hubdrive.lat Open in urlscan Pro
2606:4700:3037::ac43:b687 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hubdrive.lat/file/1707753195
Effective URL:
https://hubdrive.lat/file/1707753195
Submission: On February 17 via api (February 17th 2024, 9:39:55 pm UTC) from US — Scanned from US

Summary HTTP 203 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 51 IPs in 4 countries across 36 domains to perform 203 HTTP transactions. The main IP is 2606:4700:3037::ac43:b687, located in United States and belongs to CLOUDFLARENET, US. The main domain is hubdrive.lat.
TLS certificate: Issued by GTS CA 1P5 on January 16th 2024. Valid for: 3 months.

This is the only time hubdrive.lat was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 10	2606:4700:303... 2606:4700:3037::ac43:b687	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	52.85.61.22 52.85.61.22	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e6:... 2606:4700:e6::ac40:ce26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
4	5.45.74.150 5.45.74.150	58061 (SCALAXY-AS) (SCALAXY-AS)
8	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
19	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 _) (CDN77 _)
1	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:251... 2600:9000:2511:5400:a:e047:753:eb41	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
20	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
28	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
5	142.250.65.198 142.250.65.198	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::2006	15169 (GOOGLE) (GOOGLE)
1	18.223.141.84 18.223.141.84	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
8 12	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.116.53.150 52.116.53.150	36351 (SOFTLAYER) (SOFTLAYER)
2	2607:f8b0:400... 2607:f8b0:4006:81d::201b	15169 (GOOGLE) (GOOGLE)
5	139.45.197.151 139.45.197.151	9002 (RETN-AS) (RETN-AS)
3 4	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	23.52.161.154 23.52.161.154	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2606:4700:10:... 2606:4700:10::6816:1974	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.192.34.122 23.192.34.122	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.34.59.20 23.34.59.20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.35.93.38 13.35.93.38	16509 (AMAZON-02) (AMAZON-02)
2	44.214.189.209 44.214.189.209	14618 (AMAZON-AES) (AMAZON-AES)
10	23.52.160.52 23.52.160.52	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:261... 2600:9000:261f:6600:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1400:900... 2600:1400:9000::687e:7771	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	100.24.196.120 100.24.196.120	14618 (AMAZON-AES) (AMAZON-AES)
6	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.187.207.111 54.187.207.111	() ()
1	54.148.16.68 54.148.16.68	() ()
203	51

10 2606:4700:3037::ac43:b687 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

hubdrive.lat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2001 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www-google-com.cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hubdrive-lat.cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-22.ewr53.r.cloudfront.net

arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e6::ac40:ce26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7eaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.45.74.150 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, LV)
PTR: zmta28.corpresponse.com

greenfox.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

thubanoa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 _, GB)

static.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
core.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cids.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:5400:a:e047:753:eb41 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)

be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.65.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.223.141.84 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-141-84.us-east-2.compute.amazonaws.com

warden.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.81.226 (Plainview, United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (San Francisco, United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.179.155 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.116.53.150 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 96.35.7434.ip4.static.sl-reverse.com

8proof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::201b (United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)

interstitial-08.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.161.154 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-154.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.192.34.122 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-34-122.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.34.59.20 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-59-20.deploy.static.akamaitechnologies.com

ajs-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.93.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-38.jfk50.r.cloudfront.net

agen-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.214.189.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-189-209.compute-1.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.52.160.52 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-160-52.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:261f:6600:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:9000::687e:7771 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.24.196.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-196-120.compute-1.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.207.111 (None, )

ASN- ()

orchestrator.strn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.16.68 (None, )

ASN- ()

orchestrator.strn-test.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	458 KB
33	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 ad.doubleclick.net — Cisco Umbrella Rank: 149 cm.g.doubleclick.net — Cisco Umbrella Rank: 278	314 KB
21	arc.io arc.io — Cisco Umbrella Rank: 27490 static.arc.io — Cisco Umbrella Rank: 51858 core.arc.io — Cisco Umbrella Rank: 65250 tracker.arc.io Failed warden.arc.io — Cisco Umbrella Rank: 52371 cids.arc.io	999 KB
16	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 1052 d9.flashtalking.com — Cisco Umbrella Rank: 1922 cdn.flashtalking.com — Cisco Umbrella Rank: 1279 ad-events.flashtalking.com — Cisco Umbrella Rank: 1378 stat.flashtalking.com — Cisco Umbrella Rank: 1448 secure.flashtalking.com — Cisco Umbrella Rank: 2672	246 KB
10	hubdrive.lat 2 redirects hubdrive.lat	161 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	5 KB
8	thubanoa.com thubanoa.com — Cisco Umbrella Rank: 163093	149 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	94 KB
7	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 3270 data.ad-score.com — Cisco Umbrella Rank: 3128	163 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	6 KB
5	interstitial-08.com interstitial-08.com — Cisco Umbrella Rank: 199557	158 KB
4	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 15895	35 KB
4	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 577	1 KB
4	greenfox.ink greenfox.ink — Cisco Umbrella Rank: 258620	8 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1212	88 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 434 fonts.googleapis.com — Cisco Umbrella Rank: 48 storage.googleapis.com — Cisco Umbrella Rank: 398	58 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	230 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 461 mug.criteo.com — Cisco Umbrella Rank: 2577	8 KB
3	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 931	66 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 353	6 KB
2	ftstatic.com ajs-assets.ftstatic.com — Cisco Umbrella Rank: 1818 agen-assets.ftstatic.com — Cisco Umbrella Rank: 1459	29 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1531	627 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	2 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 961 id5-sync.com — Cisco Umbrella Rank: 442	26 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	306 B
2	ampproject.org 1 redirects www-google-com.cdn.ampproject.org — Cisco Umbrella Rank: 187537 hubdrive-lat.cdn.ampproject.org	670 B
1	strn-test.pl orchestrator.strn-test.pl	1 KB
1	strn.pl orchestrator.strn.pl	5 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1737	63 KB
1	8proof.com 8proof.com — Cisco Umbrella Rank: 52621	44 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9876	543 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 689	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2935	3 KB
1	gstatic.com fonts.gstatic.com	39 KB
0	on.aws Failed su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws Failed
203	36

	Domain	Requested by
28	pagead2.googlesyndication.com	securepubads.g.doubleclick.net hubdrive-lat.cdn.ampproject.org be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net
17	static.arc.io	arc.io core.arc.io static.arc.io
15	tpc.googlesyndication.com	hubdrive-lat.cdn.ampproject.org be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net
12	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
12	securepubads.g.doubleclick.net	hubdrive.lat securepubads.g.doubleclick.net be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
10	hubdrive.lat	2 redirects hubdrive-lat.cdn.ampproject.org hubdrive.lat
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	thubanoa.com	hubdrive.lat thubanoa.com
8	www.googletagmanager.com	hubdrive.lat
6	data.ad-score.com	js.ad-score.com
6	cdn.flashtalking.com	ajs-assets.ftstatic.com cdn.flashtalking.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	interstitial-08.com	thubanoa.com interstitial-08.com
5	ad.doubleclick.net	hubdrive-lat.cdn.ampproject.org be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
5	be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	littlecdn.com	interstitial-08.com
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com pagead2.googlesyndication.com
4	greenfox.ink	hubdrive.lat greenfox.ink
4	use.fontawesome.com	hubdrive.lat use.fontawesome.com
3	stat.flashtalking.com
3	s0.2mdn.net	be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com cdn.flashtalking.com
3	unpkg.com	1 redirects hubdrive.lat static.arc.io
3	cdn.jsdelivr.net	hubdrive.lat securepubads.g.doubleclick.net
2	ad-events.flashtalking.com
2	d9.flashtalking.com	ajs-assets.ftstatic.com d9.flashtalking.com
2	servedby.flashtalking.com	be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	storage.googleapis.com	srcdoc
2	cdnjs.cloudflare.com	static.arc.io
2	gum.criteo.com	1 redirects static.criteo.net
2	www.google-analytics.com	www.googletagmanager.com
1	cids.arc.io	static.arc.io
1	orchestrator.strn-test.pl	unpkg.com
1	orchestrator.strn.pl	unpkg.com
1	secure.flashtalking.com
1	code.createjs.com	cdn.flashtalking.com
1	js.ad-score.com	ajs-assets.ftstatic.com
1	agen-assets.ftstatic.com	ajs-assets.ftstatic.com
1	ajs-assets.ftstatic.com	servedby.flashtalking.com
1	8proof.com	be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	warden.arc.io	static.arc.io
1	my.rtmark.net	thubanoa.com
1	mug.criteo.com	hubdrive.lat
1	id5-sync.com	cdn.id5-sync.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	core.arc.io	arc.io
1	fonts.googleapis.com	hubdrive.lat
1	ajax.googleapis.com	hubdrive.lat
1	arc.io	hubdrive.lat
1	hubdrive-lat.cdn.ampproject.org
1	www-google-com.cdn.ampproject.org	1 redirects
0	su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws Failed	unpkg.com
0	tracker.arc.io Failed	static.arc.io
203	58

This site contains links to these domains. Also see Links.

Domain
www-google-com.cdn.ampproject.org

Subject Issuer	Validity	Valid
misc-sni.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
hubdrive.lat GTS CA 1P5	`2024-01-16` - `2024-04-15`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
arc.io Amazon RSA 2048 M03	`2024-01-22` - `2025-02-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
greenfox.ink R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
thubanoa.com R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh
static.arc.io R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
core.arc.io R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
rtmark.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.8proof.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-16` - `2025-02-07`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
interstitial-08.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
*.ftstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-10-22`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2023-07-19` - `2024-08-19`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
tls.adobe.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-12` - `2025-02-11`	a year	crt.sh
ad-events.flashtalking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-17` - `2024-09-03`	a year	crt.sh
orchestrator.strn.pl Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
orchestrator.strn-test.pl Amazon RSA 2048 M01	`2023-07-05` - `2024-08-02`	a year	crt.sh
cids.arc.io R3	`2024-01-28` - `2024-04-27`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://hubdrive.lat/file/1707753195
Frame ID: F510419D36A9DE347D2D88251DDBBD85
Requests: 76 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?290eb2f
Frame ID: 48804F725D9AE8CFDF90353E141EDB3E
Requests: 7 HTTP requests in this frame

Frame: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B4AB7D60CCE394D4EAC5177C7E399D7A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hubdrive.lat
Frame ID: 98EBC738DA2B5F4BE83FB93D419A88D4
Requests: 2 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?290eb2f
Frame ID: E250AD2C96F21E44E36EA9AFB087D866
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?290eb2f
Frame ID: CF2E332EB1A3F78427994ED0F1DF88C4
Requests: 9 HTTP requests in this frame

Frame: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4B865262245BB681251149F2CECD04F7
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDQJxDY9ScY_c_ohQIwAQ&v=APEucNUKuPT3ML8odr3pRpxY6wr9GySJJ6Bt_ugcHHZoQPyBFeW6oC0XjPd1BxFVBYXmG6xvDvSli0ifryN7ruO6oPVz_LaI7g
Frame ID: 620555EF6C751737D64F6ED36CD93CD7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4B29607E686C4040FE7FB241A51A8BC9
Requests: 3 HTTP requests in this frame

Frame: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C93460E544D2DF6B43B42BEF2ACEF69A
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 15983DEAE813A94C55B04E348D15A7B5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E03EB79040F1FE9B082B14F82997AD2E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKK36bQDELy4ha0EGPCxr_sBMAE&v=APEucNVmqjO4A8uJTKEJM_MLsX-t87HS9dm6w8ubqu9r54ytI6KgbuDJcfXmOp5CiYsXjVRsLx5HdKIZP0RhtCRbN51lh5QObw
Frame ID: 8D95A7B04B8D4A30277057C5EFED30C0
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9E5A6A2953D46664CBFF16ED7C832F78
Requests: 3 HTTP requests in this frame

