controlc.com Open in urlscan Pro
2606:4700:3035::681c:17af Public Scan

Go To Rescan
Add Verdict Report

URL:
https://controlc.com/5a41661d
Submission: On September 28 via manual (September 28th 2020, 1:17:38 pm UTC) from US

Summary HTTP 159 Redirects Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 26 domains to perform 159 HTTP transactions. The main IP is 2606:4700:3035::681c:17af, located in United States and belongs to CLOUDFLARENET, US. The main domain is controlc.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2020. Valid for: a year.

This is the only time controlc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:303... 2606:4700:3035::681c:17af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1	23.111.10.144 23.111.10.144	33438 (HIGHWINDS2) (HIGHWINDS2)
21	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
2 24	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
28	99.86.243.96 99.86.243.96	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	40.84.148.247 40.84.148.247	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2010	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
4	107.23.152.53 107.23.152.53	14618 (AMAZON-AES) (AMAZON-AES)
1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	104.111.215.135 104.111.215.135	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	67.202.110.22 67.202.110.22	32748 (STEADFAST) (STEADFAST)
3 4	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
1	213.19.147.210 213.19.147.210	3356 (LEVEL3) (LEVEL3)
10	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	172.217.166.163 172.217.166.163	15169 (GOOGLE) (GOOGLE)
2 2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	67.202.110.34 67.202.110.34	32748 (STEADFAST) (STEADFAST)
1	67.202.110.32 67.202.110.32	32748 (STEADFAST) (STEADFAST)
1 1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	213.19.147.150 213.19.147.150	26120 (RHYTHMONE) (RHYTHMONE)
3 3	52.57.230.211 52.57.230.211	16509 (AMAZON-02) (AMAZON-02)
1 1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
159	31

19 2606:4700:3035::681c:17af (United States)

ASN13335 (CLOUDFLARENET, US)

controlc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.144 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.fancybar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1cfb6d881725ad24e3648d82acdd2c76.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
33255511179a03a22da4a64a7f83f347.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ca4c205ab9f972c282d7a75f3901a63f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 99.86.243.96 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-96.vie50.r.cloudfront.net

yadloop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.84.148.247 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ads3.mthsense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.23.152.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-152-53.compute-1.amazonaws.com

x.yieldlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

os4m-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.22 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-110.static.steadfastdns.net

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.15 (Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.210 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7ce27fbc994c849a85d24bb1d202ebbb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.166.163 (United States)

ASN15169 (GOOGLE, US)
PTR: bom07s20-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.34 (Chicago, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-110.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.32 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-110.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.150 (United Kingdom) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.230.211 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-230-211.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com 1cfb6d881725ad24e3648d82acdd2c76.safeframe.googlesyndication.com tpc.googlesyndication.com 33255511179a03a22da4a64a7f83f347.safeframe.googlesyndication.com ca4c205ab9f972c282d7a75f3901a63f.safeframe.googlesyndication.com pagead2.googlesyndication.com 7ce27fbc994c849a85d24bb1d202ebbb.safeframe.googlesyndication.com	72 KB
28	yadloop.com yadloop.com	38 KB
27	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	447 KB
19	controlc.com controlc.com	188 KB
10	ampproject.org cdn.ampproject.org	197 KB
9	google.com 2 redirects adservice.google.com www.google.com	2 KB
7	googletagservices.com www.googletagservices.com	174 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	openx.net 2 redirects os4m-d.openx.net eu-u.openx.net us-u.openx.net	1 KB
4	yieldlift.com x.yieldlift.com	3 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	gstatic.com fonts.gstatic.com csi.gstatic.com	22 KB
3	1rx.io 1 redirects tag.1rx.io sync.1rx.io	1 KB
3	google.de adservice.google.de www.google.de	1 KB
2	tynt.com 1 redirects ic.tynt.com de.tynt.com	654 B
2	emxdgt.com 2 redirects cs.emxdgt.com	510 B
2	google.ch adservice.google.ch	2 KB
2	googleapis.com storage.googleapis.com fonts.googleapis.com	304 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	sonobi.com 1 redirects sync.go.sonobi.com	747 B
1	33across.com ssc.33across.com	342 B
1	rubiconproject.com fastlane.rubiconproject.com	1 KB
1	casalemedia.com htlb.casalemedia.com	566 B
1	lijit.com ap.lijit.com	629 B
1	mthsense.com ads3.mthsense.com	3 KB
1	fancybar.net cdn.fancybar.net	8 KB
159	26

	Domain	Requested by
28	yadloop.com	controlc.com yadloop.com
21	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net controlc.com yadloop.com
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net controlc.com tpc.googlesyndication.com cdn.ampproject.org
19	controlc.com	controlc.com
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net controlc.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
7	www.googletagservices.com	controlc.com securepubads.g.doubleclick.net
5	www.google.com	2 redirects controlc.com
4	ib.adnxs.com	3 redirects storage.googleapis.com
4	x.yieldlift.com	storage.googleapis.com controlc.com
4	adservice.google.com	securepubads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	cm.g.doubleclick.net	3 redirects
2	sync.1rx.io	1 redirects controlc.com
2	eu-u.openx.net	2 redirects
2	cs.emxdgt.com	2 redirects
2	7ce27fbc994c849a85d24bb1d202ebbb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	controlc.com
2	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.ch	securepubads.g.doubleclick.net
2	www.google-analytics.com	controlc.com www.google-analytics.com
2	adservice.google.de	securepubads.g.doubleclick.net
1	sync.go.sonobi.com	1 redirects
1	de.tynt.com	controlc.com
1	ic.tynt.com	1 redirects
1	us-u.openx.net	controlc.com
1	csi.gstatic.com	cdn.ampproject.org
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	tag.1rx.io	storage.googleapis.com
1	ssc.33across.com	storage.googleapis.com
1	os4m-d.openx.net	storage.googleapis.com
1	fastlane.rubiconproject.com	storage.googleapis.com
1	htlb.casalemedia.com	storage.googleapis.com
1	ap.lijit.com	storage.googleapis.com
1	ca4c205ab9f972c282d7a75f3901a63f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	33255511179a03a22da4a64a7f83f347.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	storage.googleapis.com	ads3.mthsense.com
1	www.google.de	controlc.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ads3.mthsense.com	securepubads.g.doubleclick.net
1	1cfb6d881725ad24e3648d82acdd2c76.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.fancybar.net	controlc.com
159	42

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-13` - `2021-08-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.fancybar.net COMODO RSA Domain Validation Secure Server CA	`2018-09-10` - `2020-09-09`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
yadloop.com Amazon	`2020-09-24` - `2021-10-26`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
ads3.mthsense.com Go Daddy Secure Certificate Authority - G2	`2019-09-03` - `2020-11-01`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.yieldlift.com Amazon	`2020-02-16` - `2021-03-16`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://controlc.com/5a41661d
Frame ID: AEC5E894A017061DC029CAD5C3028E29
Requests: 31 HTTP requests in this frame

Frame: https://controlc.com/5a41661d/fullscreen.php?hash=5a91824784f925bdcd90805224cdb786&linenum=false
Frame ID: 4A2D8E2E4DB9F90EC6DADB6EED921907
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXG4EM0e0f2lUwXbg8oLjeZf0gRelhMEr_7BZfnvwLXf3AZd0y3YceX9GULFEd7TL2EHm4yg3y6hMXsCHxMoEZFj4QmHuiBt4nR8nq9F__hOkiAP5FNd629zhNZIgwjYCGZyZnSa2F_njuRQh8FzMMaj1v6eSQAKKV6-SCPLDuklFGqrAYzMXbq9n9LrdXdFHg8Byg9qkvPq9mN3vdcYFQfUi1_oVIajzGm3sv7S-HtWqAaoFgY9m0Epfielr9uBrahGaZviotZ7vLJPr0jpG0u_pSBw28EA&sai=AMfl-YSiYMpwho-dY-3cy1Xlc-U4pY9HwM5GrvajZWI_G62xbyIFwDNTGD7T-7wbsyCdYqNroFPlQq5hYsB6MmXU9hlKpnEzk5R6a4fbYNYM_i-emhT3LjjMnn2gLPbP2tM&sig=Cg0ArKJSzD6zNV_vU_0lEAE&urlfix=1&adurl=
Frame ID: D47061C2E53D380C35EB5B5B75AA6708
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW2orgQw5WW1oEAyxbptgcUrh4BGrJlSLjpaJKFFjkO9Mst56nCr5FUGgvUFrlgNXy2H75beyLB-GEotLG4Tyx8GutPFLRvtKiYWgWudRGKNJIiFaLjWUYlhEuxtRWMBNg_eMdBYYgWZbLEwEHwYU1ASiQgSVwWQgJZUtDYoPb0xUbXx-lXpt32M-J_HbwsMeHFfpHpq12yK8Pw1wx95FXnPg34TUVThxBFhrF6_E9UxAY0nSNWDWLOdKX7elMXF3tEwgOccmUJUsOPWuu0zwUgf4&sig=Cg0ArKJSzFemUZoWIiu9EAE&urlfix=1&adurl=
Frame ID: BA6D7479C4C50D57FC7E16C5E394AB19
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBxa9gNLLMG2mwGdqk4uyN2iaGY4022h6U4C0CNLA3lOGNg_CjFZIr2RmhoKGseNwFvf4TnK1yabfjuSN0H5yVNJt3VbuKgeenmEWYDwx6j5FfMUCt3Dl1HeO-slpRjGWTvWyE2OZoF_A7zQjxQbrO18JuiytA4_JP9xARS1-qe6BSNUn-jV6F8nb6pWGJnwojHtS5fAbTLqpPHgEa9m5JB23bDwz86oJ4ygqBE1O0uVPTv6hS6n-NlzkCS__2q5TUxPQEiBTBZlNt&sig=Cg0ArKJSzHk-IGwbwL6NEAE&urlfix=1&adurl=
Frame ID: 68480357FCACB306EAD404701029C97C
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 7C4381D1E9862756ADA8887BF33A9BEF
Requests: 10 HTTP requests in this frame

Frame: https://yadloop.com/usersync?i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f9&cb=9932781601299020644
Frame ID: 601A08C4B4B7FA3933DC105DBA669EE6
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stat?i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f1&cb=4707021601299020651
Frame ID: BA200F801589FEA046CAE6193DDE8CEB
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usync?i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb37&cb=3998081601299020656
Frame ID: B632916F932D5E4629E0DA10198FBD6F
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/async_usersync?i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a5&cb=3003291601299020658
Frame ID: 6B8E840F01C44A9FA555127B04EA2C18
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba023&cb=7282541601299020660
Frame ID: 85AAAF90D7F8E52E143BD5678505AF2C
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stats?i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475211&cb=8277011601299020670
Frame ID: 83EA71DA245BB48985014DA25646EFA4
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stat?i=uml4x413apkiqmcvre&a=ff33ef70b2e2b9a48741989d191427917&cb=9145771601299020672
Frame ID: 42052BFAE3ADA0E294C94B4655765181
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=85b4506f143331b6cfb4268b28c6782c1&cb=9785791601299020678
Frame ID: 75F55F329B37900D9B68C43CBAB2C331
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usersync?i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab303&cb=2859251601299020688
Frame ID: 94DF908EA8C19EC474570B6017C31784
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usync?i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe483&cb=0143161601299020690
Frame ID: A126385996D867780269E24569BE64BE
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/send?i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a99&cb=7618381601299020692
Frame ID: 1A6AC62B9E1907AE2F28DC1D8BAD6508
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usersync?i=uml4x413apkiqmcvre&a=9792f07ae0a3c3452c98dee5591d78631&cb=3919741601299020693
Frame ID: 09242DA48287EB37FDFF179C97F07D3C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 927D1B6271352E8246E1297C96D34070
Requests: 10 HTTP requests in this frame

