ms
72ms Script
text/javascript 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ad474fa92add6794702b5c0858699fcd140b0e4f25439c8292ec815818fd1cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 91969
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14594
x-xss-protection: 0
server: sffe
date: Fri, 02 Oct 2020 06:29:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "17bfff787eec95f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Oct 2021 06:29:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DA7B 4 KB
721 B 22ms
18ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 03 Oct 2020 06:24:23 GMT
server: ESF
date: Sat, 03 Oct 2020 08:02:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Oct 2020 08:02:18 GMT

GET
DATA 200
OK truncated
/ Frame DA7B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2a6b52a84a2970055747c5de408c6a4717946d1c4619e59740fc8189d6f3f96

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA7B 2 KB
3 KB 27ms
6ms Image
image/png 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 02:39:23 GMT
x-content-type-options: nosniff
server: cafe
age: 19375
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Sun, 04 Oct 2020 02:39:23 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA7B 295 B
388 B 91ms
70ms Image
image/png 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 38120
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 03 Oct 2020 21:26:58 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame DA7B 0
0 127ms
15ms Image
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpRqhwe3pMbTPGpaKGmpKwucjMbVfiPgMhrXWU_HZYIWG3Esf6ncmsS0itlUYjcFiwQJXm
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DA7B 0
0 100ms
80ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0zs5CjB4X7O_G-GxlQfrwoioD7X-7a1f--uSnL0K2tkeEAEgheG8SmDp5MmF2BqgAYPbtoMDyAEB4AIAqAMByAMKqgTUAU_Q6DxvJpHDLKadtxW2iqllau4DiEZ4adApkuxeOvAYL17hNIwbk10Ojt0RbsbHmS-RAkNQFyfobCsRwIpDKk0EgcW7pf36VIy5dD191OnLisCD97LC23kzQvwwrjtZXDG-HP7zN0Oaou0ATCyR2ngmK9lvI4GUtuQDHGJRjpgZ1nB5e3LQK9oPuwXRdm3Rq67CbZ9ukFu5h2QuoXsQ1o877BMXpLcPJu9ch1Ki-TUCOytFL4zgcsyvEKOG5B-nGlnfyaNp8PXihOYECARgjhhp6BIFwAS4joz9uwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHlanVL6gHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCjjwjSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTQzNDQ4MzIzMzMyOTk3OTaACgPICwGyDBRwdWItNzE2NTE2MDQ1ODk2MjYxMdgTDYgUCQ&sigh=Z6MNnHYMZLQ&tpd=AGWhJmtnaWLetC1uaacOGh3mueKd5H1R-WxxdEeXhhEBdrRIzA
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4959 8 KB
6 KB 95ms
79ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020092201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ca4af60939d4e4dec5078c215e678b6f8f914148750f74f676c879d5034de36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 08:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame DA7B 14 KB
15 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v16/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://controlc.com
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 11:04:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:18 GMT
server: sffe
age: 421085
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Tue, 28 Sep 2021 11:04:14 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame DA7B 14 KB
14 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v16/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://controlc.com
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 11:04:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:26 GMT
server: sffe
age: 421076
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Tue, 28 Sep 2021 11:04:23 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B709 0
45 B 293ms
95ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020092201&jk=1135635453791587&bg=!Z2SlZHxYtHvVz4UAdbMCAAAExVIAAACICgC4zzojVf6F9nVV2nOlnHo9PxJwt7160JIVhWSKC-Q3oD7tNybVKkvkDU2L8p-TzlHawsZR324Kmrze3RLtfhFpM0dXvYFFDXYiBCxGKNp7WlnMaOmJMzuZkZ056kP03TYAOjQqMrBFT3bJOkmqGUWTNioCoy6o8wUilv4Igr_5NGawAWwrfQVYkpPs-HuRYtF_3iGSBCiLhgxg_LBVAAYXlpPlztlI99AcOtcPDJAI_meHsgIlF1xprpkBwdpBGMrwys3AYcKH4qzdFrH4YZc2YEm-bgWGbj4KU3OLBJ0yXZJexFB0jeo8F71D5Y2WsWkJR_WpQ4eUp8W6_srHjsMv1sygbpegTBX3u8FtZyH3NfMSh-i2y2KJ8t-JLOrZl-6WxjIYRj9kG1Ems-PZ6K2b863B_9QWjlKgIuPPFnMVXS_SEJA2YDOO7KA6jptAdcB0keLn_PmijG0VxUfliWTFHEjqZh5Kqcpx5qBUvNRhGh2OUDXthNmJ31ff-J1Kkmqu2usHGckyS5z1yOtJuh4wdiVRxPjCzAwisaVQBl8FJIYS952YoYKiwARAiDOs8VAwrAxNp-LAgH9eOupLecfu3-9I6nLgWuW95tF_rzfpSUJRQJuRZ660XtB-DMLKDpBigX8kW0MiptsxwzMZ2HFMS8ZwmlqArr3TTfgsyNxucoW-kYyCHJiU7Ug7EGjvsmsmCutZy22368C-lgL-bvqduwx8JR57VVxQfr34ip6z9A2f3DGM6erEWsFiYN0cEcCzWxwgJ8V5uAkqdVhUkNadweXJO2l3oTTfrmRSBpyx-fE_8riCovM4yBXm7PiUWgupl4rnXfErYlmKfzuR