Frame: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2D8C8EB92B224A7F6B72DFBAA93DCE1F
Requests: 3 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: D1E9A02ACE954916A96D4709AF4BE8FB
Requests: 2 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3290176225%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo%26bag%3DydU9kaAfa6I%3D%26ruid%3D4a47d22a-4b61-4842-af9e-668883819508%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1707753195%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DFFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
Frame ID: E73117A389671676F323EE469B5B5F47
Requests: 10 HTTP requests in this frame

Frame: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1F07A891EF0BE26654ECA265854A7D05
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARik_YSAAjAB&v=APEucNWdTWB1XmH-Xde-E4QE7TbHt2U3bjgzhyBz2dAaMnfEirnq0HjFBKQIcrmbDVTf5j91-5RtcdgXurqIwIUeyD4CyVJcdw
Frame ID: 18C453AD90D133374DD8236E6E377391
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 572934F30DD8522088AD09C3E4990E29
Requests: 3 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/172799/4251819/adobe_contractor_300x250.html
Frame ID: 227BA24C90D8608A87D9F3D92066C769
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 9477FC53409466DD3F18DEA16D4A6448
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HubDrive | Kaatera 2023 1080p Hindi(Studio-DUB OST)+Kannada x264-SkymoviesHD.mkv

Page URL History Show full URLs

http://hubdrive.lat/file/1707753195 HTTP 301
https://hubdrive.lat/file/1707753195 HTTP 302
https://www-google-com.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195 HTTP 302
https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195 Page URL
https://hubdrive.lat/file/1707753195 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

203
Requests

91 %
HTTPS

52 %
IPv6

36
Domains

58
Subdomains

51
IPs

4
Countries

3425 kB
Transfer

9860 kB
Size

34
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www-google-com.cdn.ampproject.org/c/s/hubcloud.lol/drive/gcdebbk6l6jcx6i
Title: Direct Cloud DL

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hubdrive.lat/file/1707753195 HTTP 301
https://hubdrive.lat/file/1707753195 HTTP 302
https://www-google-com.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195 HTTP 302
https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195 Page URL
https://hubdrive.lat/file/1707753195 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://hubdrive.lat/file/1707753195 HTTP 301
https://hubdrive.lat/file/1707753195 HTTP 302
https://www-google-com.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195 HTTP 302
https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195

Request Chain 6

https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Request Chain 58

https://gum.criteo.com/sid/json?origin=publishertagids&domain=hubdrive.lat&sn=ChromeSyncframe&so=0&topUrl=hubdrive.lat&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=qHtYTHxWUmMyc25KKzFSU0NUODhoVG9SdmdHdGdOT1BCUEVOVUZLOFdsd21YcTNFOGF1SjBYL3JRbHB4dE5uYVlZTkRVcmNBb25QU25PU1cvc2oySXo0RVFUSGNtVDV1bkpsZUZEMnRxS3ZZSDRsL3I1VHBKYnVqVGt6dnpxam9mTDJGeEVXS24xMFhpdWpHSm1KYk5qcHlLcjZYTzVLQlFKR0dtRFIzdlA1dHJKNHRxTFk1aC9tM2hGd0RsMWFZVDloejRqN1hWYndRSmo1T01xTjFGL1ZnOGx3cXdlSGtSY25wdW8yM081QnZHbW55MDZrczk3RnFvcGtjNHBWcktFY0xQVHgyNFVETjloVHQ2OTgzQzZra3pnZz09fA&cppv=2

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1

Request Chain 106

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEnpdHM75QAABR7ABD5HwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGlOETGWueHUdeuCX1XL5uY&google_cver=1

Request Chain 108

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEwMzA3MDk0ODkyMTIxNzg0OA%3D%3D

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1

Request Chain 113

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEnpdHM76EAAD2WACQ7IwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGlOETGWueHUdeuCX1XL5uY&google_cver=1

Request Chain 115

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI4ODk4MjU4MjcwMTQ2MTMxMA%3D%3D

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB56fG7ZeHnvzQq9_mia1-A&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEB56fG7ZeHnvzQq9_mia1-A&google_cver=1

Request Chain 143

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2NhMjIyNDUtMTZhYi0yYzZkLWZmYWQtODVjYTFiMzI0MDky

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFaDLNwxK6tR96EGZfd8kUY&google_cver=1

Request Chain 145

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzE4MDU3ZDEtYzE5OC00YWM2LWI3ZWItM2Q4ZWY4MDcxYWVj

203 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

1707753195 Show response
hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/
Redirect Chain

http://hubdrive.lat/file/1707753195
https://hubdrive.lat/file/1707753195
https://www-google-com.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195
https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195

309 B
420 B

109ms
98ms

Document
text/html

2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f07623eb23e21cec855bb1ed8235a08a0fa4c6e115a750e141aeef0273e8378d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 309
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 21:39:46 GMT
location: https://hubdrive.lat/file/1707753195
server: sffe
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-silent-redirect: true
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 269
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 21:39:46 GMT
location: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195
server: sffe
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Primary Request 1707753195 Show response
hubdrive.lat/file/ 22 KB
5 KB 450ms
448ms Document
text/html 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/file/1707753195
Requested by: Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 674095eb1ff2879823b8e203195d40bfd9c744568573a769c68575f6da98e5cd

Request headers

Referer: https://hubdrive-lat.cdn.ampproject.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85712f5b4adf747d-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 21:39:47 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2V60o2tkOMjsArpzyrCVtcn89iyXFtCRnP5OQ84vg8qTJqymkKGqQdYJ%2F4eN3pBM2PSKjRJJ52rYxv5c2u9mRoGtJvBYcuwdrdTtUXQN6k36PQ0%2BzO7xIcr3u6wl2D1D47%2B0NMTPs0ZD8Ls%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 clipboard.min.js Show response
cdn.jsdelivr.net/clipboard.js/1.5.12/ 10 KB
4 KB 138ms
37ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clipboard.js/1.5.12/clipboard.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 17 Feb 2024 21:39:47 GMT
age: 3424922
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3500
x-served-by: cache-fra-eddf8230119-FRA, cache-mia-kmia1760035-MIA
etag: W/"2780-g62mlKGgQ7iOUNNGqfIWRxX9voo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 widget.min.js Show response
arc.io/ 7 KB
3 KB 205ms
62ms Script
application/javascript 52.85.61.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arc.io/widget.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-22.ewr53.r.cloudfront.net

Software

Resource Hash

487bc1cf7b1631ce796c055c044f8b4e06a7caaaae72a0804c23e5f2f1791a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:23:19 GMT
content-encoding: br
via: 1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 03 Feb 2024 21:43:30 GMT
x-amz-cf-pop: EWR53-P1
age: 988
etag: "65beb382-b84"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=864000
content-length: 2948
x-amz-cf-id: zMHc31aNwBbwzzdzNzVRnNUf3CK2GtOgV76ljvm_-acM2_qQXUgj1Q==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 209ms
64ms Script
text/javascript 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 06:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 06:49:21 GMT

GET
H2 200 hubdrive4.min.js Show response
cdn.jsdelivr.net/gh/BadAss-King/hubdrive/ 8 KB
2 KB 36ms
36ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/BadAss-King/hubdrive/hubdrive4.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

35876455baa5aee4bfb708042ab2a3c663020c92d4df5b2c1439fd540123fd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Feb 2024 21:39:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28628
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1615
x-served-by: cache-fra-etou8220114-FRA, cache-mia-kmia1760035-MIA
x-jsd-version-type: branch
etag: W/"20c0-dGBYjUf3YnPvk0t+6zLJ2Lcq5Uc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 746f656c7a.js Show response
use.fontawesome.com/ 9 KB
4 KB 134ms
48ms Script
text/javascript 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/746f656c7a.js
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757b9768e0c48924a1cdf690463a65d4f48b864f131da4a6e67cafc15bd66430

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 00:54:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5654
etag: W/"5064cc74c4928fbbc06ece65efb72afd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccN%2FJK7kZSPSSVCmFTJth2Ri2VEZ9lwJwuRBe2HwfatZSvVFmNnmuzqruz8dah%2B4k04MIZxOuHdAlf1rjcQgRqn%2FC5WUoS2XF1TRvXbf6HYj3q5mG0g5IMgoWhJzzjiQx0sOomXzmUJZUR2RTJtlMv7d"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 85712f5eaf166d9e-MIA
alt-svc: h3=":443"; ma=86400

GET
H2

200

sweetalert.min.js Show response
unpkg.com/sweetalert@2.1.2/dist/
Redirect Chain

https://unpkg.com/sweetalert/dist/sweetalert.min.js
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

40 KB
12 KB

50ms
50ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:47 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7435647
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HFYWZP94YBFPJMVRDSQNG1XA-mia
server: cloudflare
etag: W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 85712f5f19474c0f-MIA

Redirect headers

date: Sat, 17 Feb 2024 21:39:47 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HPWG4ADWBWVPRT4RKWC9BA6C-mia
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 44
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /sweetalert@2.1.2/dist/sweetalert.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 85712f5e98b74c0f-MIA

GET
H3 200 all.min.css
hubdrive.lat/assets/vendor/fontawesome-free/css/ 55 KB
12 KB 82ms
80ms Stylesheet
text/css 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/vendor/fontawesome-free/css/all.min.css
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 Nov 2020 21:20:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61913
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUTbZ6gfqyJCsqxYvlgQwTM0RRtHOoZQm5LzcVkWl0YYUIBFKt3F6kiwC8rwuIeDElTIwoCd%2BwTKKr4KfD8VipP80py08%2Bbr3mwU4%2FKCf049fFLl3jDXsC6e7ZMv5kWnbk5zS8FZojsGR1M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85712f5e2ea97444-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 24 Feb 2024 04:27:54 GMT

GET
H3 200 sb-admin-2.css
hubdrive.lat/assets/css/ 210 KB
30 KB 82ms
80ms Stylesheet
text/css 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/css/sb-admin-2.css
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03d5ffcc6177da76ee1578b71967331daf019b28e914d75dcc256de90fe9b016

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 18:01:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61913
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7Ncp354JKFxk5buucOAQbO%2B5v4yllLrxSzv%2FZ6ljEE0xKdLbYrJPk1uRD%2BFC3OOa84J9mbx6mp%2Bd3Ax3zbi7PMFGESReTmmHDbLs%2BEW2SZ63wjKnpoOklSEfFFwFQCWDar0vbERR596cCc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85712f5e2eac7444-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 24 Feb 2024 04:27:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 224ms
81ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15e43a1366b7c320c12ace3497892fd0eff14b08d3db0d833874c7a65712fa18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 21:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 21:24:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 21:39:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 252ms
109ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

823f3d2e7339af58d25572f5e697ed7564ceba53e72a911b012f9b5cf7560869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29128
x-xss-protection: 0
server: cafe
etag: 50 / 19770 / m202402130101 / config-hash: 11148296534494914191
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 21:39:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 242ms
88ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8QTNRD0R4M

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

913e171b5245fff3ab97eec98f479794d485656bccf280b8c70b5063bd86ed7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95012
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Feb 2024 21:39:48 GMT

GET
H3 200 HubDrive-NewLogo.png
hubdrive.lat/assets/img/ 12 KB
13 KB 45ms
44ms Image
image/png 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hubdrive.lat/assets/img/HubDrive-NewLogo.png
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1664d91ecac81370ecbbe5f5ae6297a1a5e6c80e8cc5b51ff934ee2bf47f51f3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61912
alt-svc: h3=":443"; ma=86400
content-length: 12781
last-modified: Sun, 21 Nov 2021 17:36:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44uiVhs7JYJ5cSbX5sHRLaMIWK6lvWBRDCseCYHIBVYmjA1YoqtLwctrQQ1KPfg7RwMZm7nP9UpRWX%2FD4IM3eDJgs9MddxVv%2FhCZjbU1V9TH0XOoKI%2Bb535gt45fTEqo7gkNCwf%2FmfCWkj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85712f5e2eae7444-MIA
expires: Sat, 24 Feb 2024 04:27:55 GMT