Frame: https://yadloop.com/stat?i=qwpqn1ipjtdny52xwe&a=4c573560928388de17c545349516a3951&cb=9688031601299020772
Frame ID: 356BF1CE5BE78E8C88D91FA28D9D842C
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/syncro?i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d83&cb=2940181601299020788
Frame ID: 593DAEA5C76AF89E44F41D2530C34D42
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stats?i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc9&cb=1132091601299020791
Frame ID: 75A241A92181F3E27738EFDD015A4056
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=882897f02d8d04f5e2ca7fe9428c3a165&cb=1184581601299020795
Frame ID: 785D7B8BF43C55CB7014973B2E0E8FBA
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a33&cb=7925271601299020805
Frame ID: 02BCAAAF2D69F5E76F6929F73C33774C
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/sync?i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e75&cb=3696631601299020817
Frame ID: 383586296973CF77A006B7F89FD19F32
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stats?i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260885&cb=0599961601299020830
Frame ID: 8F9BEA3A7F4142144FC83C6FA8F2CF68
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=09d0930f2b4393c086049204715f636f3&cb=8254611601299020842
Frame ID: F9E8A3D075532DBAC7155B7149B7F80B
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/sync?i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1757&cb=2962491601299020845
Frame ID: 9C78F86D174960BDC4CF9A092224729C
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/count?i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e709&cb=9359901601299020847
Frame ID: 2BE7EFE82789357A3F63E27E417CF1E4
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d39&cb=5499551601299020851
Frame ID: 81D6CD8ECAF9674C33AD6BCA08EE6ED9
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usync?i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b7&cb=1894191601299020856
Frame ID: 04857DC9D316B50F190E4320CED5A1BB
Requests: 1 HTTP requests in this frame

Frame: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: E4DB24721478D18A16F6671935590BED
Requests: 27 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.mjs
Frame ID: 77306538D291A594F422BF6B42FDDB02
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.mjs
Frame ID: E1AE733EAC832411930ADFE5A2EC3C09
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html
Frame ID: E5467E55FC9B9A962F443176C0582C34
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html
Frame ID: 85E2AD6D7B1BC4A4201D0356BF6C3E3A
Requests: 1 HTTP requests in this frame

Frame: https://7ce27fbc994c849a85d24bb1d202ebbb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Frame ID: 3C20B17AC6DCA2E15A3B4D689D085887
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html
Frame ID: 04E149A9D6E226D84BE29EB803781F38
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

159
Requests

99 %
HTTPS

43 %
IPv6

26
Domains

42
Subdomains

31
IPs

5
Countries

1483 kB
Transfer

3498 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 139

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 154

https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24EMXUID HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=2826474444528641632&redirect=https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$EMXUID HTTP 302
https://x.yieldlift.com/setuid?bidder=emx_digital&uid=2826474444528641632brt153471601299025763263f1

Request Chain 155

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKT5Xgh9aiNbZz9gZseI9Po&google_cver=1

Request Chain 156

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dttx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X HTTP 307
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dttx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X

Request Chain 157

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D HTTP 302
https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=9f0d0e9b-e6af-45db-a845-ee95fad5da43

Request Chain 158

https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-285d9026-69ae-43f7-9e73-19719f254bbe-003&rndcb=5243886875 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-285d9026-69ae-43f7-9e73-19719f254bbe-003&rndcb=5243886875 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=752d995a-bde8-402d-b281-fe857e7e2034&google_hm=NzUyZDk5NWEtYmRlOC00MDJkLWIyODEtZmU4NTdlN2UyMDM0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=adconductor&bsw_param=752d995a-bde8-402d-b281-fe857e7e2034&google_hm=NzUyZDk5NWEtYmRlOC00MDJkLWIyODEtZmU4NTdlN2UyMDM0&google_tc= HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPUkZBp2aIpxUjWcHYmx1_s&google_cver=1&ssp=adconductor&bsw_param=752d995a-bde8-402d-b281-fe857e7e2034 HTTP 302
https://sync.1rx.io/usersync/bidswitch/752d995a-bde8-402d-b281-fe857e7e2034?gdpr=&gdpr_consent=

Request Chain 159

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.yieldlift.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526uid%253D%2524UID HTTP 302
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2826474444528641632

159 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 5a41661d Show response
controlc.com/ 10 KB
4 KB 122ms
58ms Document
text/html 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 02555156bed9ec6fa8b2cf35c1612ebab0b1dca9af416715fb8e722484b0d060

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /5a41661d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 28 Sep 2020 13:16:59 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da9fab9ea628e294c458889f751c9b0221601299019; expires=Wed, 28-Oct-20 13:16:59 GMT; path=/; domain=.controlc.com; HttpOnly; SameSite=Lax PHPSESSID=1b70c9e020a9c3a0a6e85c69160ae640; path=/ tinychat_box=1601299019; expires=Tue, 29-Sep-2020 13:16:59 GMT; Max-Age=86400; path=/; domain=.tinypaste.com
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0576750e2b00001f1dc8b6a200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d9dbdf6aada1f1d-FRA
content-encoding: br

GET
H2 200 global.css
controlc.com/public/css/ 12 KB
3 KB 14ms
12ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/global.css
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:16:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 5818
cf-polished: origSize=15109
status: 200
cf-request-id: 0576750e7500001f1dc8b70200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-3b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5d9dbdf72bd91f1d-FRA
cf-bgj: minify

GET
H2 200 bootstrap.css
controlc.com/public/css/ 80 KB
13 KB 19ms
16ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/bootstrap.css
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:16:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 5818
cf-polished: origSize=99036
status: 200
cf-request-id: 0576750e7600001f1dc8b71200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-182dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5d9dbdf72bde1f1d-FRA
cf-bgj: minify

GET
H2 200 bootstrap-responsive.css
controlc.com/public/css/ 10 KB
2 KB 16ms
13ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/bootstrap-responsive.css
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:16:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 5818
cf-polished: origSize=14308
status: 200
cf-request-id: 0576750e7600001f1dc8b72200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-37e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5d9dbdf72be01f1d-FRA
cf-bgj: minify

GET
H2 200 view.css
controlc.com/public/css/ 598 B
372 B 15ms
12ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/view.css
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 467b1db9776e63a47ad4b041976647f292a3ce02da70383613325e4dea1ef734

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:16:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 3163
cf-polished: origSize=752
status: 200
cf-request-id: 0576750e7600001f1dc8b73200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-2f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5d9dbdf72be11f1d-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
controlc.com/public/js/ 148 KB
30 KB 27ms
24ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/jquery.js
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:16:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 5413
cf-polished: origSize=153534
status: 200
cf-request-id: 0576750e7600001f1dc8b74200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-257be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5d9dbdf72be41f1d-FRA
cf-bgj: minify

GET
H2 200 view.js Show response
controlc.com/public/js/ 2 KB
724 B 57ms
54ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/view.js?x=1601299019
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb1720927d146fe5dc6901717017a7b373a4a55acbb15ed36677cfa5d2abcb08

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:16:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-7f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5d9dbdf72be91f1d-FRA
cf-request-id: 0576750e7600001f1dc8b75200000001

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 53 KB
18 KB 75ms
44ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7086b2914bd1795b356568fadc0a00221c7d0309bef941c04f1c8783463212e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "646 / 592 of 1000 / last-modified: 1601291363"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17840
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:16:59 GMT

GET
H2 200 getpaid.png
controlc.com/public/images/ 6 KB
6 KB 17ms
14ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/getpaid.png
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:16:59 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 5438
etag: "555139ee-196e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d9dbdf7ddab1f1d-FRA
content-length: 6510
cf-request-id: 0576750ee300001f1dc8b7b200000001

GET
H2 200 logo.png
controlc.com/public/images/ 12 KB
12 KB 18ms
17ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/logo.png
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:16:59 GMT
cf-cache-status: HIT
last-modified: Thu, 19 Sep 2019 14:03:25 GMT
server: cloudflare
age: 5438
etag: "5d838aad-2f2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d9dbdf7edff1f1d-FRA
content-length: 12078
cf-request-id: 0576750ef500001f1dc8b7c200000001

GET
H/1.1 200
OK fancybar.js Show response
cdn.fancybar.net/ac/ 21 KB
8 KB 196ms
38ms Script
application/javascript 23.111.10.144
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fancybar.net/ac/fancybar.js?zoneid=1502&serve=C6ADVKE&placement=tinypaste
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.10.144 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f5a1212852709b2be58bf29e94fb8b53575c6596d744b192d2979474b062c4b3

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Sep 2020 13:16:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 14:20:27 GMT
Server: NetDNA-cache/2.2
ETag: W/"5362-5900057953202"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 ab.png
controlc.com/ 67 KB
67 KB 30ms
24ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/ab.png
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 249a47240c54580905210bdba65667fee54315dc6ed4c35c080569b2526ac056

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:16:59 GMT
cf-cache-status: HIT
last-modified: Mon, 30 Mar 2020 10:19:31 GMT
server: cloudflare
age: 1854
etag: "5e81c7b3-10a35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d9dbdf98a791f1d-FRA
content-length: 68149
cf-request-id: 0576750ff100001f1dc8b8e200000001

GET
H2 200 pubads_impl_2020091601.js Show response
securepubads.g.doubleclick.net/gpt/ 263 KB
93 KB 125ms
43ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 28 Sep 2020 13:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Sep 2020 08:40:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94378
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:16:59 GMT

GET
H2 200 bg.png
controlc.com/public/images/ 987 B
1 KB 16ms
15ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/bg.png
Requested by: Host: controlc.com
URL: https://controlc.com/public/css/bootstrap.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6

Request headers

Referer: https://controlc.com/public/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:16:59 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 5438
etag: "555139ee-3db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d9dbdf9db461f1d-FRA
content-length: 987
cf-request-id: 057675102900001f1dc8b93200000001

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 41ms
14ms Script
application/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 52ms
26ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 417 B
940 B 119ms
74ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=993555932087786&correlator=852462699187185&output=ldjh&impl=fif&eid=21067487%2C21066705&vrg=2020091601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200928&iu_parts=1025874%2CPasted_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1601299019&dt=1601299019859&dlt=1601299019375&idt=401&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=0&adks=765271295&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F5a41661d&dssz=9&icsg=4010&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=442009239.1601299020&ga_sid=1601299020&ga_hid=1610329413&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

c0304c61c35bc03725c7ff5d3d761c8e6e03acddcd396de73bde714137ec6a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1cfb6d881725ad24e3648d82acdd2c76.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 83ms
38ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1cfb6d881725ad24e3648d82acdd2c76.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 40ms
10ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 81ms
80ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=993555932087786&correlator=852462699187185&output=ldjh&impl=fif&eid=21067487%2C21066705&vrg=2020091601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200928&iu_parts=1025874%2CPasted_728x90_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1601299019&dt=1601299019949&dlt=1601299019375&idt=401&frm=20&biw=1600&bih=1200&oid=3&adxs=50&adys=127&adks=1406371575&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F5a41661d&dssz=13&icsg=64162&std=0&csl=89&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1500x90&msz=1500x90&ga_vid=442009239.1601299020&ga_sid=1601299020&ga_hid=1610329413&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e7501e43f367f62412047e0156260ee7032c7ee9c28d03b5163eafa3df9bea84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2843
x-xss-protection: 0
google-lineitem-id: 5214351027
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293538274
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ab.js Show response
controlc.com/ 5 KB
2 KB 20ms
18ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/ab.js
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 29 Mar 2020 09:43:08 GMT
server: cloudflare
age: 3125
etag: W/"5e806dac-1285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5d9dbdfafe3b1f1d-FRA
cf-request-id: 05767510d700001f1dc8ba5200000001
cf-bgj: minify

GET
H2 200 fullscreen.php Show response
controlc.com/5a41661d/ Frame 4A2D 2 KB
1 KB 54ms
53ms Document
text/html 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/5a41661d/fullscreen.php?hash=5a91824784f925bdcd90805224cdb786&linenum=false
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: cd29542a52de4614874d423230a3ec0323a6cf4e57fa01a53dd59c8cc51723b8