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4959 17 KB
6 KB 195ms
92ms Script
text/javascript 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 03 Oct 2020 08:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Sat, 03 Oct 2020 08:02:19 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C62 0
22 B 197ms
95ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020092201&jk=2896613494850509&bg=!wMOlw9tYqdKlnkBlySACAAAFGFIAAABVCgE4ONnDEwghRVkSRxQ7GajKAl7ztfh52E-3y6tZeKu56yKOjxOdtSwiSq5qsxVBqLWG2RBOBn13PvY2dnGiAHcXMQ2cxnrfGa3L0dii8h2AkJbb7Fg79lg8GioQcWyok4Slhugq2fXn3NBFc-HCyyNZa91xbi5bg1omy9OgP8IxnGSMKifaKoI54jOd2ZiE1W98reIeq4ar8TgzamhBzOTlQw7oc4V5uAm9mCn25Rwl8VYx90WZjbJXSe1Lvrxxn2rcW8N5_jyFG-SmIM51darqgnsK8FetDSsBlT1NdO4KciazeqFSoFwyi0mo1Ap5TlLWdgOmRfqyhfiWsRoHVtngHxsch0pqVRE3-c3WVrL9msOi3miUxFAzQR7sszGv3_TddOiuCH1ugQW1xrgDdt5kphGGQRkQzXD2mQHBW1-XL4WjoJNiq-vtnVWwrC4j9ffnpl2znSdlbxpEABYbofEQGx7jPuYgh_IohcTw_dKSuvN9qjrFU5oqGRCDvcAOOG9ldGXxi-r3fEYu8bozdeJitzefMA3tGaf7QQysYMbJKX7ugQqgKyc21Md-sHDn12jWKIytEUeooI53QRcAAiU4Nt29GJ5bu4mchmd29WYzHyE1mxwxSg7WcpidjSQKGxX0qC1CuC0rNWEQj-RVkeJY_-m3pyRjRpwJysTE5Io3vCyvtIQ-rIc5d2hR88fdat0kvdGyhF9Zjp7cmkwmW6s0fc1aPfzNd25Pj88evKkKAwDOIYMFznSN8kcZxX62kRMzpcbximhDuXIw_N7b4CYxiZ7qplClJmljokSfzmulLqtXObjrL6iHzJeTCy2ahBaRA87ZMgn8uqx9J_MRcwQlQ0AZi7R7gI31wd0WbXUGDHjUVLG6laATy_rdaXwTXbC_BY7tZUtdQbVPamC-n_rIra9D8ft8rZehgvnN0yuc1qPcT2Y9WkmG-xtXPVv9FgqpykHz-u83TXQFScJudrSKV3qdU3QzGVQbj5tSZYQ7zzcp5fpA_s_VFEibQ_Q

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DA7B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

82ms
82ms

Image
text/html

2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sat, 03 Oct 2020 08:02:20 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 9481 0
0 6ms
5ms Document
text/html 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/819a1bd2
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/819a1bd2

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Sat, 03 Oct 2020 07:40:33 GMT
expires: Sun, 03 Oct 2021 07:40:33 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1307
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA7B 2 KB
2 KB 11ms
7ms Image
image/png 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 03 Oct 2020 02:39:23 GMT
x-content-type-options: nosniff
server: cafe
age: 19377
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Sun, 04 Oct 2020 02:39:23 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA7B 295 B
324 B 13ms
7ms Image
image/png 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 38122
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 03 Oct 2020 21:26:58 GMT