GET
H/1.1 200
OK asyncjs.php Show response
greenfox.ink/d/ 4 KB
5 KB 475ms
154ms Script
text/javascript 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://greenfox.ink/d/asyncjs.php
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 21:39:48 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
ETag: 1d63e790351363d29b61f9cf59b98fad
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=3600
Connection: keep-alive
Expire: Sat, 17 Feb 2024 22:39:48 GMT

GET
H2 200 1 Show response
thubanoa.com/ 42 KB
16 KB 567ms
277ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/1?z=7013738
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c096b03fb7123cf73a1d83a0b6887763401ebecf5dbe445752723b63c024c94c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: e9db9d853376fc9afd11c8f9981d8b89
pragma: no-cache
date: Sat, 17 Feb 2024 21:39:48 GMT
content-encoding: gzip
x-sc: YDd1jb60rbFJ4xdkncHV26E45vCpn8Iro0_5oPFlcr1Ugvmz949wEvjtsYyepl-W2IH6cXAZSnvGp474
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 bootstrap.bundle.min.js Show response
hubdrive.lat/assets/vendor/bootstrap/js/ 77 KB
23 KB 116ms
115ms Script
application/javascript 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b39d09ccb303b024e73b2cb2888b32e1a5dd3f9e69baf6a4e0b0a3d1bafaf01b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Dec 2023 22:41:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 217189
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BEvav%2BpIiu12nDFFlhO1dUBwEj6nVRUdN9XjxqRb2LvPSdngqUOVeN82h7BrDoEal0StY60fVixS8V3iU1538quisqY%2FsTt3O0ekwe9uVt%2B4vvY27WBdjwXdgaBGDCob23UeRniHeBOSxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85712f5e2eb17444-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 22 Feb 2024 09:19:58 GMT

GET
H3 200 jquery.easing.min.js Show response
hubdrive.lat/assets/vendor/jquery-easing/ 2 KB
1 KB 46ms
43ms Script
application/javascript 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/vendor/jquery-easing/jquery.easing.min.js
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d865c4606f6f8fdc900cd531f630064d76dff960ccf06cb46cd3f7a04d713bb3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Dec 2023 22:39:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 501026
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFRoqxaaBuHdJXrXM27z9iofrXuQcbSqcBlZU3Gg%2FnGwLOvYwfuH3T08z5VAF67%2F8f4ejlwm6DxHLFVCG6wSbIn5Y7%2Fp9diR6QpJT%2B5Szp3dclYuovfTAdRVa4DtOEguXGvhxv3XcAlO8bM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85712f5ee8947444-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 19 Feb 2024 02:29:21 GMT

GET
H3 200 sb-admin-2.min.js Show response
hubdrive.lat/assets/js/ 1 KB
1 KB 46ms
45ms Script
application/javascript 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/js/sb-admin-2.min.js
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f913733fa2872d794c45a1e2191f2e9c75976a7715faf1ef70cf3e364df9458

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Dec 2023 22:24:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 307853
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xF0HwcAw1f19OBKnZQr3bfx%2Fj%2Bafs6MUtZhHg9XVNXI0F93PrTSl%2BLVsNjNEmNCaWlvvGavQwRe288qkTGoimnBKx5STI5w5MqrSwxPklPuLTAiyQJBYR4VS5g9Qv3Mc6OGzovntPbx%2FnBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85712f5f18e37444-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 21 Feb 2024 08:08:53 GMT

GET
H2 200 core.js Show response
static.arc.io/widget/js/ 310 KB
104 KB 247ms
68ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/core.js?290eb2f
Requested by: Host: arc.io
URL: https://arc.io/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: d83b7c0e9b8f2e74b3cbe129a54793a25ea5410d9f7730f049df3e1f387be59f

Request headers

Referer
Origin: https://hubdrive.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:47 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: EBG1TQK7PF9DQWC1
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 21:53:34
cdn-pullzone: 786569
x-amz-id-2: zrcWOzFRs4gRm4tdDJ7gBYXWVbxGN7xqpH4mi1goyxbuAfVlCTgzXevemUIs3bB0OIRKCH3jGAY=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"d06b3a90fe0701b7af5d5c4c3a919aab"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: a90b58967e2e8fd6a214fbcebc898686
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 broker.html Show response
core.arc.io/ Frame 4880 2 KB
1 KB 249ms
69ms Document
text/html 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://core.arc.io/broker.html?290eb2f

Requested by

Host: arc.io
URL: https://arc.io/widget.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-NY1-885 /

Resource Hash

fba7b9242113390e99277bd207daba9b5b1bf029ae5a5867472cf0d8c589b05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=2592000
cdn-cache: HIT
cdn-cachedat: 02/03/2024 21:47:25
cdn-edgestorageid: 885
cdn-proxyver: 1.04
cdn-pullzone: 786568
cdn-requestcountrycode: US
cdn-requestid: 1fda89f72c79f251392de2e5d8558764
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
content-encoding: br
content-type: text/html
date: Sat, 17 Feb 2024 21:39:47 GMT
etag: W/"64331d06-612"
expires: Mon, 04 Mar 2024 21:47:25 GMT
last-modified: Sun, 09 Apr 2023 20:16:06 GMT
server: BunnyCDN-NY1-885
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

GET
H2 200 746f656c7a.css
use.fontawesome.com/ 1 KB
679 B 43ms
42ms Stylesheet
text/css 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/746f656c7a.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/746f656c7a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e3737c1cbde4b54f6c8b42fcb3448200d1321b3b514684fcff6411f7e93c63d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 00:54:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5654
etag: W/"7f642d48d16b59af74ffbd2c54362a45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2B2W0UgvDRI5JSY9qni4miv0wJOri0n7m50Nokg1%2FDV%2BV5fufrH4bDyaiesYdahYaqAGNH%2FksYjel6BY2q0Wmxpj4fUjSsaZafgcLzeQ4voPsTmoa7%2BcXN4HGhAJC6C3QtQ8Aoh0YaZp2AyvIorq5a14"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 85712f5ff8416d9e-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fa-solid-900.woff2
hubdrive.lat/assets/vendor/fontawesome-free/webfonts/ 74 KB
74 KB 51ms
50ms Font
font/woff2 2606:4700:3037::ac43:b687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/assets/vendor/fontawesome-free/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

Referer: https://hubdrive.lat/assets/vendor/fontawesome-free/css/all.min.css
Origin: https://hubdrive.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 479840
alt-svc: h3=":443"; ma=86400
content-length: 75408
last-modified: Sat, 14 Nov 2020 21:20:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3e2bpUacj3pbS6J4OYU%2BE8XBaAwE%2FiiQR5RVGYiBItqwR5Havr%2BF%2BvKIC1g770yn1bN59iRUZjRbGUNX%2FcF7ElNYVr6oeMhvlrMw5r8XBT1NvN9Z7q3ktRUnC0jd90cySFsN1GLD%2B4RJP1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85712f602b237444-MIA
expires: Mon, 19 Feb 2024 08:22:27 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 207ms
66ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hubdrive.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:06:55 GMT
x-content-type-options: nosniff
age: 196373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:06:55 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 45ms
44ms Stylesheet
text/css 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/746f656c7a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1314637
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ez4BdIiwLHYeaoqfwQp5n0XBkqhGtdaTDOMcnSklTl0Qmj70VqbV8gT%2FIFbHrxJsXY3q1n%2BogH%2BabKkQKY%2F7wdhQ1GPZNom5ot%2FHN%2BdnAjmUpILfd%2FWeTU8435B%2BOOtY%2FiMGxgxld1ZNeL1mDqOzbIwa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 85712f6068a16d9e-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 118ms
44ms Font
application/font-woff2 2606:4700:e6::ac40:ce26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/746f656c7a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/746f656c7a.css
Origin: https://hubdrive.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329403
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FHkDXULwovP05IyJSnQNj2nEm4Oo4SPIUkAs8sc9khrwv7xgj7my1BIqTHFzmzWxe1mHiVYiNcvAThybJ3jZ9IelNi%2FPQU%2BrI9i62Hmaetm0KCZ%2F9Por8ypOl%2FJU%2BgJu1b5yw82BwHSXgVk%2FabsynM4"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85712f613de3b3f1-MIA

GET
H2 200 broker.9e6bf337.js Show response
static.arc.io/broker/js/ Frame 4880 24 KB
10 KB 118ms
118ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/broker.9e6bf337.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 15dd17bc017fd6b5c5874bf0c0f127131b09f9f8a4a5f596aa846269f4bad7c9

Request headers

Referer: https://core.arc.io/
Origin: https://core.arc.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 3K6572S44X6CX67D
x-amz-server-side-encryption: AES256
cdn-cachedat: 10/31/2023 18:52:54
cdn-pullzone: 786569
x-amz-id-2: dLKO5VPPnnqi3+XOdB0veMLbIAILvwOSoJ4GzNmKLxxFlfFmNmznVGpXpeTYxGJkV/aTLr1sB38=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"0f4be176d7381439a060ff326b994fd2"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 816762144375f8c8371f6e83add92358
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 chunk-vendors.5e1d8045.js Show response
static.arc.io/broker/js/ Frame 4880 49 KB
20 KB 119ms
118ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/chunk-vendors.5e1d8045.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: c4553db9c6f8ac8363f52730234c6e6978828fd5638df4d0dbcfd8bec71a08ca

Request headers

Referer: https://core.arc.io/
Origin: https://core.arc.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: ZG9P1PKSRW3QFSWK
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/16/2023 03:06:27
cdn-pullzone: 786569
x-amz-id-2: LYa9kuBlR7mquYzniatNWFOUxcxLOu77FMytJanpFa+SsHFH1T7gC4jESQDgka8j8uSIGUUt/2s=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"c78a505ea0c6b4622562567efbbeb847"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 1552d45adf7de4e6bb935e64a65d1106
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 4880 0
5 KB 204ms
67ms Other
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: FC8B19E98STPFYG3
x-amz-server-side-encryption: AES256
cdn-cachedat: 10/13/2023 07:46:38
cdn-pullzone: 786569
x-amz-id-2: OZ28pOUxEGU3SE8hMb1/WQPcAo34l2WWKG+dLpP7P+2+5j3nllzqM6Ne2PHpD56W+EisZ7IVEZM=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"1343454a1c763177d59f06c307b3a5a2"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 59563126bfa139256f117290143a9eba
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 4880 0
16 KB 221ms
85ms Other
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 10N2K8AEDFCCNQB1
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/17/2023 14:18:54
cdn-pullzone: 786569
x-amz-id-2: PlrFXVGI1jexr7TAWJtFW8Q+uD/sxSkhW66YJtSri1HznKFHC4ASGTpH0Bl0Pcpvrjou9vFhHIU=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"d03c11be3537746519138d1fe06bd033"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 8074e296efa490bca62a89e6064baae3
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/ 430 KB
136 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b085792cba4cacf7144409083b663be6d15686af10d7b3a1293aea5b7d9b3932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138611
x-xss-protection: 0
server: cafe
etag: 13668746270024245435
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 16 Feb 2025 21:33:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 471 B
276 B 231ms
100ms XHR
application/json 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hubdrive.lat

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96eadd31bb4448a864cabeb7062cbf560d879d719896034cb3ece73cf29d1187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0
expires: Sat, 17 Feb 2024 21:39:48 GMT

GET
H2 200 vendors~widget-ui.js Show response
static.arc.io/widget/js/ 94 KB
34 KB 68ms
67ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 7a4a51ab0b9301083e145526762d065e622a0ec8cfb5a866cd6b20c87087ff08