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /5a41661d/fullscreen.php?hash=5a91824784f925bdcd90805224cdb786&linenum=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da9fab9ea628e294c458889f751c9b0221601299019; PHPSESSID=1b70c9e020a9c3a0a6e85c69160ae640
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
date: Mon, 28 Sep 2020 13:17:00 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 05767510e000001f1dc8ba6200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d9dbdfb0e5d1f1d-FRA
content-encoding: br

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 76ms
75ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=993555932087786&correlator=852462699187185&output=ldjh&impl=fif&eid=21067487%2C21066705&vrg=2020091601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200928&iu_parts=1025874%2CPasted_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1601299020&dt=1601299020023&dlt=1601299019375&idt=401&frm=20&biw=1600&bih=1200&oid=3&adxs=1390&adys=91&adks=2762401180&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F5a41661d&dssz=18&icsg=1026762&std=0&csl=87&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=160x600&ga_vid=442009239.1601299020&ga_sid=1601299020&ga_hid=1610329413&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

c9ae01d1114feae73ac435a6c925aecadc295af2b0cf3bc87edb15f83ee17afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2335
x-xss-protection: 0
google-lineitem-id: 5215140857
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293261120
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 70ms
69ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=993555932087786&correlator=852462699187185&output=ldjh&impl=fif&eid=21067487%2C21066705&vrg=2020091601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200928&iu_parts=1025874%2CPasted_728x90_Bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1601299020&dt=1601299020051&dlt=1601299019375&idt=401&frm=20&biw=1600&bih=1200&oid=3&adxs=50&adys=704&adks=2507290776&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F5a41661d&dssz=22&icsg=4107050&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1520x687&msz=728x-1&ga_vid=442009239.1601299020&ga_sid=1601299020&ga_hid=1610329413&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

9768d1b60e1f0d1db6d533fd37ea567d6db3a06923837e00c8b425f15de010ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2237
x-xss-protection: 0
google-lineitem-id: 4655064465
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232062340
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 glyphicons-halflings.png
controlc.com/img/ 14 KB
14 KB 12ms
11ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/img/glyphicons-halflings.png
Requested by: Host: controlc.com
URL: https://controlc.com/public/css/bootstrap.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced

Request headers

Referer: https://controlc.com/public/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 5697
etag: "555139ee-3602"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d9dbdfb6f291f1d-FRA
content-length: 13826
cf-request-id: 057675111e00001f1dc8bad200000001

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame D470 0
0 48ms
47ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXG4EM0e0f2lUwXbg8oLjeZf0gRelhMEr_7BZfnvwLXf3AZd0y3YceX9GULFEd7TL2EHm4yg3y6hMXsCHxMoEZFj4QmHuiBt4nR8nq9F__hOkiAP5FNd629zhNZIgwjYCGZyZnSa2F_njuRQh8FzMMaj1v6eSQAKKV6-SCPLDuklFGqrAYzMXbq9n9LrdXdFHg8Byg9qkvPq9mN3vdcYFQfUi1_oVIajzGm3sv7S-HtWqAaoFgY9m0Epfielr9uBrahGaZviotZ7vLJPr0jpG0u_pSBw28EA&sai=AMfl-YSiYMpwho-dY-3cy1Xlc-U4pY9HwM5GrvajZWI_G62xbyIFwDNTGD7T-7wbsyCdYqNroFPlQq5hYsB6MmXU9hlKpnEzk5R6a4fbYNYM_i-emhT3LjjMnn2gLPbP2tM&sig=Cg0ArKJSzD6zNV_vU_0lEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:00 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 t.js Show response
yadloop.com/ Frame D470 18 KB
18 KB 268ms
135ms Script
application/javascript 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash: 6a65c6292bb3331a2b29af3e1a8b44c42f58dbc7a5c8503b5cd8eb23dd81bb4f

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 28 Sep 2020 13:17:00 GMT
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: hPaH1G72kcn6J4hKHBh9rOpxKCD8XHqAUqyMfOmdMgd6kX95lufiVQ==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame D470 74 KB
28 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

762ec355f24c740559b048460b5a40aeb9965a70c883fdf5c454119d0c1e5e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28870
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:17:00 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 50ms
17ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f4becf7aa4520a267deefcfb80ed580800fa75b8c968d6bfd2ea9e14d65b642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:17:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 21ms
12ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 80
date: Mon, 28 Sep 2020 13:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Mon, 28 Sep 2020 15:15:40 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA6D 0
0 51ms
42ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW2orgQw5WW1oEAyxbptgcUrh4BGrJlSLjpaJKFFjkO9Mst56nCr5FUGgvUFrlgNXy2H75beyLB-GEotLG4Tyx8GutPFLRvtKiYWgWudRGKNJIiFaLjWUYlhEuxtRWMBNg_eMdBYYgWZbLEwEHwYU1ASiQgSVwWQgJZUtDYoPb0xUbXx-lXpt32M-J_HbwsMeHFfpHpq12yK8Pw1wx95FXnPg34TUVThxBFhrF6_E9UxAY0nSNWDWLOdKX7elMXF3tEwgOccmUJUsOPWuu0zwUgf4&sig=Cg0ArKJSzFemUZoWIiu9EAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:00 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 t.js Show response
yadloop.com/ Frame BA6D 18 KB
18 KB 104ms
97ms Script
application/javascript 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash: 033e4d6bc612da48508d885c578658efd96048829bb0e3aa40bac2f10cf20eb8

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 28 Sep 2020 13:17:00 GMT
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 54_8-Lx8uG1pO9BoOAQwBQ47APUOiiZ3Vjh9iHlhHe248-z1BbkxCg==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA6D 74 KB
28 KB 24ms
17ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

762ec355f24c740559b048460b5a40aeb9965a70c883fdf5c454119d0c1e5e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28870
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:17:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6848 0
0 50ms
46ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBxa9gNLLMG2mwGdqk4uyN2iaGY4022h6U4C0CNLA3lOGNg_CjFZIr2RmhoKGseNwFvf4TnK1yabfjuSN0H5yVNJt3VbuKgeenmEWYDwx6j5FfMUCt3Dl1HeO-slpRjGWTvWyE2OZoF_A7zQjxQbrO18JuiytA4_JP9xARS1-qe6BSNUn-jV6F8nb6pWGJnwojHtS5fAbTLqpPHgEa9m5JB23bDwz86oJ4ygqBE1O0uVPTv6hS6n-NlzkCS__2q5TUxPQEiBTBZlNt&sig=Cg0ArKJSzHk-IGwbwL6NEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:00 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 6848 8 KB
3 KB 629ms
156ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.mthsense.com/RenderAd.aspx?id=14896&width=728&height=90
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c99008a8943fed0f67f8f309c2873e0d006b3c91e9e76fb474123f86688eba51

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Sep 2020 13:16:59 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 2865

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6848 74 KB
28 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

762ec355f24c740559b048460b5a40aeb9965a70c883fdf5c454119d0c1e5e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28870
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:17:00 GMT

GET
DATA 200
OK truncated
/ Frame D470 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6780563a635335c661a20e3a398f68d78d99a6c86131be1acae2d7f7578edd78

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BA6D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 014b6db94fe9ad87bd38f04b220d6416234868cf3c65e6af10ab5bc90fde7e80

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 global.css
controlc.com/public/css/ Frame 4A2D 12 KB
3 KB 18ms
17ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/global.css
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d/fullscreen.php?hash=5a91824784f925bdcd90805224cdb786&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

Referer: https://controlc.com/5a41661d/fullscreen.php?hash=5a91824784f925bdcd90805224cdb786&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 5819
cf-polished: origSize=15109
status: 200
cf-request-id: 05767512ad00001f1dc8bc2200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-3b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5d9dbdfded9f1f1d-FRA
cf-bgj: minify

GET
H2 200 fullscreen.css
controlc.com/public/css/ Frame 4A2D 312 B
284 B 22ms
21ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/fullscreen.css
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d/fullscreen.php?hash=5a91824784f925bdcd90805224cdb786&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b

Request headers

Referer: https://controlc.com/5a41661d/fullscreen.php?hash=5a91824784f925bdcd90805224cdb786&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 1841
cf-polished: origSize=426
status: 200
cf-request-id: 05767512ad00001f1dc8bc3200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-1aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5d9dbdfdeda11f1d-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
controlc.com/public/js/ Frame 4A2D 148 KB
30 KB 24ms
23ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/jquery.js
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d/fullscreen.php?hash=5a91824784f925bdcd90805224cdb786&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

Referer: https://controlc.com/5a41661d/fullscreen.php?hash=5a91824784f925bdcd90805224cdb786&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 5414
cf-polished: origSize=153534
status: 200
cf-request-id: 05767512ad00001f1dc8bc4200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-257be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5d9dbdfdeda31f1d-FRA
cf-bgj: minify

GET
H2 200 tinypaste.js Show response
controlc.com/public/js/ Frame 4A2D 3 KB
1 KB 45ms
16ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/tinypaste.js
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d/fullscreen.php?hash=5a91824784f925bdcd90805224cdb786&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9

Request headers

Referer: https://controlc.com/5a41661d/fullscreen.php?hash=5a91824784f925bdcd90805224cdb786&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 1841
cf-polished: origSize=3335
status: 200
cf-request-id: 05767512ca00001f1dc8bc8200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-d07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5d9dbdfe1e201f1d-FRA
cf-bgj: minify

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
66 B 17ms
16ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1610329413&t=pageview&_s=1&dl=https%3A%2F%2Fcontrolc.com%2F5a41661d&ul=en-us&de=UTF-8&dt=https%3A%2F%2Ffile-link.net%2F159366%2FIryna%20STEPS%20TO%20ACCESS%20THE%20THE%20Mega%201)%20click...%20-%205a41661d&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=412800057&gjid=617492323&cid=442009239.1601299020&tid=UA-62963607-1&_gid=54987663.1601299021&_r=1&_slc=1&z=908433136

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://controlc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-62963607-1&cid=442009239.1601299020&jid=412800057&gjid=617492323&_gid=54987663.1601299021&_u=IAhAAEAAAAAAAC~&z=1192893174

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 28 Sep 2020 13:17:00 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://controlc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7C43 53 KB
18 KB 43ms
43ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

41587573334a395d1a9d7ff321ae592ae69588832cb37c86cb7a26f1a431e185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "646 / 263 of 1000 / last-modified: 1601291429"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17838
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:17:00 GMT

GET
H2 200 usersync
yadloop.com/ Frame 601A 0
0 91ms
90ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usersync?i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f9&cb=9932781601299020644
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usersync?i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f9&cb=9932781601299020644
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: yqj1i3NcvjLm0_vuztOzT7baKIohPW_9rmwKh2ZccNIaEUWrEcwllw==

GET
H2 200 stat
yadloop.com/ Frame BA20 0
0 90ms
90ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stat?i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f1&cb=4707021601299020651
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stat?i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f1&cb=4707021601299020651
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: xsJGL_I1lpOdlD0Y1SoRvMYU471mxejomT8toSFM7TCUC6ayohG0hA==

GET
H2 200 usync
yadloop.com/ Frame B632 0
0 92ms
92ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usync?i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb37&cb=3998081601299020656
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usync?i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb37&cb=3998081601299020656
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 8dquHapaZt1isbE6Or84VYTSiPI7pfM4VAIvw2JnOcM4ddL5QW3ptw==

GET
H2 200 async_usersync
yadloop.com/ Frame 6B8E 0
0 102ms
102ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/async_usersync?i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a5&cb=3003291601299020658
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /async_usersync?i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a5&cb=3003291601299020658
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: s_3EOlXLz9xALDa5zZDkuTOM7trvbk7k1NGr7RhCGaqvcXgs5m3MlA==

GET
H2 200 user
yadloop.com/ Frame 85AA 0
0 92ms
92ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba023&cb=7282541601299020660
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /user?i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba023&cb=7282541601299020660
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: u7uKr0lk3-deYrvsG6DqYn-tnouMiT6RqGc_1uJpf1KpShwz1wxinQ==