POST
H2 200 view.php Show response
controlc.com/api/tinypaste/ 2 B
232 B 91ms
90ms XHR
text/html 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/api/tinypaste/view.php
Requested by: Host: controlc.com
URL: https://controlc.com/public/js/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873

Request headers

Accept: */*
Referer: https://controlc.com/819a1bd2
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 03 Oct 2020 08:02:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.5.38
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601712141"}],"group":"cf-nel","max_age":604800}
content-type: text/html
status: 200
cf-ray: 5dc523f1ad6a05dc-FRA
cf-request-id: 058f14cb0d000005dc9d32c200000001

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4959 0
45 B 17ms
16ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020092201&jk=2091644278745733&bg=!FhWlFQ1YIyDNys7iFq0CAAABtFIAAAANCgFpNVlw9lL9QibtlXHn-f2gxjo_shn3tgUh43aYcNfAk-8mCdPrxjrWx7376RZkATyUeHE9bEZjGzDv-W1DnWNmPjZD3eRE3W1DDGqfIaap7-aLafgPwvn5cKgCQBSb0_H-YbqORbTCBqmTXmh_V1s3x0kgCdKU426Sxwdtoq7chy4ULmtL40TrzUseHoGBDRCPyWj4wZ1hIj6jgBzIlbHHrkBC1autKhUJJMa2DvYXw3NLrt7TbXLpPKxe-2_qoWMpDVBNaCtzwhbboP6VdneGZ9wGhn4MzHVMYw5SMm5FsnQ5TUZE6O4ZjJdTvOUu6lNTTtyS7sr9-GypPIFqNjUfrqfcZhz9s0Qspc7GcecbeZHaT0c_UTETJjcDqBulpxotFJKcfVDM4W7B4puYbSOV3jblcAySATgGLEF6V3HHIa-ZNhDWWmM2IzTGj3pIDWQZVAAKe3O9338bM2tTH6ZiRSun9QcutmnpVZkBwSYzhG6IH0ugIlcyLhYLBtmsLMifoVrr85COycdoAfOOrKW1ntyG0NqaNF1hWeaKyS6GsOxc08s_ACXASC39CKEVnrcoA-GWeEsbMtGfoLKHu2e81RpOEfRfe52QspWWIFWtBmPrUQyL6EhHgJr34AALmrnXoHTQKE_jDBHlqAHevcWq0ph5yAbAn0S2uDUtEKBV4BB72--J3iriXnmkE5kHc83-27KC6E-Nh2R4Yohayzn8acbbYFuuMwBN4uV4Kvlq4D1qxTlRG6hBwHMT4x6U7MxEZ1E9JW5YboM-COXRzdPQUu2WS3oJjaLRkCOcOWGS9roeglSuKUutR_mGJdrDcQCsOjEwivqdDzRVJuf433gmwm3aADZnvdqaoRQl4Dvehiv0sHwDVQsQjKZ1f6lw4hhb8AFj4wh0UTLOFsYbtjY4LWzh3jjFAZJtzGtHjpxEoHRXRXS_VvSlGTKDbViSwAakTDSU7v7cmSWigdBssZYWZOaFN3RoLzZZjZpX-OHJqE2hHkesM0aMiWTs_FmjwFIL9Wdn6jIdw5F7qtPcwfFvbnOd3lavdIoZPAxIdoLwwuU9_bYUi66FcJnbqFxO

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DA7B 42 B
65 B 20ms
19ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqQx0vCS_WXu1LZsOMs3byByBGc00GZljvi-hJa-NTmgdxtnufKRPWLwDa_RWP4KaURjJfWghTEoIO5goP8dMAwKXytngDl6LD_KGhXjHquI_HfWg359h9dvOTjPAnwhSENAb2zXsi2PeJmMq20Ij_&sai=AMfl-YRNJe9YmuKL9amP9Z52hyu5ryfd8I_Uz5FQXHasYu1huc-iLiOrvK_OWpqp6_V9Mggqw48WoC1JdCX4s9jAHv2zRH7utd-Y2P9DRYj4NLdtWU9jujQGg7TpSPc&sig=Cg0ArKJSzCfoMtW2SuhbEAE&cid=CAASPeRou9iL4wpkqwcw-AdDPPSfUlDLgcNKNyB756LBNLy8sTRfGoCKSNuKoOHNuMwAgcOKrngtn1ll7dIQIxA&id=ampim&o=50,127&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=589&tls=1589&g=100&h=100&tt=1589&r=v&avms=ampa&adk=3275641473