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: ZG9ZNN1M4JDV68Y2
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/16/2023 03:06:27
cdn-pullzone: 786569
x-amz-id-2: 51vFKVEVAx4q9Ji66ldN/axREpzQF+/WIfyIb3+bWV6ijbZdshUxkeCzNwyeA/kesQg+7QpGyrg=
last-modified: Sun, 09 Apr 2023 20:18:37 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"de8ab4879bd77ebe629c721339d42f65"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 028700d0b709d6f18ddfba6a929f8ad2
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget.css
static.arc.io/widget/css/ 85 KB
9 KB 115ms
114ms Stylesheet
text/css 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?290eb2f
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: ca943937aa6c69286d489d0720b1c8734d67446f5495374ff618f40788b65c75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: EBGAETYB7Q67X0H2
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 21:53:34
cdn-pullzone: 786569
x-amz-id-2: 6gB9LZm41K1fFG9A5WKJPDYL/pzIoptpSKuZzx1FKYqj3jBtUhzQLO2lsVMwkEU2whrXJXOLNbs=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"51616a4421ceea014ea555698310a2a5"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: b5399057124a3b195e32277eaca8e0a4
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget-ui.js Show response
static.arc.io/widget/js/ 41 KB
15 KB 140ms
139ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: bb0f8d0ddd86c8950343123306347b29b3dfb334281d37a69069bd2dbe73f42a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 84H876JYRMFKKZQ2
x-amz-server-side-encryption: AES256
cdn-cachedat: 01/03/2024 19:10:39
cdn-pullzone: 786569
x-amz-id-2: 0AHUdNPKrDXaA6EWZpKDgEjMlCE7GDLGqmcXYF/YrzB4pc5JRSGI68BgaYPwKnneLk8tvca9q5E=
last-modified: Wed, 03 Jan 2024 18:03:35 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"932fe4d4a9d62f8d6cdc378aac6e8030"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 869a71654df490160a363f8287b68b01
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 collect
www.google-analytics.com/g/ 0
252 B 143ms
50ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8QTNRD0R4M&gtm=45je42e0v9175770313za200&_p=1708205987835&gcd=13l3l3l3l1&npa=0&dma=0&cid=1605445105.1708205988&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708205988&sct=1&seg=0&dl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&dr=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&dt=HubDrive%20%7C%20Kaatera%202023%201080p%20Hindi(Studio-DUB%20OST)%2BKannada%20x264-SkymoviesHD.mkv&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1263
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8QTNRD0R4M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
40 B 89ms
85ms Image
text/html 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-8QTNRD0R4M&v=3&t=t&pid=1748175508&cv=1&rv=42e0&tc=16&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=hubdrive.lat%2Ffile%2F1707753195&tdp=G-8QTNRD0R4M;175770313;0;0;0&z=0

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 td
www.googletagmanager.com/ 0
128 B 90ms
87ms Image
image/gif 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-8QTNRD0R4M&v=3&t=t&pid=1748175508&cv=1&rv=42e0&tc=16&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=hubdrive.lat%2Ffile%2F1707753195&tdp=G-8QTNRD0R4M;175770313;0;0;0&z=0
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:48 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
59 B 86ms
84ms Image
text/html 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-8QTNRD0R4M&v=3&t=t&pid=1748175508&cv=1&rv=42e0&tc=16&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
40 B 100ms
98ms Image
text/html 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-8QTNRD0R4M&v=3&t=t&pid=1748175508&cv=1&rv=42e0&tc=16&es=1&e=gtm.js&eid=1&h=Ag&tr=1gct&ti=1gct&z=0

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 98ms
97ms Image
text/html 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-8QTNRD0R4M&v=3&t=t&pid=1748175508&cv=1&rv=42e0&tc=16&es=1&e=gtag.config&eid=7&u=AAAAAAAAAAAAACA&h=Ag&epr=1G.2G&z=0

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 98ms
97ms Image
text/html 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-8QTNRD0R4M&v=3&t=t&pid=1748175508&cv=1&rv=42e0&tc=16&es=1&e=gtm.dom&eid=8&u=AAAAAAAAAAAAACA&h=Ag&z=0

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 lazy-modules.a169b1ec.js Show response
static.arc.io/broker/js/ Frame 4880 45 KB
16 KB 71ms
71ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.9e6bf337.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 2d69a91e3b105d9ced4a5c0244a9dc3905f8eb061e72cb5518db5ef6d0d0635d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 10N2K8AEDFCCNQB1
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/17/2023 14:18:54
cdn-pullzone: 786569
x-amz-id-2: PlrFXVGI1jexr7TAWJtFW8Q+uD/sxSkhW66YJtSri1HznKFHC4ASGTpH0Bl0Pcpvrjou9vFhHIU=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"d03c11be3537746519138d1fe06bd033"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 0217e8d32619e7f34882d37898f8314e
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 90 KB
26 KB 162ms
48ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5101d202c69226aa554c5a7dd1e747e5bfcd5354fcf9013f43cbda40e6362996

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 16 Feb 2024 11:30:50 GMT
server: cloudflare
x-amz-request-id: Y9MNBDZB78A3KSK0
age: 3453
etag: W/"fbf94277ddc1a5b108475f46bccc9b0e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 85712f652a9067b6-MIA
x-amz-id-2: ZvGbxUFpl4U7CLj3Ag3SS0aNsYO/Ni9jammK2jZyO8UPQoLxQHEOq7rV7x6VjnIBEvjJEoqtOnA=

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
819 B 35ms
34ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Feb 2024 21:39:48 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7095
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 250ms
67ms Script
text/javascript 2600:9000:2511:5400:a:e047:753:eb41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:5400:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sat, 17 Feb 2024 11:01:12 GMT
Via: 1.1 7bf47dc1c691ee43f7c8db83aa03a3cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 38317
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: VqwQGm03KpnSNoH9CGuoAKFLje2Io9ka1mNI_tmOfMH68KeSmElGTQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 236ms
114ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 07 Feb 2024 07:37:39 GMT
server: nginx
etag: W/"65c33343-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Feb 2024 21:39:48 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
846 B 509ms
508ms Fetch
text/plain 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2248023175560213&correlator=1465358301949451&eid=31079958%2C31081225%2C31079233%2C44777901&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.lat_anchor%2Cmix2ads_hubdrive.lat_interstitial%2Cmix2ads_hubdrive.co_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1x1%2C1x1%2C728x90%7C320x100&ifi=1&sfv=1-0-40&ists=6&fas=1%2C8%2C0&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1708205988499&adxs=-9%2C-9%2C488&adys=-9%2C-9%2C94&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=0x-1%7C0x-1%7C1080x0&msz=0x-1%7C0x-1%7C1080x0&fws=2%2C2%2C4&ohw=0%2C0%2C1496&ga_vid=1605445105.1708205988&ga_sid=1708205989&ga_hid=869144812&ga_fc=true&dlt=1708205987521&idt=860&adks=2691604385%2C4130931250%2C4245700628&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6aa048b01d7ab8f8552bc0f4a8326bebf170a51a476e961256e1f44c82a78a62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 816
x-xss-protection: 0
google-lineitem-id: -2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 1762ms
1760ms Fetch
text/plain 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2248023175560213&correlator=1465358301949451&eid=31079958%2C31081225%2C31079233%2C44777901&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_5&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=4&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1708205988511&adxs=702&adys=157&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1076x0&msz=1076x0&fws=4&ohw=1496&ga_vid=1605445105.1708205988&ga_sid=1708205989&ga_hid=869144812&ga_fc=true&dlt=1708205987521&idt=860&adks=4268415557&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14579d762d09f2f9fca1b2ab1024fcc2732f889e7951036f201f2a32781162bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12489
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 774 B
378 B 1337ms
1336ms Fetch
text/plain 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2248023175560213&correlator=1465358301949451&eid=31079958%2C31081225%2C31079233%2C44777901&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=5&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1708205988517&adxs=702&adys=177&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1605445105.1708205988&ga_sid=1708205989&ga_hid=869144812&ga_fc=true&dlt=1708205987521&idt=860&adks=1411793224&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef28985fbd9f194aaf189d73dbc036bb40bfa2265163bdd54480ea0946669a1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 89 KB
42 KB 839ms
838ms Fetch
text/plain 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2248023175560213&correlator=1465358301949451&eid=31079958%2C31081225%2C31079233%2C44777901&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=6&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1708205988521&adxs=702&adys=372&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1605445105.1708205988&ga_sid=1708205989&ga_hid=869144812&ga_fc=true&dlt=1708205987521&idt=860&adks=3263134374&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c54daeb5ad4fc2a0b82bbfb60caa61b869a55d15b2042554f4debade3756f932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42468
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 90 KB
42 KB 522ms
520ms Fetch
text/plain 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2248023175560213&correlator=1465358301949451&eid=31079958%2C31081225%2C31079233%2C44777901&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=7&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1708205988524&adxs=702&adys=372&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1605445105.1708205988&ga_sid=1708205989&ga_hid=869144812&ga_fc=true&dlt=1708205987521&idt=860&adks=4224613116&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e90a5c637aaf3fd0551492ed68bc29507ab232407fa0e5e6c3b3f823a7c52c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42636
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
16 KB 1343ms
1342ms Fetch
text/plain 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2248023175560213&correlator=1465358301949451&eid=31079958%2C31081225%2C31079233%2C44777901&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=8&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1708205988528&adxs=702&adys=410&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1605445105.1708205988&ga_sid=1708205989&ga_hid=869144812&ga_fc=true&dlt=1708205987521&idt=860&adks=2438643228&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e168d805ce7c7375cca70cdea9dccf17566a1e88011aa58bc93e353b1fcc653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16278
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 774 B
374 B 502ms
502ms Fetch
text/plain 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2248023175560213&correlator=1465358301949451&eid=31079958%2C31081225%2C31079233%2C44777901&output=ldjh&gdfp_req=1&vrg=202402130101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=9&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1708205988531&adxs=702&adys=522&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1605445105.1708205988&ga_sid=1708205989&ga_hid=869144812&ga_fc=true&dlt=1708205987521&idt=860&adks=1424888676&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e039951c939cffe12fa9b4a8153712c6030d5b0206c303441001139691def56f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B4AB 6 KB
3 KB 233ms
80ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:39:48 GMT
expires: Sun, 16 Feb 2025 21:39:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/ 45 KB
14 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edb3c01e1be23cd4ab06a59dd05ed00229349a2c70b703607ad37e618b6251d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 11:07:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37942
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14639
x-xss-protection: 0
server: cafe
etag: 18293442981272338312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 16 Feb 2025 11:07:26 GMT

GET
H2 200 2dfc5cc60fdf6636778a3fa44bb932c7 Show response
thubanoa.com/27/ 403 KB
128 KB 141ms
140ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7

Requested by

Host: thubanoa.com
URL: https://thubanoa.com/1?z=7013738

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

400851f4cac11f9e1867253c679fa40d686f328c0f61fa2957178ac544625f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: 87b68c91f2cba19e7d66fa6d117c9c9a
date: Sat, 17 Feb 2024 21:39:48 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Thu, 25 Jan 2024 06:27:22 GMT
server: nginx
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Thu, 24 Feb 2084 06:27:22 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
228 B 433ms
143ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hubdrive.lat
date: Sat, 17 Feb 2024 21:39:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 98EB 14 KB
6 KB 178ms
61ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hubdrive.lat

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:39:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 452167
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

sid Show response
mug.criteo.com/ Frame 98EB
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=hubdrive.lat&sn=ChromeSyncframe&so=0&topUrl=hubdrive.lat&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=qHtYTHxWUmMyc25KKzFSU0NUODhoVG9SdmdHdGdOT1BCUEVOVUZLOFdsd21YcTNFOGF1SjBYL3JRbHB4dE5uYVlZTkRVcmNBb25QU25PU1cvc2oySXo0RVFUSGNtVDV1bkpsZUZEMnRxS3ZZSDRsL3I1VHBKYnVqVGt6dn...