GET
H2 200 stats
yadloop.com/ Frame 83EA 0
0 133ms
129ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475211&cb=8277011601299020670
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475211&cb=8277011601299020670
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: Eq1sx2lDx9wyqA3sgzZLQ-dUhziGYnqjw4CBOH2t3DnopJ0qsL-Cvg==

GET
H2 200 stat
yadloop.com/ Frame 4205 0
0 142ms
141ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stat?i=uml4x413apkiqmcvre&a=ff33ef70b2e2b9a48741989d191427917&cb=9145771601299020672
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stat?i=uml4x413apkiqmcvre&a=ff33ef70b2e2b9a48741989d191427917&cb=9145771601299020672
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: h1KtQXEu-wvTLOSLTZcPeVYynppMQEY3cz429b45-CuFGRWWQbOO2w==

GET
H2 200 user
yadloop.com/ Frame 75F5 0
0 142ms
141ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=85b4506f143331b6cfb4268b28c6782c1&cb=9785791601299020678
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /user?i=uml4x413apkiqmcvre&a=85b4506f143331b6cfb4268b28c6782c1&cb=9785791601299020678
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: XnySvtghqPA1ZYpCVoVzSAvmfKCcjHtzHJnCuuL6O__QKwcHrKcixw==

GET
H2 200 usersync
yadloop.com/ Frame 94DF 0
0 142ms
142ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usersync?i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab303&cb=2859251601299020688
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usersync?i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab303&cb=2859251601299020688
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1667
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: z_Z1hv3kXrhCp9laBUuZEux4TQfkY3FWkyuM3jgGIP6m4vTDIC0rbw==

GET
H2 200 usync
yadloop.com/ Frame A126 0
0 141ms
141ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usync?i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe483&cb=0143161601299020690
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usync?i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe483&cb=0143161601299020690
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: byMwm39yXllxPzIBbGXvEkz-vWnSls6RK_xlJMwdG_nWg-wHnmsggQ==

GET
H2 200 send
yadloop.com/ Frame 1A6A 0
0 141ms
141ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/send?i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a99&cb=7618381601299020692
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /send?i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a99&cb=7618381601299020692
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 6kFd34Qtj0QgksCqLjDO0y4L3P0eX-NDGSARAvmqbtG7WMGPecA7KQ==

GET
H2 200 usersync
yadloop.com/ Frame 0924 0
0 138ms
137ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usersync?i=uml4x413apkiqmcvre&a=9792f07ae0a3c3452c98dee5591d78631&cb=3919741601299020693
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usersync?i=uml4x413apkiqmcvre&a=9792f07ae0a3c3452c98dee5591d78631&cb=3919741601299020693
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 4kUK0aYxUF9xM5ivoQFB9vUB2cpDux1cmrydXUfaMcKQI0-Nh8B17g==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 32ms
31ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-62963607-1&cid=442009239.1601299020&jid=412800057&_u=IAhAAEAAAAAAAC~&z=1388096610

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 31ms
30ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-62963607-1&cid=442009239.1601299020&jid=412800057&_u=IAhAAEAAAAAAAC~&z=1388096610

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA6D 0
21 B 45ms
43ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulTzC3U9o5PNu2mJsTUb2uyr5CsJfg-oOV3Stge2SwPyZ9fPQTmyonJWKLQyXhPriDL2-KbkVgNFU_4LjFYdpI0eNYuA9PrLQEXkX_cNHxJ_kS5aZMKYBmyjQmwE__zto7b4l5wYc6oy9WAQsaSv9XrXr8zuCArsJlLZuuDp5wOvD7lkB71u8cxNkURXQoTNeHMC2VYS7RF22i1fRfRpkWYFkRdkzaJwYD1d7_83dOe0tcKpYqkNBJMuBbaTvUUSsombPr3H0&sig=Cg0ArKJSzJA3BniLtsqqEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:00 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 927D 53 KB
17 KB 44ms
43ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

f6d5cea2ea15c2d9ce4c37a2efa3d1b992ebba2b0274bf93496d28e074c56629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "646 / 351 of 1000 / last-modified: 1601291429"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17660
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:17:00 GMT

GET
H2 200 stat
yadloop.com/ Frame 356B 0
0 97ms
96ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stat?i=qwpqn1ipjtdny52xwe&a=4c573560928388de17c545349516a3951&cb=9688031601299020772
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stat?i=qwpqn1ipjtdny52xwe&a=4c573560928388de17c545349516a3951&cb=9688031601299020772
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: soZK_1Bdm_gLUNuUCoWzQzO35XG3MGE27u4oN-KQPTl02Dr8pPrBSw==

GET
H2 200 syncro
yadloop.com/ Frame 593D 0
0 93ms
92ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/syncro?i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d83&cb=2940181601299020788
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /syncro?i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d83&cb=2940181601299020788
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: rePJIUUjYa8qjdlAzHs4zFwi6mGg6XP0eM8kLNayTdap08LnKmmq1A==

GET
H2 200 stats
yadloop.com/ Frame 75A2 0
0 141ms
141ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc9&cb=1132091601299020791
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc9&cb=1132091601299020791
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1710
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: jNQg97p_NgjJfd5wLCtyYWaO444gPCBGtQBP1JfdnAu8jeZbPIz8gQ==

GET
H2 200 usersync
yadloop.com/ Frame 785D 0
0 103ms
97ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=882897f02d8d04f5e2ca7fe9428c3a165&cb=1184581601299020795
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usersync?i=qwpqn1ipjtdny52xwe&a=882897f02d8d04f5e2ca7fe9428c3a165&cb=1184581601299020795
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: S07qqOnZ8Ezr7_nMaOJ6VDHiCzgVBrY35Ri-sKUFMB1X4hEbygGUyw==

GET
H2 200 usersync
yadloop.com/ Frame 02BC 0
0 136ms
134ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a33&cb=7925271601299020805
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usersync?i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a33&cb=7925271601299020805
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1667
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: ljYB3otsVQzQrV1AHuRJeWdGBKko9QypUMcu7XmyBO3dLoKxDYaR_g==

GET
H2 200 sync
yadloop.com/ Frame 3835 0
0 89ms
89ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/sync?i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e75&cb=3696631601299020817
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /sync?i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e75&cb=3696631601299020817
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 9qLfExmkFEzZcRww9ooC5QdmvIt9W2Xuo3QKc3-hJCRvdqyBuq4fAw==

GET
H2 200 stats
yadloop.com/ Frame 8F9B 0
0 93ms
91ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260885&cb=0599961601299020830
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260885&cb=0599961601299020830
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: aOz5mO8MoOJiZnIv0Ew1gvWfpIyn9l3JM2cUB2JH9bRUqjxK0bYBNQ==

GET
H2 200 usersync
yadloop.com/ Frame F9E8 0
0 93ms
92ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=09d0930f2b4393c086049204715f636f3&cb=8254611601299020842
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usersync?i=qwpqn1ipjtdny52xwe&a=09d0930f2b4393c086049204715f636f3&cb=8254611601299020842
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: S8_ATGwimk_NWSUhp0w61Ou45OJ7ZiqzRDaAuSX9YvF4_Jr2si_xBw==

GET
H2 200 sync
yadloop.com/ Frame 9C78 0
0 93ms
92ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/sync?i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1757&cb=2962491601299020845
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /sync?i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1757&cb=2962491601299020845
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1633
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: tccSsfz9Sk1OQb6zFncrHIVbajDl5vH2W4OJe_XghiF-7F5ufIQZ1g==

GET
H2 200 count
yadloop.com/ Frame 2BE7 0
0 111ms
91ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/count?i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e709&cb=9359901601299020847
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /count?i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e709&cb=9359901601299020847
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1873
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 5h1sWBGaSS7JfVfw5S00Jgd7hh9ASdFVL9n16ULfwfHpL7RPaTKgLw==

GET
H2 200 usersync
yadloop.com/ Frame 81D6 0
0 101ms
97ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d39&cb=5499551601299020851
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usersync?i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d39&cb=5499551601299020851
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Mon, 28 Sep 2020 13:17:01 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 6lZLm4M3sE0Oqm3jV9Ac9VoDrxVuvEdZ5LTce9xrM8smoK3LGA8EeA==

GET
H2 200 usync
yadloop.com/ Frame 0485 0
0 99ms
96ms Document
text/html 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usync?i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b7&cb=1894191601299020856
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usync?i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b7&cb=1894191601299020856
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=7dd9ced097bbdcf92e9c5d047b33a963bbb54e43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1719
date: Mon, 28 Sep 2020 13:17:00 GMT
x-cache: Miss from cloudfront
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: oCdDhGxCr2sGp9SzKBJUn2HgCZnB7aHfxtvWB3aO4DajBC6ipHbcHA==

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame D470 0
21 B 48ms
47ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvujStHJ8yb-Gxpedv_MLPqoGc1kAEt6AvEXlR3SJ05oiURkgkLBZTntUBdRzi4M79ucDECeWPQ0eIpdRzyv_sk2avrDONmnkX49SGCSM78REGCqBwdvYipXv8RIEd5KTntMfqYrtUt7hlUjmL109tljmFIKbkE-aObzMgjCsNrZY0ehNz0nbEX8YC3aOBnJyIfOxmuE8W7U8mRqPxCMKdXtEd03MaqZIFRpLPnKWpGDNyGxtUtAcrBmml68LHIiibKmU701mUu4DflTw&sai=AMfl-YSnuKquZqxCwynnh_quQy0uDuO9DGbKYLYSXuCY0BFDXbhlCxnVPu76lUSR6vZwydnFcxAzhyD1_Mc0DapfoRxe7Qwh054dMnR8igIkzQv5exLrVN2AlT7VvMJutQc&sig=Cg0ArKJSzJGWKMCfcaVQEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:00 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 pxl.jpg
yadloop.com/ Frame BA6D 597 B
831 B 93ms
93ms Image
image/jpeg 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yadloop.com/pxl.jpg?i=uml4x413apkiqmcvre&s=781&p=https%3A%2F%2Fcontrolc.com%2F5a41661d&rstk=https%3A%2F%2Fcontrolc.com%2F5a41661d&h=4723131601299020897
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8
status: 200
content-length: 597
x-amz-cf-id: 3loJmqkgFGPgyX616rLdM3TOe8a3QRl_J8c6DwxICIU2J4h4CkjkgQ==

GET
H3-Q050 200 pubads_impl_2020092202.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7C43 263 KB
92 KB 51ms
47ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092202.js?21067552

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

7d4e4b296ae709ec5098a5d03a5db56c6aa6edcff9e585b5a38b97abedb47fdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 20:54:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94371
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:17:00 GMT

GET
H3-Q050 200 pubads_impl_2020092201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 927D 264 KB
93 KB 61ms
58ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

5e1390f7c515a04fbd18d7c3e864de65e7fc473f8a2e5134f74a79e122911dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 08:40:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94816
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:17:01 GMT

GET
H2 200 pxl.jpg
yadloop.com/ Frame D470 597 B
831 B 96ms
92ms Image
image/jpeg 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yadloop.com/pxl.jpg?i=qwpqn1ipjtdny52xwe&s=781&p=https%3A%2F%2Fcontrolc.com%2F5a41661d&rstk=https%3A%2F%2Fcontrolc.com%2F5a41661d&h=2883911601299020966
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:01 GMT
via: 1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8
status: 200
content-length: 597
x-amz-cf-id: kD9SEam9zQXVo0bS-PuZEui4wQ_8qNWczMRzH48p0WT8k-seLFFW5w==