Requested by

Host: controlc.com
URL: https://controlc.com/819a1bd2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4959
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECTS90GMJyBYBjnFMSKiucI&google_cver=1

43 B
114 B

108ms
97ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECTS90GMJyBYBjnFMSKiucI&google_cver=1
Requested by: Host: controlc.com
URL: https://controlc.com/819a1bd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://controlc.com/819a1bd2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:23 GMT
via: 1.1 google
server: OXGW/16.193.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Oct 2020 08:02:23 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECTS90GMJyBYBjnFMSKiucI&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: htlb.casalemedia.com
URL: https://htlb.casalemedia.com/cygnus?s=303653&v=7.2&r=%7B%22id%22%3A%2255e4da3046780c%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22644f0e384e7d3c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22303653%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcontrolc.com%2F819a1bd2%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=62568&zone_id=710558&size_id=2&rf=https%3A%2F%2Fcontrolc.com%2F819a1bd2&tk_flint=pbjs_lite_v4.7.0&x_source.tid=06e09527-9275-4d70-929c-fa03873ebc7d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2879947058716128

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb?guid=bFNDkc19ir6ikyaKkGJozW

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.7.0

Domain: x.yieldlift.com
URL: https://x.yieldlift.com/auction

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/doubleclick-gpt/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	log	URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=5573231601712136109(Line 30) Message: %c [object HTMLImageElement]
console-api	log	URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=8748461601712136086(Line 30) Message: %c [object HTMLImageElement]
console-api	warning	(Line 1) Message: NO prebid responses1
console-api	info	URL: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2009190410000 https://controlc.com/819a1bd2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