446 B
1 KB

193ms
59ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=qHtYTHxWUmMyc25KKzFSU0NUODhoVG9SdmdHdGdOT1BCUEVOVUZLOFdsd21YcTNFOGF1SjBYL3JRbHB4dE5uYVlZTkRVcmNBb25QU25PU1cvc2oySXo0RVFUSGNtVDV1bkpsZUZEMnRxS3ZZSDRsL3I1VHBKYnVqVGt6dnpxam9mTDJGeEVXS24xMFhpdWpHSm1KYk5qcHlLcjZYTzVLQlFKR0dtRFIzdlA1dHJKNHRxTFk1aC9tM2hGd0RsMWFZVDloejRqN1hWYndRSmo1T01xTjFGL1ZnOGx3cXdlSGtSY25wdW8yM081QnZHbW55MDZrczk3RnFvcGtjNHBWcktFY0xQVHgyNFVETjloVHQ2OTgzQzZra3pnZz09fA&cppv=2

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/1707753195

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

7d48b893dd21233b45473aacf13949b01afc7bd6686d5e25d363a8c3cf79208d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2100276
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=qHtYTHxWUmMyc25KKzFSU0NUODhoVG9SdmdHdGdOT1BCUEVOVUZLOFdsd21YcTNFOGF1SjBYL3JRbHB4dE5uYVlZTkRVcmNBb25QU25PU1cvc2oySXo0RVFUSGNtVDV1bkpsZUZEMnRxS3ZZSDRsL3I1VHBKYnVqVGt6dnpxam9mTDJGeEVXS24xMFhpdWpHSm1KYk5qcHlLcjZYTzVLQlFKR0dtRFIzdlA1dHJKNHRxTFk1aC9tM2hGd0RsMWFZVDloejRqN1hWYndRSmo1T01xTjFGL1ZnOGx3cXdlSGtSY25wdW8yM081QnZHbW55MDZrczk3RnFvcGtjNHBWcktFY0xQVHgyNFVETjloVHQ2OTgzQzZra3pnZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 293752
content-length: 0
expires: 0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 487ms
137ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

46c655c687b5d0fc7a2ed518db152a9313dc99c742d8db6985766262d31cf9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H/1.1 200
OK asyncspc.php Show response
greenfox.ink/d/ 3 KB
2 KB 154ms
154ms XHR
application/json 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://greenfox.ink/d/asyncspc.php?zones=7%7C10&prefix=revive-0-&cphost=43519b58b68d940f8734726dfed6c5c9%7C1%7Chubdrive.lat&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&referer=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F
Requested by: Host: greenfox.ink
URL: https://greenfox.ink/d/asyncjs.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: a4ba6c968a796bdb16a92ddc4c307b8e7f686a710b1dd91878b28f07d70ae973

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 21:39:49 GMT
Content-Encoding: gzip
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://hubdrive.lat
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 258ms
107ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1526f73de1bf43d964f28078db0415d20c0effa892051f6eeda5d830ab3b4d83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12321
x-xss-protection: 0

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame E250 85 KB
9 KB 68ms
67ms Stylesheet
text/css 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?290eb2f
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: ca943937aa6c69286d489d0720b1c8734d67446f5495374ff618f40788b65c75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: EBGAETYB7Q67X0H2
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 21:53:34
cdn-pullzone: 786569
x-amz-id-2: 6gB9LZm41K1fFG9A5WKJPDYL/pzIoptpSKuZzx1FKYqj3jBtUhzQLO2lsVMwkEU2whrXJXOLNbs=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"51616a4421ceea014ea555698310a2a5"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 362aad1677b810ded7eb7b6d5c6a142b
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame E250 2 KB
1 KB 115ms
42ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8073131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 631
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJbT3k61tXhUlCBZKBbH7IezCsjSb%2FjPTbf1xqWzdyVQiBYhDuHnMnCXPtrBFnaoIMchqvIFZFSTUvcgQHPKIP2cx%2F6mLLsWqz04%2BT9nYgN7jXeq05CPxB6g5pQlmsKmURHl0%2BnmDtP0R4i%2FPmwURwiR"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85712f68693e6c87-MIA
expires: Thu, 06 Feb 2025 21:39:49 GMT

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame CF2E 85 KB
9 KB 69ms
68ms Stylesheet
text/css 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?290eb2f
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: ca943937aa6c69286d489d0720b1c8734d67446f5495374ff618f40788b65c75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: EBGAETYB7Q67X0H2
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 21:53:34
cdn-pullzone: 786569
x-amz-id-2: 6gB9LZm41K1fFG9A5WKJPDYL/pzIoptpSKuZzx1FKYqj3jBtUhzQLO2lsVMwkEU2whrXJXOLNbs=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"51616a4421ceea014ea555698310a2a5"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 703a95390767aca742a68e45360a2a6c
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame CF2E 2 KB
925 B 105ms
43ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8073131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 631
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3Agi1odVbS7dJu3XkVtHYuLb2e1aRh0FGrl%2FyVrJQ3Q4YJ1D5kdWF8mvn85ecihDEzagsL%2FxTdDfNxMwPywg3q%2BiDbRB8HzfEJq46Hie9xYnc%2FMg0IeTQx1%2FVHceiPBNtbR4d3EPIvUfESUy8GoyLsB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85712f6869426c87-MIA
expires: Thu, 06 Feb 2025 21:39:49 GMT

GET
DATA 200
OK truncated
/ Frame E250 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CF2E 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CF2E 277 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CF2E 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CF2E 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CF2E 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CF2E 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CF2E 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 container.html Show response
be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B86 6 KB
3 KB 67ms
66ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:39:48 GMT
expires: Sun, 16 Feb 2025 21:39:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET /
tracker.arc.io/ 0
0

GET
H/1.1 200
OK lg.php
greenfox.ink/d/ 43 B
523 B 162ms
161ms Image
image/gif 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&referer=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&cb=7b4c631019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 21:39:49 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK lg.php
greenfox.ink/d/ 43 B
523 B 323ms
161ms Image
image/gif 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenfox.ink/d/lg.php?bannerid=45&campaignid=14&zoneid=10&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&referer=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&cb=0ed24f8839
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 21:39:49 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6205 624 B
827 B 270ms
101ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDQJxDY9ScY_c_ohQIwAQ&v=APEucNUKuPT3ML8odr3pRpxY6wr9GySJJ6Bt_ugcHHZoQPyBFeW6oC0XjPd1BxFVBYXmG6xvDvSli0ifryN7ruO6oPVz_LaI7g

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:39:49 GMT
expires: Sat, 17 Feb 2024 21:39:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 4B86 23 KB
9 KB 325ms
179ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:27 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 4B86 8 KB
3 KB 338ms
193ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16806
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:43 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 4B86 0
0 269ms
110ms Fetch
image/gif 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvatfEc_9zQ-tRaoQKVXJMjuUKYCrCy2n5aPqhzT0nvXUTWs4Cdh--loAAi05cmRNVXeGzCqNR-qUYIZSEF_z2j5E8w-XwdRqDNJGvwHjyE8Xb_qcHLOmbBgsWwqtekXgzLhfgTFyMDKhamCkogAoGsq19DB7w8zAmP41lR0qO2gK6XVxz14_JxtznUfdK7WQ-rxxNTo4omI5pLqRV7OwOldGyvT8sOft6xByzgjJuASOqXSvvUjueZUSClc7Ad4mhFnd4nGRhu4LlpmufFgRMVkjP6MgjrMrDXoxEPi7JSBRNzVgE4VT5fI4iZmb91VnsVyADKmliqQp1cBs9wZi9JxX2gpUIvISWSLQQFSO7MZU1JqHJ1Gnx1SMbT1SvuLK1m0O73VhaUC2D8nfpBxDmbpk6CSP0TLPoQBBp8E0BiO92VFtn0mXOtGGaYRrBfwJfITZdlpSsrHl9XqzxxHwDaw5K4M89ndXFRaQ71m_DO__krCbW8b2hyhoU_w0_7Z2xJwm_J5of3ePaqq7Kj2wquhmOhIc3XmIkh_3YPDP4JYPt2JOX5F96hw1kYPsLtcoNy75waxEXN381LmkwvmJlsEgIc9NmZ_qDRpydAwpmwzQ4AVBZFALUis3GlCJJzna5VRnHwviuYjQ-Td03PmXLgc4MF_wVgQN6tfg1xKLeAE0dS1FlQjv7-Arudwcjtx1643q0-HnfZQuO_656U_vpSGr424Y6IwMQBmUoiR1mywCuONF2xoaaxBUmwtgjccI29ZFYgTvPTI9HLKJUX9b8-LLuEO7nxFSUQPB0R0cvxBa2Zyv2tZzLk-M6mrvNTz51N1VNMjmcJFfM5Dv921j5F0h_wSnnKdrvVaNxbTbpqf2w6ypcdbQjMblhiyg3XoW9YW3T2xUzSPqwmFw14Zf6DcxCvMNDJ2_Zt3T3Mb-QL373UvBHia_6_m9J1BmGDYfMcqWuQbEfHpGEpCYzwDlxNCUbWmxhHyr3ibu7n6Gdw7BX5n-y5L9LO1XITM-BzMl1IrhJ4ogrZz7CLeJn2ODv7i_orZtPi8zCse6wGzZtBglnYT22_DOxpT75k21goizDpb7Oo4rFAe4F8HhL6W0I-QhakMgQM4TwIc6MIwf288lKHtS_2eYDwIFFBRTenRYzS6nOe3IGEKso0geyWfsihHimOOX3SU46To7QJcqiOZzIiXaKIrqOML0teO0-AO-zisoNhlWMbr_q3cRTOzxlxxcZNZ98fvjL-G-vYdeNKwCwOUNDnw9hlqQ2uH5_lRqpO8jivoQ6xNPGlUTSU2zX4zpy4VJtKGp1sMK3PRZ6CdvFrx6J_caHkMvYH9K-aTtJm-fz4BV6yuAj0BUNUYljGn1_Jh5pbNXHagb0YHSRU_3Zqei2dY-U-x9f9P0HjcsyuTSiPOtuHb-JSrS1sugL8zR6jq4wXNEZvVnp-7kRekb8sFXSCBIsYSLZRGeHKln8E&sai=AMfl-YRF1sn34cwJaG1Q0lLZp_M6xYDxamjqe2pFjFRn4-dOTfUqdO4IU7-7QOt-9Y9ZrPtKwjrpJclOLI1nKP4wGZn2hMOBfQhEqOAyXLVoROXTt1pTbiD5HBurP4_3FuSLJKiMKSE2oE5fLPaYYRn0WNHsoXDeciRDr9Zdoo8KNOpDfo4bjFYNuw1jBUvRurJxfwO2PEmE76xlyOl5yxKjTNCKpxE6zVt5eTwek_jw-y01CmThHeHnusmK7wEzzQxmBHbeuc91E0PfhSRCOKRyh6WtJ3B-sfhfDfpTmdxuMIGZYwjogUtQd7B36FK3YH7qHmsspj4MH5cjfFzx7cYwWb_4ebcv0wmoHvF2fFp6On3T6HmHgragAIgAKrOhRk28xAEkhv0Yl7t9oLBBJ9N7cpRI-IKNLhGiwVNUWvq6xKG7ZcY4lZVOhshA5afY9EByrnmkgiLGdSG4wXJLM8CBhpu6vTI0lMtny8FQwzhuSf1uELksohhKZBpf4a-7-AyYRp5NgbULVOE&sig=Cg0ArKJSzHklJTSceq77EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hYXJwLm9yZw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240215.47807&arae=0&ftch=1&adurl=

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 21:39:49 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 17 Feb 2024 21:39:49 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4B86 41 KB
14 KB 92ms
78ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 17:12:12 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 4B86 3 KB
1 KB 88ms
76ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 17:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 4B86 20 KB
8 KB 76ms
64ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 17:11:49 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B86 42 B
173 B 333ms
195ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BCXuytq7w4SSdV5Dp876CoTr_NkI7TCuc552pa126YBTaPCmjBEtXBPgwDlsYOn64rCRxNAhrN3Xr2HyXBvf4pIBUds_V8RqWCyniN2FdK0op4bq4

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4B86 204 KB
62 KB 201ms
64ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:01:35 GMT