GET
H2 200 prebid4.7.0.js Show response
storage.googleapis.com/rs-static/ Frame E4DB 302 KB
303 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:801::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by: Host: ads3.mthsense.com
URL: https://ads3.mthsense.com/RenderAd.aspx?id=14896&width=728&height=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:14:22 GMT
age: 159
x-guploader-uploadid: ABg5-UwuKll_LAQ91S5zXWnQT4f1z9vL2NdG_F7pmTuHBuNc8wTUnN9gsPKOiubsjN6YxY2ucde4Yfj0D_zI6Z74-v0
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 309272
last-modified: Tue, 15 Sep 2020 19:30:03 GMT
server: UploadServer
etag: "6093877422c034fe300df8ed44d1e948"
x-goog-hash: crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation: 1600198203919898
cache-control: public, max-age=3600
x-goog-stored-content-length: 309272
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 28 Sep 2020 14:14:22 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame E4DB 52 KB
17 KB 23ms
15ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b711990630696f6b8f821ae5538daac51cc61f17cf7c6fd6810d37b79212c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "646 / 476 of 1000 / last-modified: 1601291429"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17600
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:17:01 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6848 0
169 B 47ms
47ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuN3aex8wt8yMehWhjXiLSwvbDf6GHK-oCillC-RhWadGnKgCxILC1W4i5kVvuY7Vt60Cz7HWMPc8yKqGA4zh4Vk7jSRyxNvNRXPYKI4u67jbwBE_2I6pRaT5QRAzQvzQaBCaVts1f9DA9cL2VM6YdxjCbtGVXOXWviJAUgdFTyCbcRhjMF43SY4Y_O7BlzTwPXK4f98JQfwhp-I9g0fmRAXVS6B0L4yI4JSSiYyNRdVa_VR2QyPX-5kFkpj9vuf5NKIARXRKEjToxUZes&sig=Cg0ArKJSzMxpEfIvbT48EAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:01 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6848 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4acda7c54e6039a6768e43b1ad3594a8639797881ea95eeded26ddd8a7ffab9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ Frame 7C43 109 B
890 B 78ms
24ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092202.js?21067552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7C43 109 B
868 B 66ms
23ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092202.js?21067552

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7C43 52 KB
12 KB 361ms
360ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2476669651987236&correlator=2422824070557582&output=ldjh&impl=fifs&eid=21067552%2C21066904%2C21067201%2C21067027%2C21065724%2C21066705&vrg=2020092202&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200928&iu_parts=21671350435%2C160x600-controlc.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&cookie=ID%3D228d7addc78cf4b9%3AT%3D1601299020%3AS%3DALNI_Ma278cpeXdBe6X3xOR88gPgYuJDAA&cdm=controlc.com&bc=31&abxe=1&lmt=1601299021&dt=1601299021276&dlt=1601299020640&idt=537&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adxs=1390&adys=160&adks=2407567311&ucis=jq5t72oo2ozg&ifi=1&ifk=4036310524&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F5a41661d&top=https%3A%2F%2Fcontrolc.com%2F5a41661d&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=160x-1&ga_vid=442009239.1601299020&ga_sid=1601299021&ga_hid=1417526064&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092202.js?21067552

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

2e214aece7c657203eefd6a50162bcd0b61c64433cd7ee7e2f47c817c889d8b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11573
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
33255511179a03a22da4a64a7f83f347.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7C43 0
0 102ms
37ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://33255511179a03a22da4a64a7f83f347.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092202.js?21067552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 7C43 0
0 66ms
7ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092202.js?21067552
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.ch/adsid/ Frame 927D 109 B
868 B 86ms
59ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 927D 109 B
126 B 30ms
16ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 927D 43 KB
11 KB 371ms
359ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2534966495706140&correlator=377555746303106&output=ldjh&impl=fifs&eid=21067118%2C21067517%2C21067520&vrg=2020092201&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200928&iu_parts=21671350435%2C728x90-controlc.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D228d7addc78cf4b9%3AT%3D1601299020%3AS%3DALNI_Ma278cpeXdBe6X3xOR88gPgYuJDAA&cdm=controlc.com&bc=31&abxe=1&lmt=1601299021&dt=1601299021454&dlt=1601299020767&idt=605&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=50&adys=127&adks=1088513110&ucis=4jntln5yt67o&ifi=1&ifk=3289181949&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F5a41661d&top=https%3A%2F%2Fcontrolc.com%2F5a41661d&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=442009239.1601299020&ga_sid=1601299021&ga_hid=1137488597&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

60a6646b1372cfb909b487fa28c43016a51dbfa9418399de8cd8fe62fd7c2069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11131
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ca4c205ab9f972c282d7a75f3901a63f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 927D 0
0 99ms
38ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ca4c205ab9f972c282d7a75f3901a63f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 927D 0
0 22ms
7ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 pubads_impl_2020091702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E4DB 264 KB
93 KB 78ms
63ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

bf854a7b7ea523eaf0e05e333f6768d66af9f3430b9e2770edc995a169e24167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Sep 2020 18:00:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94763
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:17:01 GMT

POST
H/1.1 200
OK auction Show response
x.yieldlift.com/ Frame E4DB 3 KB
997 B 764ms
209ms XHR
application/json 107.23.152.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://x.yieldlift.com/auction
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.152.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-152-53.compute-1.amazonaws.com
Software: /
Resource Hash: 23105c372716a13fbd910c555b91f68cfb8891b4439d01ea6819b91504a840df

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
Content-Type: application/json;charset=utf-8
access-control-allow-origin: https://controlc.com
Accept: application/json
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Server-Timing: intid;desc=b3eff6d5b449abbd
Connection: keep-alive
Content-Length: 620
Expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame E4DB 24 B
629 B 208ms
88ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.7.0
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: e766593f9b64c1ce2aedb097a3c7d5897b3016e37f7fc39f32ae566213a5eedc

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 28 Sep 2020 13:17:01 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://controlc.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame E4DB 24 B
566 B 334ms
221ms XHR
application/json 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=303653&v=7.2&r=%7B%22id%22%3A%225051cfa2f6d7cb%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226136c4896ae5fd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22303653%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcontrolc.com%2F5a41661d%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 49e381b020c75248832c2cc858800ce24e4c3815883f62c87ac91d7a46cae794

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:01 GMT
content-encoding: gzip
server: Apache
status: 200
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://controlc.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 44
expires: Mon, 28 Sep 2020 13:17:01 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E4DB 281 B
1 KB 478ms
72ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=62568&zone_id=710558&size_id=2&rf=https%3A%2F%2Fcontrolc.com%2F5a41661d&tk_flint=pbjs_lite_v4.7.0&x_source.tid=776d2f01-f5fe-459a-8a8d-884fa7a731a0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7420026028349365
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5233488bdb2b22732c8fd819a0457ec2a76370526f063948c396201348299167

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Sep 2020 13:17:02 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 281
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
os4m-d.openx.net/w/1.0/ Frame E4DB 173 B
555 B 426ms
22ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcontrolc.com%2F5a41661d&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=776d2f01-f5fe-459a-8a8d-884fa7a731a0&nocache=1601299021607&aus=728x90&divIds=URL_Pasted_728x90_BTF__86&auid=540529560&aumfs=300
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 94221e138c608e5a7ec48e03fb106dd7e148e5aa44dd057d1e82c8404626aee5

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:02 GMT
content-encoding: gzip
server: OXGW/16.193.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://controlc.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame E4DB 66 B
342 B 692ms
139ms XHR
application/json 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bFNDkc19ir6ikyaKkGJozW
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: / 33Across
Resource Hash: da1cae787b01831ca822969dda9811a9c12e2c6bd474dfb4d945f787f4446e87

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Sep 2020 13:17:02 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controlc.com
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E4DB 19 B
712 B 78ms
50ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 28 Sep 2020 13:17:01 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
AN-X-Request-Uuid: bacbe005-2cb3-4e57-b595-883c1a84af91
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/74190/0/ Frame E4DB 0
269 B 480ms
58ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/74190/0/mvo?z=1r&hbv=4.7,2.1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://controlc.com
Pragma: no-cache
Date: Mon, 28 Sep 2020 13:17:02 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012009190410000/ Frame 7730 180 KB
51 KB 283ms
0ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092202.js?21067552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0e179fbc8e85c73475f2bad3486af6393e49e62bb18e7a7c98d384f0e51ca8d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245289
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51921
x-xss-protection: 0
server: sffe
date: Fri, 25 Sep 2020 17:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d55bb101a3bb903f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Sep 2021 17:08:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame 7730 14 KB
5 KB 233ms
0ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092202.js?21067552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af6a0df19bcf56baed942cf91579f1893c76e3662bada067cf6d1fe69cdec28e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245289
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5240
x-xss-protection: 0
server: sffe
date: Fri, 25 Sep 2020 17:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "98518735a0915bd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Sep 2021 17:08:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame 7730 89 KB
28 KB 230ms
0ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092202.js?21067552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ed04a558563848f78bdb3e0590b9a9ae27a4c7b2c114637af5dc49eff3ecf2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245289
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27349
x-xss-protection: 0
server: sffe
date: Fri, 25 Sep 2020 17:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "abfeca719478ac14"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Sep 2021 17:08:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame 7730 3 KB
1 KB 304ms
16ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092202.js?21067552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3041290c8aa8819c2894e16c8ac474fb85619752e750106038ba4eb48e4853d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245289
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1378
x-xss-protection: 0
server: sffe
date: Fri, 25 Sep 2020 17:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4d207ffdcc4b7590"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Sep 2021 17:08:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame 7730 42 KB
13 KB 289ms
3ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092202.js?21067552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55f0c451c43261893e84e56027a5547d8d0294c4120c995c2b7acf130e6c48d2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245289
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13483
x-xss-protection: 0
server: sffe
date: Fri, 25 Sep 2020 17:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e55954ef053e73f2"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Sep 2021 17:08:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7730 5 KB
761 B 41ms
13ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092202.js?21067552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 12:05:10 GMT
server: ESF
date: Mon, 28 Sep 2020 13:17:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Sep 2020 13:17:01 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17155744118621469419/ Frame 7730 2 KB
2 KB 29ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17155744118621469419/downsize_200k_v1?w=300&h=300

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

293dec782b7781fe92139a3f3b74430c0a612252abbdeba898cc93fc9528f1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 09:14:14 GMT
x-content-type-options: nosniff
age: 14567
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1868
x-xss-protection: 0
last-modified: Mon, 16 Sep 2019 23:57:49 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Sep 2021 09:14:14 GMT

GET
DATA 200
OK truncated
/ Frame 7730 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8be40fdd68a1e0f4f39bc76d940a5bcfe9b5e6a75facea92eff9f3cfe4a9798

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7730 2 KB
3 KB 108ms
91ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 7683
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 29 Sep 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7730 295 B
388 B 110ms
92ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 57003
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 28 Sep 2020 21:26:58 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 7730 0
0 149ms
28ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRHEXwrYWUvlhtEScknqj-5Y4hM8zuN6ViOBGCDTZSgg1PjdTR3Z2-6SNO1AC7oRZHpwUsK--bY1q9cpF8_x2rhNbXh2g
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7730 0
0 139ms
123ms Image
text/html 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl65bTeJxX-GAFtTz3wP_yImYB9XkvNdejoP1zoEM4MHQ6pkbEAEg1ubFWGD1lc6B4ASgAePPmb8DyAEB4AIAqAMBqgThAU_QBi8NmpMdLFdMIP_7xZSGZPkJcXPYZntlXdOdQ2KpWcgPSBA4WpNISxMYeSV23hf5dcxP4OjHgIyU2ZATEJcXW4DKo2FfZq-wQrjQTY5VzINAm_elXizrhNp3avJSdL4Cg79iXTs2p7xzYpGMm27K32NQV1LobPKRKPU1HRQifZ1Rx_D0_VDRn4NigJZzOrbAekWZnDW9DtG-z948VLH3QeVdm2SP3iP_xG8wYZBmdKaKT5kYohagawQ6aKQI6x4Nuami_sbV12bpWMhJPc-mZrMFYaaYbMoOdbcsQ50kp8AE_srl6vUC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB4DenT6oB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQhsEO0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tOTI5MzQ0NzU5MDcwNjk5MYAKA8gLAbIMFHB1Yi0yMTI4NzU3MTY3ODEyNjYz2BMM&sigh=MPyGuxaqD7c&template_id=5001&tpd=AGWhJmuKH3qE_3KT7jHTFzyswTWda9g4vdpovcZHYKfQJcZwRg
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7C43 9 KB
7 KB 207ms
0ms XHR
application/json 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020092202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092202.js?21067552