253c53ec30587deb0e43e21134b40413.safeframe.googlesyndication.com
521c6cb4b39a01c184eae5c33b374caa.safeframe.googlesyndication.com
ads3.mthsense.com
adservice.google.com
adservice.google.de
adservice.google.pl
ap.lijit.com
b1f637ea4bd4cbdd82ebac978ebca6f9.safeframe.googlesyndication.com
c0a0913d7ca1d75e3de915c4c1606e9a.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.fancybar.net
cm.g.doubleclick.net
controlc.com
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
htlb.casalemedia.com
ib.adnxs.com
os4m-d.openx.net
pagead2.googlesyndication.com
s3-eu-west-1.amazonaws.com
securepubads.g.doubleclick.net
ssc.33across.com
stats.g.doubleclick.net
storage.googleapis.com
tag.1rx.io
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.yieldlift.com
yadloop.com
ap.lijit.com
fastlane.rubiconproject.com
htlb.casalemedia.com
ssc.33across.com
x.yieldlift.com
143.204.94.35
172.217.16.194
185.33.221.91
213.19.147.210
23.111.10.144
2606:4700:3035::681c:17af
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2010
2a00:1450:4001:815::2003
2a00:1450:4001:818::2001
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::2001
2a00:1450:4001:81f::200e
2a00:1450:4001:821::2002
2a00:1450:4001:824::2001
2a00:1450:4001:825::2001
2a00:1450:4001:825::200a
2a00:1450:400c:c04::9b
35.244.159.8
40.84.148.247
52.218.61.99
00426e13669f7a3de4f60ca5753cf6c782ea9dfaa24ad032b20eafbad5929f80
023de4efb18edc28e481886960f85313c1ed1f07caf219a3ee8004e340c91da4
02f4a257a6c6008145376e295a870a860ba62616640f054caf275a1152e52238
02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2
16c9cad97b9e133e3c218464b50468087876bdb944ced2e28ea49d6ed316cf8e
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
249a47240c54580905210bdba65667fee54315dc6ed4c35c080569b2526ac056
269191242ce327a0d4f592a6e93d29b6de04d495102fc73857ccb465bc965ed7
2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6
3510ca509526b21b5f61ecd5db3123d95084dd998d8f4ee0d9afca092101fa71
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573
439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986
467b1db9776e63a47ad4b041976647f292a3ce02da70383613325e4dea1ef734
4a09d17ff37ff505e48bb60d8926bc1da0dc26a6901a8fa4563e54aecc3c912b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5080d82d1bf0564f3b06be57f5ee6050c6769de5fb3e69c1fe2b569fc9b947c2
593057c59c9b6f5197c9c0abbfe82ea779c97f2db3511d57ae19b7fe686d6ba0
5a9023d13f0cfe2f947479d63a614c0f1b9d8bff9a206a0216ec3273f94680b4
5c1a881a5a0e5682d5bb7468d4db9ab27bff03c75d815389a4a5f8c642cf390a
5ca4af60939d4e4dec5078c215e678b6f8f914148750f74f676c879d5034de36
5ceba5a73aed243bf677df25fc8baef6b16ecc87727f168aaff642b016bd9295
5e1390f7c515a04fbd18d7c3e864de65e7fc473f8a2e5134f74a79e122911dd7
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6b80bf8b9b3f8d1a821b323cc19d249f429c3f46af4317a8e61507bc161ef22d
6cf3d8b564224817bcd1412754de14a9da75185587f47047c878fe0b0ec12b5e
6e922793ef5dbb2417f3143a2e24b33be1fd6b3ba412df3a31e0173ca46f021c
72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9
75da1804ac6fe18d163dce4d780f1b5c93a0174b35460beeaf4aa16d62c3d61b
770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718
7ad474fa92add6794702b5c0858699fcd140b0e4f25439c8292ec815818fd1cb
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81804a1b2b20350ec009ba6429a4f58124c16ca30683af0af255544cd98c8fa6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855a3e2f4d26c164ef78b9536d68a15815805e56e87e62b7e5259f5d21d504d2
86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced
8887246fdae6a5bde33313c306ca108fbb99f4bd5fc82eab0d675a4162105b4f
9d66a122d9849ec2d6665a9b55df6ac3fef29e50b712588ab729aaab7b6e949a
9e07c2cffb03eab25ad0d73a82fd6d0eea6d531870152014aeb6628e2ee479ae
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
afa7ac0bda3dc360e844d91954824adc853b2de9e5e3676704cc17866b5e1d35
b64748c8e994d4f109c6f14e8428298003f1e3519119bc7e5cc797f7c2afe51a
bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2
be2ae35b6e5252293439ab3e9dfb76e6bb1bb3bae50cabbdde30db734bf2225e
be33982ff67c790e285661853e12db59cb0cc76f417f924715f366ee1e269881
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
cb65bb2668b1dca4ae5cefab77b317f9dbd747be01209d12ad8602857432f507
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
d3271da198476fff8ec766602e7de156bf0a68fd9b6b8c6bdcb6adeb8669c6da
d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd
de89b06cd79307155ff4614c60f75559356ad48ef7b66e8a72dce8c49272fb1c
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e309964826f179ea8cd93d24e345eacd0434e6f5a906f4dd47df9ea6cce8a3a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ff7f3a8926e5b5497d2ab7a1bf47c5655e287a51045f11846f426ac6c7d180
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd999b9e3a01be8759a90662eb9cff99579780ad3ac4353521a0d9a70a99a20
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f2a6b52a84a2970055747c5de408c6a4717946d1c4619e59740fc8189d6f3f96
f3117876f0ed9d2ba6b2dbdc3d77dbd5c7a19804233ab61da8a2ab0d19bff04a
f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b
f5a1212852709b2be58bf29e94fb8b53575c6596d744b192d2979474b062c4b3
fb1720927d146fe5dc6901717017a7b373a4a55acbb15ed36677cfa5d2abcb08

controlc.com Open in urlscan Pro 2606:4700:3035::681c:17af Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

150 Requests

96 %HTTPS

64 %IPv6

23 Domains

36 Subdomains

23 IPs

6 Countries

1617 kBTransfer

3710 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

controlc.com Open in urlscan Pro
2606:4700:3035::681c:17af Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

96 %
HTTPS

64 %
IPv6

23
Domains

36
Subdomains

23
IPs

6
Countries

1617 kB
Transfer

3710 kB
Size

0
Cookies

150 HTTP transactions
6 data transactions