GET
H2 200 5101009986555725813
s0.2mdn.net/simgad/ Frame 4B86 144 KB
145 KB 219ms
65ms Image
image/gif 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5101009986555725813

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dcb308a0ea2c9de8bbdee44a276aa7649ee5b3c6b19b956f03bb7191b3f661d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 14:18:44 GMT
date: Thu, 15 Feb 2024 14:18:44 GMT
x-content-type-options: nosniff
age: 199265
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147853
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 21:08:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 79ms
78ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:39:49 GMT

GET
DATA 200
OK truncated
/ Frame 4B86 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 207e1e1afb3c9744375f80c1ab090b495ad5dbfc65f4f97ac49a113e79cbb347

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4B29 38 KB
13 KB 64ms
64ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 152285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:21:44 GMT
expires: Sat, 15 Feb 2025 03:21:44 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C934 6 KB
3 KB 78ms
77ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:39:48 GMT
expires: Sun, 16 Feb 2025 21:39:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 LHSUgr1wLjFHeKsER5iMGv
warden.arc.io/mailbox/nodes/ 0
0 246ms
69ms Fetch 18.223.141.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://warden.arc.io/mailbox/nodes/LHSUgr1wLjFHeKsER5iMGv

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.223.141.84 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-223-141-84.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 17 Feb 2024 21:39:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1598 13 KB
5 KB 70ms
66ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 5562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 20:07:07 GMT
expires: Sun, 16 Feb 2025 20:07:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E03E 829 B
1 KB 240ms
85ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ab8edff9c58f204e081ac899a8ba31288f81c61a493c8deeef596e8848b26e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rF6apVIYWE3wz17gDABzEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rF6apVIYWE3wz17gDABzEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:39:49 GMT
expires: Sat, 17 Feb 2024 21:39:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8D95 624 B
285 B 103ms
101ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKK36bQDELy4ha0EGPCxr_sBMAE&v=APEucNVmqjO4A8uJTKEJM_MLsX-t87HS9dm6w8ubqu9r54ytI6KgbuDJcfXmOp5CiYsXjVRsLx5HdKIZP0RhtCRbN51lh5QObw

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:39:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame C934 23 KB
9 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:27 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame C934 8 KB
3 KB 71ms
70ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 16:59:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16806
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 16:59:43 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame C934 0
0 124ms
103ms Fetch
image/gif 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssndMyidLTbbscDmQAyqyS4ExpwDZ9tjX2km-OUWwqU6H7zFEy2Ce28L1WKtILki4FHHLL3IRi2A1bSpOEGx0ln7m_PJGgOAw1q6bmivGRVpjarANYDhRISyDmd8BmBQ7pCCrCXwSlTePe33Z31p2LF8KcGa8AKS7cOFWwd0SvFsyahludzg_8_Yr4pOLM0zHZwsVxJbzIYvei0UHsMmiVlkj7dbV9ym8ZwnOBPfM2fOmCaI7nveWZbG0ZZm6iAcvwK5_i-aSgi5SDHeW1zQSlE9JZqrpy66CijTffvpgi01q3CH6qLGhOp9lX7z3bnjfpV1ewBKMpY8XEwKv35ahYlOxzYJwXIIqsHR8ohCVseW7BYUARkaCqe16jYryjdxZAgT9zdWBlGoaiFm7wsNhY9bUMAA5Uwojr6ClP5F8fR2G58JsdIUYTa4roBN-cU1lfe4aFUyyGpao5PCBYXm6lbw9H9R8pZFVy2CfgcHh3hnrNwhg6_yGsHcl1c-pfuc_plZyLnnmdzGOrT8ikdosTQhk7E-g_ae3dWuPVkI7V6sutbdXlLCayRZlzoi5ucZ1ms1FcSx1rfZdpqpq50s_aeBZgogAqXyzPNt_cuk7qb8tV49pWuoBahxLBUQxNQdPnTQQ3UpivaA8Y7UiXX9FMGJ_SrrqCR8Pjn_Rzt3B5870EQD2PPSc1u5EuqFqiAC_0otHUfB7JCFOtPN9P37HDgXmLH9cp68UYQpRlfyyAwq7_28q85q9CXrPDEz3WkO43Si_iEacpvkmVrXd87CWsjj1-xn0gdw-qg8fU5AJtSshIfoLIraMFtsx_WLqfskt0ggnDPaZ62VXfLmVvElKmc5VpVVvlz6DTuJelOJZzSP361aDTWnM0j1SpCB6oKY5p0I5kheqhkAeFkG8FdzJkknoVZ-33O32QhvpCYA0lRyK4n7mw9q3Whq0qUuvwvtT91Uk2AXkM97xzeYORLjyRYU5u1PDEuuWS4-1-Nd11BaqgxKlYbJSHSColSVJ-B_WFw0OXjINM_edv38xSc2Vrq4daaojKIxMnoaMNd4QAitXIcbU8-JWPaBmWCt1DE4R347fFtePImi2I2gnNTNQscThPJt3o_XfMdaZAr75eQDh0_jZlMmvyAKfahW0Z21di-w2gonR5P9uhqsbUGGqWo8BDLlvzkpN7uHZ4WvqyxcjrnEJ_smc7o7PU0NYR0zchZB-jqTJ-T3VSjMTbIwPCkW-skJM3GKP6YdkbKYB8RYsI7P-cvBgP8OovM0wipmTRQyILjhCBMnx4fL4Qf92K0T0yElOJeGu-57KkLIn7dvrg-Ylv_U5VX-7WpnRCBwd6tp29QGP8ISBL_oxjYa287G_ZPSVLVnEwNhyIp3-BlLoxc68EzN7kUBtSIIG-i2pZwgDqQQTT47jeL_HdtejDGPlhXazQGG290vXf9t5Ev0ABf2MlTKg2hHNYxDaCB497dwDT8BeyayFhwKFu_bEWptvF-QDg&sai=AMfl-YQ9WSAaqgHIoF9iRPX5qx4ZmjW9nSg0AJHvq_FWvQJXBzclb4RFuGo8U4ElPLjGkLD4c3r074FDoqHFahWMZTd1ag4u0_LMnf6e_89Y60D0LBodP5n20QyIaHBfThpIiE_XL_Ed2TnU0sUoiFkg9TXtW2rwFQw_hrvXuvYgE9QTjmVec3wzp9X21-ErdfhDgDoliDcvaefTTHNMK6MSmSYb63BHTtai4x1TxNUUSMVueb99IRoSk9M2JcWuD4rmFhbHCIL8DFzvD179nNCAlS4LqRFnFv58G4DnYxcLTjOSowr9V0TxA0d1Mod4uxuMNpJ5rbL0IatFd4x2koFefwrGau1WPZcZ9tKR20EeKbgXIkfyJH8H21jB4Wo4XXnMo1kugUvMtZO6xOatzuxyZJgmE0A2xtlKVW4lUCD5pyrFjgPOEcl5trSiuX22ghznUVydJo3Wa1ddCP-9KhmIsOzfzolWxOx5TduvIaavU600lNmrk-PyOTrhGXqSjhRk6PYPU-YXpJzJXA&sig=Cg0ArKJSzARZlTKAoLFLEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9saXZlYmVhbS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20240215.78083&arae=0&ftch=1&adurl=

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 21:39:49 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 17 Feb 2024 21:39:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C934 41 KB
14 KB 68ms
65ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 17:12:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame C934 3 KB
1 KB 66ms
64ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 17:11:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame C934 20 KB
8 KB 69ms
66ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 17:11:49 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C934 42 B
107 B 143ms
128ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DP355fYjJaTV1ZQun40lJSRJXcjPUAF5K6UK7MiBUve5mN0iw19alWGFOpl_t1kzRgUtidTShA7c2QesfTuAwG0EGIiIfdsQKvFE_LGGNA3vFKsWs

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C934 204 KB
61 KB 77ms
63ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:01:35 GMT

GET
H2 200 1608152142700856418
s0.2mdn.net/simgad/ Frame C934 58 KB
58 KB 109ms
96ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1608152142700856418

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66803328f1ae4c73f53c1437c894e0340cf9c4c78b6d077eefdc5216e8a9e608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 22:00:37 GMT
date: Thu, 15 Feb 2024 22:00:37 GMT
x-content-type-options: nosniff
age: 171552
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58993
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 12:24:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6205
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1

43 B
774 B

81ms
80ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDQJxDY9ScY_c_ohQIwAQ&v=APEucNUKuPT3ML8odr3pRpxY6wr9GySJJ6Bt_ugcHHZoQPyBFeW6oC0XjPd1BxFVBYXmG6xvDvSli0ifryN7ruO6oPVz_LaI7g
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nktK%2FB0ZDCyCXOrRlbV6T%2B6szAZrqChF%2FVmzAegOm27fmTHyzjWzUuj1R67h5fFSnfi3rO6vKCrngkRfFmT8NHRtDZ7%2BlGHr0Bm5yG9fd14HrV7aNBgYcNpKC%2FfAmIwMd%2Flj9VzWXPLClQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85712f6c8dc2da67-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6205
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEnpdHM75QAABR7ABD5HwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1

43 B
738 B

85ms
85ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDQJxDY9ScY_c_ohQIwAQ&v=APEucNUKuPT3ML8odr3pRpxY6wr9GySJJ6Bt_ugcHHZoQPyBFeW6oC0XjPd1BxFVBYXmG6xvDvSli0ifryN7ruO6oPVz_LaI7g
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BragZcpFXgy7%2FPYwiMFaLBqz6jXUgbRTfXjWVrmC2o%2BSxB%2FxJOxZXmjpQe0JwnGDvffW85R4Hxe7ZewwDr5Dslt%2FDT3Ch0wCRUGpZXuRmilLJnznosgIhMRpExh7Or8BiqsNkI0d%2F9o0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85712f6d5f69da67-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 6205
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGlOETGWueHUdeuCX1XL5uY&google_cver=1

43 B
1 KB

119ms
118ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGlOETGWueHUdeuCX1XL5uY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDQJxDY9ScY_c_ohQIwAQ&v=APEucNUKuPT3ML8odr3pRpxY6wr9GySJJ6Bt_ugcHHZoQPyBFeW6oC0XjPd1BxFVBYXmG6xvDvSli0ifryN7ruO6oPVz_LaI7g

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
an-x-request-uuid: 33223080-c797-42df-9022-f8aae963fb03
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.72; 38.132.118.72; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGlOETGWueHUdeuCX1XL5uY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6205
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEwMzA3MDk0ODkyMTIxNzg0OA%3D%3D

170 B
232 B

85ms
85ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEwMzA3MDk0ODkyMTIxNzg0OA%3D%3D

Requested by

Protocol

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
an-x-request-uuid: ca9eb0ee-db81-4d93-9462-ec18404a93fd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjEwMzA3MDk0ODkyMTIxNzg0OA%3D%3D
x-proxy-origin: 38.132.118.72; 38.132.118.72; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B29 39 KB
15 KB 107ms
100ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 20:08:09 GMT

POST
H2 200 9 Show response
thubanoa.com/ 6 KB
3 KB 147ms
141ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/9?z=7013738&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&oaid=f247597d96d84d17823e7119f6390db8
Requested by: Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 90151b963997a3db39b5d8d617142ca032dbb484a74008b6c5088ce86acc164f

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: e917b38271133a8fb3c588b8ba99c998
pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
content-encoding: gzip
x-sc: FFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
thubanoa.com/ Frame 0
0 433ms
147ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/9?z=7013738&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&oaid=f247597d96d84d17823e7119f6390db8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hubdrive.lat
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://hubdrive.lat
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Sat, 17 Feb 2024 21:39:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8D95
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1