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2da280bf6eb253b411e44d8acbb1e0355a597931c12509308e4cf47e31974911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6624
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7730 11 KB
11 KB 218ms
0ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://controlc.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:07:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 11398
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 28 Sep 2021 10:07:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7730 11 KB
11 KB 217ms
0ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://controlc.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 09:06:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 15043
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 28 Sep 2021 09:06:19 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BA6D 42 B
209 B 271ms
64ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtOil-A1-mZUH_SpfNz2rMz8SeXwXkeTxKt-HGDCVotunuwz_fmADxN9YQNHUttsRrRwPIOykcstxv5dyZppPIkvqM_PhkMlQ4__0BSzE&sig=Cg0ArKJSzM7bXXlOVAaYEAE&adk=2762401180&tt=-1&bs=1600%2C1200&mtos=1056,1056,1056,1056,1056&tos=1056,0,0,0,0&p=160,1390,760,1550&mcvt=1056&rs=0&ht=0&tfs=450&tls=1506&mc=1&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=294&niot_cbk=450&md=2&btr=0&cpmav=0&lm=2&rst=1601299020331&dlt&rpt=416&isd=0&msd=0&xdi=0&ps=1600%2C930&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-8-5-7-7-0-0-0&tvt=1503&is=160%2C600&iframe_loc=https%3A%2F%2Fcontrolc.com%2F5a41661d&r=v&id=osdim&vs=4&uc=8&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200925

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012009190410000/ Frame E1AE 180 KB
52 KB 140ms
37ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0e179fbc8e85c73475f2bad3486af6393e49e62bb18e7a7c98d384f0e51ca8d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245290
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51921
x-xss-protection: 0
server: sffe
date: Fri, 25 Sep 2020 17:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d55bb101a3bb903f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Sep 2021 17:08:52 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame E1AE 14 KB
5 KB 191ms
55ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af6a0df19bcf56baed942cf91579f1893c76e3662bada067cf6d1fe69cdec28e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245290
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5240
x-xss-protection: 0
server: sffe
date: Fri, 25 Sep 2020 17:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "98518735a0915bd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Sep 2021 17:08:52 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame E1AE 89 KB
27 KB 172ms
71ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ed04a558563848f78bdb3e0590b9a9ae27a4c7b2c114637af5dc49eff3ecf2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245290
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27349
x-xss-protection: 0
server: sffe
date: Fri, 25 Sep 2020 17:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "abfeca719478ac14"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Sep 2021 17:08:52 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame E1AE 3 KB
1 KB 191ms
55ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3041290c8aa8819c2894e16c8ac474fb85619752e750106038ba4eb48e4853d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245290
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1378
x-xss-protection: 0
server: sffe
date: Fri, 25 Sep 2020 17:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4d207ffdcc4b7590"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Sep 2021 17:08:52 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame E1AE 42 KB
13 KB 211ms
76ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55f0c451c43261893e84e56027a5547d8d0294c4120c995c2b7acf130e6c48d2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245290
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13483
x-xss-protection: 0
server: sffe
date: Fri, 25 Sep 2020 17:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e55954ef053e73f2"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Sep 2021 17:08:52 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E1AE 2 KB
2 KB 194ms
59ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 7684
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 29 Sep 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E1AE 295 B
324 B 183ms
60ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 57004
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 28 Sep 2020 21:26:58 GMT

GET
DATA 200
OK truncated
/ Frame E1AE 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ba5b43d9cb6a14f310161d3bdcdb95463318eaa4182f37254902ec51a0fdcdb

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 10478372457338143399
tpc.googlesyndication.com/simgad/ Frame E1AE 11 KB
11 KB 182ms
61ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10478372457338143399?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qndBppBw7jBfJjXf4I6DvaiT5S1uw

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141365ab2023ae363b2c9df57e40e3497a2b004348977e0599338fe49e2ab69e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 09:34:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Sep 2019 13:35:00 GMT
server: sffe
age: 531729
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10954
x-xss-protection: 0
expires: Wed, 22 Sep 2021 09:34:53 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame E1AE 0
0 198ms
76ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTvtBH8G_N0TTfnqafqThP10ItvHy5Fj9PQ1dJOBSLA3e9SPsIY0eLEzXcffv891OnTsEg95CQVsKXWNzaFT6mYjRqDRA
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E1AE 0
0 197ms
76ms Image
text/html 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CwbJ_TeJxX56LI7zc3wP62Zm4D638sb1fj7_2jqMMmJL4h7MCEAEg1ubFWGD1lc6B4ASgAePPmb8DyAEC4AIAqAMByAMIqgTgAU_QagkEGzW8Y4wO9xqP2cm3qVjkqWEDIENuV350Pkf70UiNrxZlosPofvYDybqFXx9MeGYmZaGVBwFajPJiZ6SRpgV8xLqL_K4MFJfcvFTvRi7PIx1OwsagzXcajds6aYDginKp_JsjZpElH_7BVM6V_INDUAsHJQ-HFsv1_JT07iEy9iYsSuy2mr6oJMzjOrnomsDKLdeob2PRQZDiPhKHW3gZf_H12L9PeRhQXpNfVPdykAA5OuPoGaG_FS--AGAN4KTYWALOtrGuXAwQxY4KT75Xz78IrGDYjXezWTr5wASa1qj9mQPgBAGSBQQIBBgBkgUECAUYBKAGAoAH3faTMKgHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCwhiHSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi05MjkzNDQ3NTkwNzA2OTkxgAoDyAsBsgwUcHViLTIxMjg3NTcxNjc4MTI2NjPYEw0&sigh=ibDnVld1f0U&tpd=AGWhJmvMuj1qwvy85XmHjxqnA7AsO2_WobKQZlm-5pM8TzCTdg
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 927D 8 KB
7 KB 154ms
35ms XHR
application/json 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020092201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b0ceb71f1985a21befb96c37ff6f8a3d9110531f37be8a237cd21f3e7d65076

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6356
x-xss-protection: 0

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D470 42 B
65 B 160ms
41ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBr-srpVOaMGZCkDJXl62NkTuwTXM_MSL4XI6kifg1lk17BdhOfUF4_tH2EkOXYYYXEoXYrsEbJ1IdtFWeaH_RLAuXwc9H8nPpeTqCBD4&sig=Cg0ArKJSzDRmNOlQoMpoEAE&adk=1406371575&tt=-1&bs=1600%2C1200&mtos=1084,1084,1084,1084,1084&tos=1084,0,0,0,0&p=127,50,217,778&mcvt=1084&rs=0&ht=0&tfs=586&tls=1670&mc=1&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=455&niot_cbk=495&md=2&btr=0&cpmav=0&lm=2&rst=1601299020212&dlt&rpt=684&isd=0&msd=0&xdi=0&ps=1600%2C930&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-8-10-7-7-0-0-0&tvt=1662&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2F5a41661d&r=v&id=osdim&vs=4&uc=8&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200925

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7C43 16 KB
6 KB 210ms
64ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092202.js?21067552

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600730918364481"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:17:02 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7730
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

69ms
58ms

Image
text/html

2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 28 Sep 2020 13:17:02 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 927D 16 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020092201.js?21067517

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600730918364481"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:17:02 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame E4DB 109 B
126 B 56ms
52ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame E4DB 109 B
149 B 52ms
51ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E4DB 20 KB
10 KB 504ms
476ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1990817512081079&correlator=3321629684795180&output=ldjh&impl=fifs&eid=21067516%2C21065516%2C21067200&vrg=2020091702&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200928&iu_parts=289026909%2CYieldLift%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=hb_name%3DURL_Pasted_728x90_BTF__86%26passback_pb%3D0.20%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie=ID%3D228d7addc78cf4b9%3AT%3D1601299020%3AS%3DALNI_Ma278cpeXdBe6X3xOR88gPgYuJDAA&cdm=controlc.com&bc=31&abxe=1&lmt=1601299022&dt=1601299022522&dlt=1601299021110&idt=604&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=50&adys=704&adks=554702876&ucis=1ozz8fng5xwu&ifi=1&ifk=3289181949&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F5a41661d&top=https%3A%2F%2Fcontrolc.com%2F5a41661d&dssz=11&icsg=554&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=442009239.1601299020&ga_sid=1601299023&ga_hid=1816984151&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

5e5fe7498287b4586308e61fb30eece6b284c333205e68e49fa21984af1d22cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10360
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7ce27fbc994c849a85d24bb1d202ebbb.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E4DB 0
0 236ms
38ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7ce27fbc994c849a85d24bb1d202ebbb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame E4DB 0
0 155ms
128ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6848 42 B
834 B 69ms
40ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstR1bvxGRmQnwCzZiyJjdnwCw4S-ZScog8OseLoLw3sPzGmBcPhasE2BdPskAG7Sf-X74QWGXmd5I6sDdmigvajhUw1mWI1GME5V4QZWGM&sig=Cg0ArKJSzI8dgx9MOMEmEAE&adk=2507290776&tt=-1&bs=1600%2C1200&mtos=0,1258,1258,1258,1258&tos=0,1258,0,0,0&p=704,50,798,778&mcvt=1258&rs=0&ht=0&tfs=203&tls=1461&mc=0.95&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=12&niot_cbk=195&md=2&btr=0&cpmav=0&lm=2&rst&dlt&rpt&isd&msd&xdi=0&ps=1600%2C930&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-9-12-8-8-0-0-0&tvt=1450&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2F5a41661d&r=v&id=osdim&vs=4&uc=9&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200925

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/216/ Frame E546 0
0 8ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/216/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4674
date: Mon, 28 Sep 2020 12:26:16 GMT
expires: Tue, 28 Sep 2021 12:26:16 GMT
last-modified: Mon, 21 Sep 2020 21:29:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3046
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E1AE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
38ms

Image
text/html

2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 28 Sep 2020 13:17:02 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/216/ Frame 85E2 0
0 11ms
9ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/216/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4674
date: Mon, 28 Sep 2020 12:26:16 GMT
expires: Tue, 28 Sep 2021 12:26:16 GMT
last-modified: Mon, 21 Sep 2020 21:29:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3048
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E4DB 0
47 B 102ms
33ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1990817512081079&r=728x90&w=728&h=90&a=0

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
7ce27fbc994c849a85d24bb1d202ebbb.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 3C20 0
0 32ms
15ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7ce27fbc994c849a85d24bb1d202ebbb.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7ce27fbc994c849a85d24bb1d202ebbb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Mon, 28 Sep 2020 13:17:02 GMT
expires: Tue, 28 Sep 2021 13:17:02 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4DB 72 KB
27 KB 96ms
31ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f4becf7aa4520a267deefcfb80ed580800fa75b8c968d6bfd2ea9e14d65b642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:17:03 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E4DB 8 KB
6 KB 63ms
25ms XHR
application/json 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020091702&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca6e25828761990f7a632441887542f6fd58908ed46f454856a207bf1888a546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 13:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6447
x-xss-protection: 0

GET
H3-Q050 200 10478372457338143399
tpc.googlesyndication.com/simgad/ Frame E1AE 11 KB
11 KB 57ms
16ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10478372457338143399?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qndBppBw7jBfJjXf4I6DvaiT5S1uw