43 B
740 B

94ms
94ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKK36bQDELy4ha0EGPCxr_sBMAE&v=APEucNVmqjO4A8uJTKEJM_MLsX-t87HS9dm6w8ubqu9r54ytI6KgbuDJcfXmOp5CiYsXjVRsLx5HdKIZP0RhtCRbN51lh5QObw
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdvEAQrAM4ekvVEDqKB7JmytDspJU%2F%2FJg0ZNs8km2eZ4xpBIcBfp4Jxn8noB4vF%2B9QVR%2B%2FN6JS9elmue%2Bjs%2BIJmBCrTXnU%2FC5MTJx3GRep9spDphDzT8deL6KoAuT4mui2CkVtwoF5DTEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85712f6c7da6da67-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8D95
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdEnpdHM76EAAD2WACQ7IwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1

43 B
733 B

88ms
87ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKK36bQDELy4ha0EGPCxr_sBMAE&v=APEucNVmqjO4A8uJTKEJM_MLsX-t87HS9dm6w8ubqu9r54ytI6KgbuDJcfXmOp5CiYsXjVRsLx5HdKIZP0RhtCRbN51lh5QObw
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=944ji%2Fo026TV5I29UDdFvlSfBBPsdV88qhU%2FCwbPATf3eQfWi6YYWQ6vx5VUnBnww9io69ZgGLDZYdXQBrMRtKVphMLPNpnICtNYU0VRW1AcrwIrtaXLykAS4Kr0Ls4smfFdTymATz%2BASQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85712f6d3f2eda67-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgnnZBASxBDSlN5IlS0VZg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8D95
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGlOETGWueHUdeuCX1XL5uY&google_cver=1

43 B
1 KB

70ms
70ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGlOETGWueHUdeuCX1XL5uY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKK36bQDELy4ha0EGPCxr_sBMAE&v=APEucNVmqjO4A8uJTKEJM_MLsX-t87HS9dm6w8ubqu9r54ytI6KgbuDJcfXmOp5CiYsXjVRsLx5HdKIZP0RhtCRbN51lh5QObw

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
an-x-request-uuid: 93ca42a5-5b1c-4bbe-bf01-364c86aefaa1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.72; 38.132.118.72; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGlOETGWueHUdeuCX1XL5uY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8D95
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI4ODk4MjU4MjcwMTQ2MTMxMA%3D%3D

170 B
243 B

86ms
85ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI4ODk4MjU4MjcwMTQ2MTMxMA%3D%3D

Requested by

Protocol

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:49 GMT
an-x-request-uuid: 1e672600-8f6e-4d7e-86fa-69ce7e3b58ab
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI4ODk4MjU4MjcwMTQ2MTMxMA%3D%3D
x-proxy-origin: 38.132.118.72; 38.132.118.72; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 96ms
95ms Image
text/html 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-8QTNRD0R4M&v=3&t=t&pid=1748175508&cv=1&rv=42e0&tc=16&es=1&e=gtm.load&eid=10&u=AgAAAAAAAAAAACA&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 4B86 0
0 98ms
97ms Fetch
image/gif 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvatfEc_9zQ-tRaoQKVXJMjuUKYCrCy2n5aPqhzT0nvXUTWs4Cdh--loAAi05cmRNVXeGzCqNR-qUYIZSEF_z2j5E8w-XwdRqDNJGvwHjyE8Xb_qcHLOmbBgsWwqtekXgzLhfgTFyMDKhamCkogAoGsq19DB7w8zAmP41lR0qO2gK6XVxz14_JxtznUfdK7WQ-rxxNTo4omI5pLqRV7OwOldGyvT8sOft6xByzgjJuASOqXSvvUjueZUSClc7Ad4mhFnd4nGRhu4LlpmufFgRMVkjP6MgjrMrDXoxEPi7JSBRNzVgE4VT5fI4iZmb91VnsVyADKmliqQp1cBs9wZi9JxX2gpUIvISWSLQQFSO7MZU1JqHJ1Gnx1SMbT1SvuLK1m0O73VhaUC2D8nfpBxDmbpk6CSP0TLPoQBBp8E0BiO92VFtn0mXOtGGaYRrBfwJfITZdlpSsrHl9XqzxxHwDaw5K4M89ndXFRaQ71m_DO__krCbW8b2hyhoU_w0_7Z2xJwm_J5of3ePaqq7Kj2wquhmOhIc3XmIkh_3YPDP4JYPt2JOX5F96hw1kYPsLtcoNy75waxEXN381LmkwvmJlsEgIc9NmZ_qDRpydAwpmwzQ4AVBZFALUis3GlCJJzna5VRnHwviuYjQ-Td03PmXLgc4MF_wVgQN6tfg1xKLeAE0dS1FlQjv7-Arudwcjtx1643q0-HnfZQuO_656U_vpSGr424Y6IwMQBmUoiR1mywCuONF2xoaaxBUmwtgjccI29ZFYgTvPTI9HLKJUX9b8-LLuEO7nxFSUQPB0R0cvxBa2Zyv2tZzLk-M6mrvNTz51N1VNMjmcJFfM5Dv921j5F0h_wSnnKdrvVaNxbTbpqf2w6ypcdbQjMblhiyg3XoW9YW3T2xUzSPqwmFw14Zf6DcxCvMNDJ2_Zt3T3Mb-QL373UvBHia_6_m9J1BmGDYfMcqWuQbEfHpGEpCYzwDlxNCUbWmxhHyr3ibu7n6Gdw7BX5n-y5L9LO1XITM-BzMl1IrhJ4ogrZz7CLeJn2ODv7i_orZtPi8zCse6wGzZtBglnYT22_DOxpT75k21goizDpb7Oo4rFAe4F8HhL6W0I-QhakMgQM4TwIc6MIwf288lKHtS_2eYDwIFFBRTenRYzS6nOe3IGEKso0geyWfsihHimOOX3SU46To7QJcqiOZzIiXaKIrqOML0teO0-AO-zisoNhlWMbr_q3cRTOzxlxxcZNZ98fvjL-G-vYdeNKwCwOUNDnw9hlqQ2uH5_lRqpO8jivoQ6xNPGlUTSU2zX4zpy4VJtKGp1sMK3PRZ6CdvFrx6J_caHkMvYH9K-aTtJm-fz4BV6yuAj0BUNUYljGn1_Jh5pbNXHagb0YHSRU_3Zqei2dY-U-x9f9P0HjcsyuTSiPOtuHb-JSrS1sugL8zR6jq4wXNEZvVnp-7kRekb8sFXSCBIsYSLZRGeHKln8E&sai=AMfl-YRF1sn34cwJaG1Q0lLZp_M6xYDxamjqe2pFjFRn4-dOTfUqdO4IU7-7QOt-9Y9ZrPtKwjrpJclOLI1nKP4wGZn2hMOBfQhEqOAyXLVoROXTt1pTbiD5HBurP4_3FuSLJKiMKSE2oE5fLPaYYRn0WNHsoXDeciRDr9Zdoo8KNOpDfo4bjFYNuw1jBUvRurJxfwO2PEmE76xlyOl5yxKjTNCKpxE6zVt5eTwek_jw-y01CmThHeHnusmK7wEzzQxmBHbeuc91E0PfhSRCOKRyh6WtJ3B-sfhfDfpTmdxuMIGZYwjogUtQd7B36FK3YH7qHmsspj4MH5cjfFzx7cYwWb_4ebcv0wmoHvF2fFp6On3T6HmHgragAIgAKrOhRk28xAEkhv0Yl7t9oLBBJ9N7cpRI-IKNLhGiwVNUWvq6xKG7ZcY4lZVOhshA5afY9EByrnmkgiLGdSG4wXJLM8CBhpu6vTI0lMtny8FQwzhuSf1uELksohhKZBpf4a-7-AyYRp5NgbULVOE&sig=Cg0ArKJSzHklJTSceq77EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hYXJwLm9yZw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=447&vt=11&dtpt=446&dett=2&cstd=0&cisv=r20240215.47807&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 21:39:49 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9E5A 38 KB
13 KB 73ms
73ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 152285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:21:44 GMT
expires: Sat, 15 Feb 2025 03:21:44 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C934 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 206990309abc82f83cda48281612279a46e32424883e7ee847bb72bbd2baa7a1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame C934 0
0 98ms
98ms Fetch
image/gif 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssndMyidLTbbscDmQAyqyS4ExpwDZ9tjX2km-OUWwqU6H7zFEy2Ce28L1WKtILki4FHHLL3IRi2A1bSpOEGx0ln7m_PJGgOAw1q6bmivGRVpjarANYDhRISyDmd8BmBQ7pCCrCXwSlTePe33Z31p2LF8KcGa8AKS7cOFWwd0SvFsyahludzg_8_Yr4pOLM0zHZwsVxJbzIYvei0UHsMmiVlkj7dbV9ym8ZwnOBPfM2fOmCaI7nveWZbG0ZZm6iAcvwK5_i-aSgi5SDHeW1zQSlE9JZqrpy66CijTffvpgi01q3CH6qLGhOp9lX7z3bnjfpV1ewBKMpY8XEwKv35ahYlOxzYJwXIIqsHR8ohCVseW7BYUARkaCqe16jYryjdxZAgT9zdWBlGoaiFm7wsNhY9bUMAA5Uwojr6ClP5F8fR2G58JsdIUYTa4roBN-cU1lfe4aFUyyGpao5PCBYXm6lbw9H9R8pZFVy2CfgcHh3hnrNwhg6_yGsHcl1c-pfuc_plZyLnnmdzGOrT8ikdosTQhk7E-g_ae3dWuPVkI7V6sutbdXlLCayRZlzoi5ucZ1ms1FcSx1rfZdpqpq50s_aeBZgogAqXyzPNt_cuk7qb8tV49pWuoBahxLBUQxNQdPnTQQ3UpivaA8Y7UiXX9FMGJ_SrrqCR8Pjn_Rzt3B5870EQD2PPSc1u5EuqFqiAC_0otHUfB7JCFOtPN9P37HDgXmLH9cp68UYQpRlfyyAwq7_28q85q9CXrPDEz3WkO43Si_iEacpvkmVrXd87CWsjj1-xn0gdw-qg8fU5AJtSshIfoLIraMFtsx_WLqfskt0ggnDPaZ62VXfLmVvElKmc5VpVVvlz6DTuJelOJZzSP361aDTWnM0j1SpCB6oKY5p0I5kheqhkAeFkG8FdzJkknoVZ-33O32QhvpCYA0lRyK4n7mw9q3Whq0qUuvwvtT91Uk2AXkM97xzeYORLjyRYU5u1PDEuuWS4-1-Nd11BaqgxKlYbJSHSColSVJ-B_WFw0OXjINM_edv38xSc2Vrq4daaojKIxMnoaMNd4QAitXIcbU8-JWPaBmWCt1DE4R347fFtePImi2I2gnNTNQscThPJt3o_XfMdaZAr75eQDh0_jZlMmvyAKfahW0Z21di-w2gonR5P9uhqsbUGGqWo8BDLlvzkpN7uHZ4WvqyxcjrnEJ_smc7o7PU0NYR0zchZB-jqTJ-T3VSjMTbIwPCkW-skJM3GKP6YdkbKYB8RYsI7P-cvBgP8OovM0wipmTRQyILjhCBMnx4fL4Qf92K0T0yElOJeGu-57KkLIn7dvrg-Ylv_U5VX-7WpnRCBwd6tp29QGP8ISBL_oxjYa287G_ZPSVLVnEwNhyIp3-BlLoxc68EzN7kUBtSIIG-i2pZwgDqQQTT47jeL_HdtejDGPlhXazQGG290vXf9t5Ev0ABf2MlTKg2hHNYxDaCB497dwDT8BeyayFhwKFu_bEWptvF-QDg&sai=AMfl-YQ9WSAaqgHIoF9iRPX5qx4ZmjW9nSg0AJHvq_FWvQJXBzclb4RFuGo8U4ElPLjGkLD4c3r074FDoqHFahWMZTd1ag4u0_LMnf6e_89Y60D0LBodP5n20QyIaHBfThpIiE_XL_Ed2TnU0sUoiFkg9TXtW2rwFQw_hrvXuvYgE9QTjmVec3wzp9X21-ErdfhDgDoliDcvaefTTHNMK6MSmSYb63BHTtai4x1TxNUUSMVueb99IRoSk9M2JcWuD4rmFhbHCIL8DFzvD179nNCAlS4LqRFnFv58G4DnYxcLTjOSowr9V0TxA0d1Mod4uxuMNpJ5rbL0IatFd4x2koFefwrGau1WPZcZ9tKR20EeKbgXIkfyJH8H21jB4Wo4XXnMo1kugUvMtZO6xOatzuxyZJgmE0A2xtlKVW4lUCD5pyrFjgPOEcl5trSiuX22ghznUVydJo3Wa1ddCP-9KhmIsOzfzolWxOx5TduvIaavU600lNmrk-PyOTrhGXqSjhRk6PYPU-YXpJzJXA&sig=Cg0ArKJSzARZlTKAoLFLEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9saXZlYmVhbS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=209&vt=11&dtpt=206&dett=2&cstd=0&cisv=r20240215.78083&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/1707753195