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141365ab2023ae363b2c9df57e40e3497a2b004348977e0599338fe49e2ab69e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 09:34:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Sep 2019 13:35:00 GMT
server: sffe
age: 531730
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10954
x-xss-protection: 0
expires: Wed, 22 Sep 2021 09:34:53 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E1AE 2 KB
2 KB 59ms
17ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Sep 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 7685
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 29 Sep 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E1AE 295 B
324 B 61ms
19ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 57005
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 28 Sep 2020 21:26:58 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E1AE 0
339 B 1645ms
499ms Other
image/gif 172.217.166.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1601299023303&qqid=CN7l8Nr3i-wCFTzudwod-mwG9w&rt=any.link.a.64.26.12.w.0.14tc.1429~any.script.b.5u.i.1j.0.0.42v.41k~any.script.b.5x.13.1z.0.0.l51.l3p~any.script.c.5u.h.1j.0.0.13l.12a~any.script.c.64.7.24.0.0.afv.aej~any.img.d.5u.e.1n.0.0.1ya.1xi~any.img.d.5u.c.1o.0.0.90.87~any.img.k.5n.c.1p.0.0.8j6.8ga~any.img.k.5r.6b.0.0.0.0.0~any.img.k.5s.6c.0.0.0.0.0~any.img.st.1e.u7.0.0.0.0.0~any.img.uh.2e.8.h.0.0.8h4.8ga~any.img.uh.31.7.h.0.0.1ya.1xi~any.img.ui.30.5.j.0.0.90.87&met.a4a=dcl.1~ol.883~nvs.1601299022055~ini.1601299023308
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009190410000/v0/amp-analytics-0.1.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.166.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bom07s20-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7730 42 B
65 B 40ms
39ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsua_TFd3fMvomWB17DdODJ1Jq5mykgQpfpoYRcAr0orIn8fGa0p3wkUUf8mTz8OddLLs2E5KJ_DB8sVjPalcdSLIrH5DZJOPflXgqw4yEWeDI9UFBIhZu0H6kD3SF3ra-Ee9Ilr79J2bSod1yocp9o&sai=AMfl-YQWQ7ui5OwR8xAfkeKf4T4_HkCW-RnOHUk_vy-n8a7x8KsMpI4arVLmS_KsDfGdqPm7n-VVwJKMQ8o9IH8hM0CVj5Ad_dwExcCLHdqAEsieoiTc4ibA0JtIDCs&sig=Cg0ArKJSzPapdNeHQFrwEAE&cid=CAASFeRo2KtLTnzWRmYEx-KFliyn74yWvA&id=ampim&o=1390,160&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1006&mtos=0,0,1006,1006,1006&tos=0,0,1006,0,0&tfs=663&tls=1669&g=100&h=100&tt=1669&r=v&avms=ampa&adk=2407567311

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E1AE 42 B
88 B 35ms
34ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYugbc2QSeQbvFQ3POEBzancrjTPORqTN-7ZVYC-Gtx7TTbm6mV1u2ku_jcsCiScXV29nRuEm6wM6kTqFCyyzTQdkEaGAFEYCcv5uoTmjLue3O79EW0e9wFWU&sai=AMfl-YQF2AzblbgxZKtfAYEJZ25Mcy1F0xUrBTMnbfJSMvtOe8lJha9ZKDWwaus70L1W79LVTRia18K74iuZ1Q0_mym111--pB2DgPSxtlok0HjuSsqZ7HPl07OUGDQ&sig=Cg0ArKJSzOP-pVeSIfDfEAE&cid=CAASFeRo1z5FI13y0frcYIHeRm-LVC4kiQ&id=ampim&o=50,127&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=650&tls=1651&g=100&h=100&tt=1651&r=v&avms=ampa&adk=1088513110

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E4DB 16 KB
6 KB 71ms
68ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 13:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600730918364481"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0
expires: Mon, 28 Sep 2020 13:17:04 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/216/ Frame 04E1 0
0 10ms
10ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/216/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/5a41661d
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/5a41661d

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4674
date: Mon, 28 Sep 2020 12:26:16 GMT
expires: Tue, 28 Sep 2021 12:26:16 GMT
last-modified: Mon, 21 Sep 2020 21:29:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3048
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view.php Show response
controlc.com/api/tinypaste/ 2 B
222 B 37ms
0ms XHR
text/html 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/api/tinypaste/view.php
Requested by: Host: controlc.com
URL: https://controlc.com/public/js/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873

Request headers

Accept: */*
Referer: https://controlc.com/5a41661d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 28 Sep 2020 13:17:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.5.38
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 5d9dbe1c39301f1d-FRA
cf-request-id: 05767525a600001f1dc8915200000001

GET
H/1.1

200
OK

setuid
x.yieldlift.com/ Frame E4DB
Redirect Chain

https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24E...
https://cs.emxdgt.com/umcheck?apnxid=2826474444528641632&redirect=https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$EMXUID
https://x.yieldlift.com/setuid?bidder=emx_digital&uid=2826474444528641632brt153471601299025763263f1

0
658 B

509ms
130ms

Image
application/json

107.23.152.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.yieldlift.com/setuid?bidder=emx_digital&uid=2826474444528641632brt153471601299025763263f1
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.152.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-152-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Type: application/json;charset=utf-8
Accept: application/json
Cache-Control: no-cache, no-store, must-revalidate
Server-Timing: intid;desc=acf8ca296074382f
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

status: 302
date: Mon, 28 Sep 2020 13:17:05 GMT
content-length: 0
location: https://x.yieldlift.com/setuid?bidder=emx_digital&uid=2826474444528641632brt153471601299025763263f1
content-type: text/html

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E4DB
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKT5Xgh9aiNbZz9gZseI9Po&google_cver=1

43 B
114 B

146ms
63ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKT5Xgh9aiNbZz9gZseI9Po&google_cver=1
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:05 GMT
via: 1.1 google
server: OXGW/16.193.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:05 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKT5Xgh9aiNbZz9gZseI9Po&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
de.tynt.com/deb/ Frame E4DB
Redirect Chain

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dttx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26ui...
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dttx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26u...

0
0

993ms
144ms

Image
text/html

67.202.110.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dttx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-110.static.steadfastdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 28 Sep 2020 13:17:05 GMT
server: nginx/1.16.1
status: 307
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dttx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
content-type: text/html; charset=utf-8
content-length: 171
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H/1.1

200
OK

setuid
x.yieldlift.com/ Frame E4DB
Redirect Chain

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D
https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=9f0d0e9b-e6af-45db-a845-ee95fad5da43

0
642 B

154ms
127ms

Image
application/json

107.23.152.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=9f0d0e9b-e6af-45db-a845-ee95fad5da43
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.152.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-152-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Type: application/json;charset=utf-8
Accept: application/json
Cache-Control: no-cache, no-store, must-revalidate
Server-Timing: intid;desc=4516d2fb07ed515b
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 28 Sep 2020 13:17:05 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://x.yieldlift.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=9f0d0e9b-e6af-45db-a845-ee95fad5da43
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

502
Bad Gateway

752d995a-bde8-402d-b281-fe857e7e2034
sync.1rx.io/usersync/bidswitch/ Frame E4DB
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-285d9026-69ae-43f7-9e73-19719f254bbe-003&rndcb=5243886875
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-285d9026-69ae-43f7-9e73-19719f254bbe-003&rndcb=5243886875
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=752d995a-bde8-402d-b281-fe857e7e2034&google_hm=NzUyZDk5NWEtYmRlOC00MDJkLWIyODEtZmU4NTdlN2Uy...
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=adconductor&bsw_param=752d995a-bde8-402d-b281-fe857e7e2034&google_hm=NzUyZDk5NWEtYmRlOC00MDJkLWIyODEtZmU4NTdlN2...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPUkZBp2aIpxUjWcHYmx1_s&google_cver=1&ssp=adconductor&bsw_param=752d995a-bde8-402d-b281-fe857e7e2034
https://sync.1rx.io/usersync/bidswitch/752d995a-bde8-402d-b281-fe857e7e2034?gdpr=&gdpr_consent=

0
0

71ms
71ms

Image
text/html

213.19.147.150
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/bidswitch/752d995a-bde8-402d-b281-fe857e7e2034?gdpr=&gdpr_consent=
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 302
date: Mon, 28 Sep 2020 13:17:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //sync.1rx.io/usersync/bidswitch/752d995a-bde8-402d-b281-fe857e7e2034?gdpr=&gdpr_consent=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

setuid
x.yieldlift.com/ Frame E4DB
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.yieldlift.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526uid%253D%2524UID
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2826474444528641632

0
618 B

353ms
205ms

Image
application/json

107.23.152.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2826474444528641632
Requested by: Host: controlc.com
URL: https://controlc.com/5a41661d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.152.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-152-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Type: application/json;charset=utf-8
Accept: application/json
Cache-Control: no-cache, no-store, must-revalidate
Server-Timing: intid;desc=f244a84e59aed715
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 28 Sep 2020 13:17:05 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.148:80
AN-X-Request-Uuid: a18b4cbd-c980-4008-9f83-f826684a4268
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=2826474444528641632
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C43 0
22 B 45ms
43ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gpt_2020092202&jk=2476669651987236&bg=!RUalRl5Y8sGxIrj6FjgCAAACrVIAAAD5CgFbKZ9FPj92udpXXrni1hGwVqKoE5uOOsA5OvYnLvVYe2DrcdoGgRdKexqlCvZdAR5iR-0HSzWv6U3ugds3ricgKveMaH0ed3j40QFya5wE7GlgKewGFpxWcNyFxFrIBZza_txlh5OwP--qPdMqeZC6M9q7HYKK9ucoHO4AtbEx84x-9YWW-66xKE6mkPcYXOJCcjUF5mg83CLalLPDmN_ZZlgef5xF-yhiV-GQM0JMjSR9-fjTF9khi2AZD-DpVNvX7Pg8ojPreWwS8RspXJZYIhCWh55oJM-WR0dKAE8VbJ68fAYosAQgcdj0AZzyFtbLmVJG7HYSOVnNSam_BJOcrAeLawBhEsKM_kB7jav2lmzLfGyqKXPxQTHqfl9yYAdgzy4Lf_xvknjqWyslcvttSoz9-UHU6sIF7JjpLtKPvoLSHkiWAy62XIQj3MiT7F9wVbumroUfsVoRZ-SZAdv3UUHUxqe5CuGS7-voYozM2_gs68MCgiqUx-DORmOQNUQluhhCZIR5elqWjqfCtsEOZJRf5c9kXcBDfE6Xjim8NZiH8NSalf5DpgqjlYebs4S05VGNQ_vNeq370MN1gXYsr3nPtYimYjbxFNavhV5ZcLVkEDbycthhpBgrxqbGMlfq7-idkazGW4_uellJ_MD2I7rbQoMJq3xUH87MWY2T89X10m5lXoRgAVH_vsw-ImlAoRv42f-OjdUGEeM6sZCRs6G7V9Lnh_aT1s1umuikRV-fC8FpFOHsiIfX2O-vKh6a7P3yNyegfwRRaQqmPRmCtVXuHNSyQLIKctTZ3HauXLBO-BIH4SPx76xiWkBAlWyZI6F8yNIjjSlJ3J6dgGRROHU1UW68sYmF04CPDhZix_HwrJKcZa4DFGDNpQwbJjQj-glFs9lEirW7yyHq5mPnZHiF90Zm6MPTwu7AuDkvrdjEoQupuml58FRsnzbtqlSs8ko64_AOBTfq2OI1o84iRKXT_XjTzly0WwxlryYDccRB0qlXYq8LxRztleJyVLJepucvLxlGs10EfJEkOVKeqI6YEtyFYqdpBA-yo1N9T_vvQEiSuf47QdmuyQzyoR2JBPFMyPNkvuj1

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 927D 0
48 B 42ms
41ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gpt_2020092201&jk=2534966495706140&bg=!pqWlpb1YDY7UVG1zTcACAAAFjlIAAAD9CgFlg33wssQHMiga2PnsykC3iyolq65ZddQ9vpmKMIoY5vP7gj6gqwDDshRxPpSmTu2mlm0NLhSbBzp9uUXyq2K4t71k-3169rJWbRTzxBdE7dlbeQYZp0QPiHCfT29dU5tzhv38gePw3uOjuxvNJFzfJP38zUPIM4vxCgNT9pDpSndIYp6u53TLIWKNqCkUwWE45N1Rdh4VtskaNpPceHB9CqQyBo2WZcf294c73Zs-rquQYH2O3WbkHT5ME9HkgmvScOjezW2mmm0Zd2veLbmBwMNkwZgPnQoNAdNGt5_IC8gRmlFbwA4RjDP65IEWMGcdOz2gZha4wgDzqXyFubB23EnEson1Dw9AE8Qym4LxFDXZvrqlWIwABVV9FrOx5RkHzYZizGuPLnzb7dHKR2wFqhpYT8B9WKotsATfkGn1LBmv5Ghs5QgVaPlPONCYx2CtRt-uV1lJNZvbF0_K3uWkbDXCfTHqmQHBS1VVRpK710-L4x5WaSduV8iXAQnAaVNXfXadPFEmTLzRSy50-XtZkb-H5HrS08xMunz6O5rx1cbCUhwgKvtZA7RcjfuqUX28bjWvftQTuDtwKnXqF9rn0SnBumhO2dIDyD0Sfzxb-9suqtlV4bcCSrNOVi-feVBAQjbbB-bXWN8vT1Yhx932qRDzTfNQCqHsIK_EXGPCX0HpDZQPSLUtxR8N_YV9JJs99bxfZqT4zwFqWEgkSmcM8ejUsve0hDDZ-5B41pM8z9XIHoYlXgnXtPsrELHhZJK4qECOYfWl-qwSoGLYCs45gwKpL-vz4l-v0K3hMCtM44vQfOZE70jG9uPZZDtXeRqFmvkCKQEAWPvZpn45O-MksLPj7q-37U6TJt89fdkeP0aI12QgaxnZZuZtjRQRTzVp_P9iOz01Z-Go2P5iJoate2jcd1zFb7HprAtmOInqDmPskUB4zOC_Adh0aFloTuzfLqNdVe-28VOfd9SgLqAGerD26G5itIVR6zOWMs2gKNNI9wJ-8eSeopHPIB90xDziP4WKns59ue0rh_r0TwYb6RSI_JM2DwocjdgeZ095zr10qVbVdzfRzik

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E4DB 0
128 B 202ms
15ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gpt_2020091702&jk=1990817512081079&bg=!NDelNy9YK0KESF2ZjQwCAAAQmVIAAANBCgCK15weRocadTFa2MyahJvCTuIUbXtyg2Jw6wkSs63BmSOXhbSVW1CIWX_DjfujmigRKYsZWIeP6PAeUar9BbYrx2rmau6R_HFaUN_e93gzOzL73bpDCScX0i6nNKnuWqkyNL3I6g0nPnqL1MR0IZ7gElCJU6iU4ILVJ0-K2TufhjOvFo9bZ2oc_NDgmQHBTm8awlCT0i29RbpAMSvmP-kMenHAx0gpZNnoNRbyw84edJ8AusVI3Za3HSNrzpFdzuWWWKmqtRjiqACIjpuwaF-KhWsRgYpBCYOKQdGdYM9pUuGlwJSQM1OeHU6zxO-QlFlvkbDnxP4UmQTsB8Fzfm2C56NemHicyYfn6TzeGOa_1eoiaJObPDEKaFiqppXDBtangrsz_lSplT4LbolxX9D1odvcNh91IXXH_d-CBLNqokbeyfJjwG1NnFTjAszfvk_5JrjJIiDBwN__Sy9c0PqUL2hHKM_Fzj6ecIsw8UmGW8Me3LZnTTNRa4fEi3G4945m2WXrKT9jQJGi8ELiFIsxnDLPhIs-zQRVp4f0xny9-9DavX3ADF28CxzF8UCaKLPfyVYZ5nKOxSL8OmcIBFAoUuUWw7DL6gy_G-uA7xo0YJRskyWFjyIZrEkC3YVldDRFK8--oPwzggum8ZvhTy7JjatRZJGjMVOQUdd_rORv4E9cRyowqc-w4Fv1Rxyr9ZiAmI93LuGVe-hNSKUzOI4bxzZPrZ2VRTqRNySrs9rF_Z2LD5kU3TxHLoYB20dFqsk1lFzjtkX4LeraNUJ_1FI

Requested by

Host: controlc.com
URL: https://controlc.com/5a41661d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/5a41661d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 13:17:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/doubleclick-gpt/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	log	URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=4811661601299020330(Line 30) Message: %c [object HTMLImageElement]
console-api	log	URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=4101531601299020196(Line 30) Message: %c [object HTMLImageElement]
console-api	info	URL: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2009190410000 https://controlc.com/5a41661d
console-api	warning	(Line 1) Message: NO prebid responses1
console-api	info	URL: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2009190410000 https://controlc.com/5a41661d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1cfb6d881725ad24e3648d82acdd2c76.safeframe.googlesyndication.com
33255511179a03a22da4a64a7f83f347.safeframe.googlesyndication.com
7ce27fbc994c849a85d24bb1d202ebbb.safeframe.googlesyndication.com
ads3.mthsense.com
adservice.google.ch
adservice.google.com
adservice.google.de
ap.lijit.com
ca4c205ab9f972c282d7a75f3901a63f.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.fancybar.net
cm.g.doubleclick.net
controlc.com
cs.emxdgt.com
csi.gstatic.com
de.tynt.com
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
htlb.casalemedia.com
ib.adnxs.com
ic.tynt.com
os4m-d.openx.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
ssc.33across.com
stats.g.doubleclick.net
storage.googleapis.com
sync.1rx.io
sync.go.sonobi.com
tag.1rx.io
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
yadloop.com
104.111.215.135
107.23.152.53
172.217.166.163
172.217.23.162
178.162.133.149
18.195.155.181
185.33.221.15
213.19.147.150
213.19.147.210
216.58.212.130
23.111.10.144
2606:4700:3035::681c:17af
2a00:1450:4001:800::2001
2a00:1450:4001:801::2010
2a00:1450:4001:802::200a
2a00:1450:4001:809::2001
2a00:1450:4001:817::2001
2a00:1450:4001:818::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81a::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:821::2002
2a00:1450:4001:821::200e
2a00:1450:4001:824::2002
2a00:1450:4001:825::2003
2a00:1450:400c:c0c::9a
34.98.64.218
40.84.148.247
52.57.230.211
67.202.110.22
67.202.110.32
67.202.110.34
69.173.144.141
72.251.249.13
99.86.243.96
014b6db94fe9ad87bd38f04b220d6416234868cf3c65e6af10ab5bc90fde7e80
02555156bed9ec6fa8b2cf35c1612ebab0b1dca9af416715fb8e722484b0d060
033e4d6bc612da48508d885c578658efd96048829bb0e3aa40bac2f10cf20eb8
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea
0b0ceb71f1985a21befb96c37ff6f8a3d9110531f37be8a237cd21f3e7d65076
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0f4becf7aa4520a267deefcfb80ed580800fa75b8c968d6bfd2ea9e14d65b642
10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2
141365ab2023ae363b2c9df57e40e3497a2b004348977e0599338fe49e2ab69e
1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47
23105c372716a13fbd910c555b91f68cfb8891b4439d01ea6819b91504a840df
249a47240c54580905210bdba65667fee54315dc6ed4c35c080569b2526ac056
293dec782b7781fe92139a3f3b74430c0a612252abbdeba898cc93fc9528f1a7
2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6
2da280bf6eb253b411e44d8acbb1e0355a597931c12509308e4cf47e31974911
2e214aece7c657203eefd6a50162bcd0b61c64433cd7ee7e2f47c817c889d8b5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573
41587573334a395d1a9d7ff321ae592ae69588832cb37c86cb7a26f1a431e185
439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986
467b1db9776e63a47ad4b041976647f292a3ce02da70383613325e4dea1ef734
49e381b020c75248832c2cc858800ce24e4c3815883f62c87ac91d7a46cae794
4b711990630696f6b8f821ae5538daac51cc61f17cf7c6fd6810d37b79212c13
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5233488bdb2b22732c8fd819a0457ec2a76370526f063948c396201348299167
55f0c451c43261893e84e56027a5547d8d0294c4120c995c2b7acf130e6c48d2
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e1390f7c515a04fbd18d7c3e864de65e7fc473f8a2e5134f74a79e122911dd7
5e5fe7498287b4586308e61fb30eece6b284c333205e68e49fa21984af1d22cf
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
60a6646b1372cfb909b487fa28c43016a51dbfa9418399de8cd8fe62fd7c2069
6780563a635335c661a20e3a398f68d78d99a6c86131be1acae2d7f7578edd78
6a65c6292bb3331a2b29af3e1a8b44c42f58dbc7a5c8503b5cd8eb23dd81bb4f
72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9
762ec355f24c740559b048460b5a40aeb9965a70c883fdf5c454119d0c1e5e55
770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718
78ed04a558563848f78bdb3e0590b9a9ae27a4c7b2c114637af5dc49eff3ecf2
7d4e4b296ae709ec5098a5d03a5db56c6aa6edcff9e585b5a38b97abedb47fdd
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced
94221e138c608e5a7ec48e03fb106dd7e148e5aa44dd057d1e82c8404626aee5
9768d1b60e1f0d1db6d533fd37ea567d6db3a06923837e00c8b425f15de010ab
9ba5b43d9cb6a14f310161d3bdcdb95463318eaa4182f37254902ec51a0fdcdb
a8be40fdd68a1e0f4f39bc76d940a5bcfe9b5e6a75facea92eff9f3cfe4a9798
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
af6a0df19bcf56baed942cf91579f1893c76e3662bada067cf6d1fe69cdec28e
b3041290c8aa8819c2894e16c8ac474fb85619752e750106038ba4eb48e4853d
bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2
bf854a7b7ea523eaf0e05e333f6768d66af9f3430b9e2770edc995a169e24167
c0304c61c35bc03725c7ff5d3d761c8e6e03acddcd396de73bde714137ec6a27
c0e179fbc8e85c73475f2bad3486af6393e49e62bb18e7a7c98d384f0e51ca8d
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
c99008a8943fed0f67f8f309c2873e0d006b3c91e9e76fb474123f86688eba51
c9ae01d1114feae73ac435a6c925aecadc295af2b0cf3bc87edb15f83ee17afa
ca6e25828761990f7a632441887542f6fd58908ed46f454856a207bf1888a546
cd29542a52de4614874d423230a3ec0323a6cf4e57fa01a53dd59c8cc51723b8
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd
d7086b2914bd1795b356568fadc0a00221c7d0309bef941c04f1c8783463212e
da1cae787b01831ca822969dda9811a9c12e2c6bd474dfb4d945f787f4446e87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7501e43f367f62412047e0156260ee7032c7ee9c28d03b5163eafa3df9bea84
e766593f9b64c1ce2aedb097a3c7d5897b3016e37f7fc39f32ae566213a5eedc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b
f4acda7c54e6039a6768e43b1ad3594a8639797881ea95eeded26ddd8a7ffab9
f5a1212852709b2be58bf29e94fb8b53575c6596d744b192d2979474b062c4b3
f6d5cea2ea15c2d9ce4c37a2efa3d1b992ebba2b0274bf93496d28e074c56629
fb1720927d146fe5dc6901717017a7b373a4a55acbb15ed36677cfa5d2abcb08

controlc.com Open in urlscan Pro 2606:4700:3035::681c:17af Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

159 Requests

99 %HTTPS

43 %IPv6

26 Domains

42 Subdomains

31 IPs

5 Countries

1483 kBTransfer

3498 kBSize

0 Cookies

0 Outgoing links

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

controlc.com Open in urlscan Pro
2606:4700:3035::681c:17af Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

99 %
HTTPS

43 %
IPv6

26
Domains

42
Subdomains

31
IPs

5
Countries

1483 kB
Transfer

3498 kB
Size

0
Cookies

159 HTTP transactions
5 data transactions