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 21:39:49 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1598 39 KB
15 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 20:08:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E03E 0
0 127ms
126ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402130101&jk=2248023175560213&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E5A 39 KB
15 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 20:08:09 GMT

GET
H3 200 container.html Show response
be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D8C 6 KB
3 KB 66ms
64ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:39:48 GMT
expires: Sun, 16 Feb 2025 21:39:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2D8C 0
0 139ms
137ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CpceDpSfRZcu7E6-1vPIP-IG16Az6j4XmbaCDqMWtDcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTk2NzM4NjUyOTE4MjkzODbIAQngAgCoAwHIAwKqBKYCT9AKcpBSpjsYeR1gYfZtCznoN7SLU5JR2QqzkxhEBqjd5bAQjqHCP4mzcm8DMj98MRoTSC5OoeyNE6QNTqCAsw-s_b5Y52skD8F3f5ch626Z8xUsmKc3vIV4N5_9Cq_ShSXlYo8vYJBNdKyOCfA8km06e9GUAs3O02IDEgQYv4DWUuKcp57dB9h24pDXiAS7R_ck5THR85sx2tmM6cPJylLMeDuHjXVf8l7PY7pdH7MF0G2OkIZI3edc_HgAmUTMlsWZ_mch6QC9AWY4UlwAHlu3n2WQdFWQD75Y7jZgWe9JRkL2lxb9ZoOh0jtoSnfEijiSfrMPkN3ChU51IWL-byQIgxwWzGMFchl09uXZ8XtUmSTnIQ0_0-6FYj_9GQvG_cU6uJoP4AQBgAao2Kr9yuKm1fABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgIAISL39wTpY3PicmauzhAOACgP6CwIIAYAMAeINEwj_nJ2Zq7OEAxWvGk8IHfhADc3QFQGAFwGyFx0KGxIUcHViLTk2NzM4NjUyOTE4MjkzODYYp9yUAQ&sigh=H-l-RSpcKmQ&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_GPiVwL8hiov3-fpxcAB6LQLLnzoaptWv-urKCj7FQwmfS4unq3FrpfE5Mu7RAPxUn9uOcvngT6e6lip1NWCo0eSE8bNk-NzNqxgB&cbvp=2&vis=1
Requested by: Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 win
8proof.com/app/ Frame 2D8C 0
44 B 213ms
67ms Image
text/plain 52.116.53.150
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8proof.com/app/win?id=732671172985&ap=ZdEnpQAE3csITxqvAA1A-Lw0Csdy0bzH7buq2g&brid=NNC5G8RCrSwr2E4mtDoUwA&t=b&cbvp=2
Requested by: Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 96.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:50 GMT
content-length: 0
server: nginx

GET
H2 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame D1E9 13 KB
13 KB 234ms
80ms Font
application/octet-stream 2607:f8b0:4006:81d::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
Origin: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:17:24 GMT
age: 1346
x-guploader-uploadid: ABPtcPqdTAIBGPP07ohlCJ2eWm-tIhrk8gz-8WpZQVQqqPBx5z3DyJYSAHo_XhkKwuPj5jCOta4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Sat, 17 Feb 2024 22:17:24 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame D1E9 12 KB
13 KB 220ms
66ms Font
application/octet-stream 2607:f8b0:4006:81d::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
Origin: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:01:13 GMT
age: 2317
x-guploader-uploadid: ABPtcPq5Yhh1LfJ9DgL56xD3Wft7HBAt8RfUlQdhAqEi2ajfAF6l9tg-UIO8NGS0UDeiyc1uqzN1pSyGWg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Sat, 17 Feb 2024 22:01:13 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1598 0
10 B 64ms
63ms Image
text/plain 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?va_sZg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B29 0
20 B 130ms
128ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcrFapCfRZfmXJYuWvPIPqNWc0AgAAAAAOAHgBAI&bg=!s7ClsP_NAAZN4L4YbeA7ADQBe5WfOE8jc6ivyT6kyAl350rBDuZwlXPKCQSpYFLIcoj913fq2ybDa7pXGwK5ZsWlQvKAAgAAAVRSAAAABWgBB5kDCqCsx4-q2UcvxyYgXIntMUhbavPlElxryO9-yX2mmr2sRJzXKAEk_U5CS27BgFG7ILgF5JClFPopWp6bvy3N0BiAFOkkhDv8FmwFAKQGunhnEjqV718ZHcwo3NnbPRaduL927ZALVUGRmKWWdwkkgwm_3gxVQY6VtFDVRFLersJcP8dPJzWzDvpvOxYSD2GaTZmHUr6WCf36tRDPk9Q5_JJmny3GJUfvellrH9L59g2ysTYkB--MPkN5Z8hSEKLuoV77w3RxNfJvp6CuYvYmKxNH5ccK36_VcJNBKnMAHnp1NKJP-BuEEwLk0ydc8jHqA5X-VIpmTq2MHwaHCxAGy7zTo_0NJXuQLse37zE7KLqzLx-6LNG1HDxAfqeHxLs_Dq0nC_YtaG5hdChfP8oIj1O2s-gIFAXVJGl4izmde9hw5-hDhzrNpRNvSU3pPR_c9k7IOS_Bcv0wc-bhOSVErS8Aqo2645QySGnRDaMoqlAAHDq8a-ublP-2dcPMwlEbCZc6AxkylNnabIWE92I84dkVHUeK8_O5HzifRmsEjCr5dNX9jk5HTn_Ur-ViTnAty3aOt1p_Icaf_jTuT44w436zZArLDQK7OuKLOKCMNHWv5cRLW0udOZlipdZNzD6VVm4xttfyuwquNwVdVF2x6uLGI4O7q8f8KXeF7Jw7_k-WNDLpRt2BbwBwnAm1hTP2Dc9B6RAW_JKsulZP5KKbRCfgiZnZ58_ayMCIsvMMtOLYKLufNFclbzbkiB-PJQ9530hiwQKRqmdibiKyRuWNqme69qb4h_if4dceh81dEiM9xHIMIHuLJJlxmUhkBS3x9-u6BGrkQfbCjTeP3J1u969ghDhxBWAIMBVO4-OP0ij0xwB9uneGjXiwO8Tc68dLzbdqAxS5EeCkLmL8QtIm2xuOAiusamp8TlphVgLLMrd9Kz74EyujrpfSKZ0jEZkFEn5Z9jliOAAwgEmLMqP7Iof5jSY5dAY7yHy8XTb7kwaEMuLUH5YLCxV0FFtJ-NNMD68Um2_ivIHJq5U

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 11
thubanoa.com/ Frame 0
0 143ms
143ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/11?rnd=2792388477&z=7013738&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=yJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo&ruid=4a47d22a-4b61-4842-af9e-668883819508&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&ot=599
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sc
Access-Control-Request-Method: GET
Origin: https://hubdrive.lat
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://hubdrive.lat
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Sat, 17 Feb 2024 21:39:50 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 11 Show response
thubanoa.com/ 0
664 B 140ms
140ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/11?rnd=2792388477&z=7013738&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=yJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo&ruid=4a47d22a-4b61-4842-af9e-668883819508&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&ot=599
Requested by: Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
X-Sc: FFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: 6c970a1e3bb3c9bc98e517c05929f893
pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
x-sc: FFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
interstitial-08.com/ Frame E731 22 KB
6 KB 466ms
163ms Document
text/html 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3290176225%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo%26bag%3DydU9kaAfa6I%3D%26ruid%3D4a47d22a-4b61-4842-af9e-668883819508%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1707753195%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DFFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
Requested by: Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash: e571f01efdbaddcd862e78dd681302574b36f10254085432d81db3a9ee103f9c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 21:39:50 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E5A 0
20 B 130ms
129ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BaVNtpSfRZfY8p4beuw_HlJmwBQAAAAA4AeAEAg&bg=!AwClAE_NAAZN4L4YbeA7ADQBe5WfOEtTlMG0yZ2WmaC5jupXf-IT4stUGjqcWdtVgiHJQ0Tb5JS2tNuwHVZmDWzamEXaAgAAAQ9SAAAABWgBB5kDEHIYqbP8UqPx7q24Eor27eny9MYXLQLAPyR5XCDphslse79wGjQdcPOvj-k5qSXPDtXd_FCXIs9yGTA-7Ze6qhccwjpp_JhcH-NqKOI28N1mPQ2cWLhjD-Fks7KkUfYB_CgZ9yck2W55JlKfIVb9XTu3w5XANs8yPRH9X-epx-2Ncu2yxoElIe1CVkU9Sc0dmEBRby9Uwgw6LVIIbyIWZlyLiFKKbMDx7wmI2zaHiRXtMUdcQA3LUj87ut86-glHHwfLLOs8jLYczLc-gfjhdNU4WKLNJTY1sZUj1T0HsELYuv4GrnILfSbFhdL8vIbzbZCyLkt_UCyMtdfSau_qX16FxOwoOV1tXox1L8bhoKStojXOH0MwtWGVkRX7RbA4ODjBUZDi6rE6d-RyfwNgOzsRId34_-x-2AsPn9gdFFzVF3ug1hGWbEL214Dz0qwiwwwBE110GGPsJ-hgJcXvAaxhyr29kVTMa9L-b0TdhJXWnftfw2RimwuZ0WBqHYtHyRbcKRT6k8kUn3aQaQJI0Ki8G_xX8QwL8jc_UjqS_KzsjyE6dTAzLZDEnYcJyPgBtEn7Qd3p7S-bDVlC6XDEDIS2PDKkqB8zOG6wSTOSAJK0RudhNrC9tzu2GeIdEfdRvvDqBosPaBO3skPmNPyae3cDbQtiAmJ-NkgoEmdF13-IBhiXg1sXLmjqrnQYgDjNHk4vGUZSVnUzuINMJ0r0vPFvUjPJ1NbPax6uyO5SMY-ljqME1MXTCu8ToPccVnGUxnvONK9n8p0jlfngqXX-xeGQjrwKumHvSUuFFlm-MzXBKCvLX2WJY2I9woJadvfN4f3i_iGmUdOcMf2l6VZjbml8KEroR4cBlzx8z7heHIUCtvNRjLzYOffcaeBp-gxgJmUdfmiPCDGrNlQr80KtyhgbDDDnsEZ7TK32x3ZKSDRjPggXNmBOrnPAah4cFatxVnkZcQe1EDF3RMMNKepzVZShoFQe9AG4MBBd6usDgk6jpOdUR9ZfC_DSJ4eFg_FxJ7FVpf9wVfD4QBTdtJnPZrA

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1F07 6 KB
3 KB 67ms
64ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:39:48 GMT
expires: Sun, 16 Feb 2025 21:39:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 18C4 640 B
265 B 105ms
103ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARik_YSAAjAB&v=APEucNWdTWB1XmH-Xde-E4QE7TbHt2U3bjgzhyBz2dAaMnfEirnq0HjFBKQIcrmbDVTf5j91-5RtcdgXurqIwIUeyD4CyVJcdw

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 21:39:50 GMT
expires: Sat, 17 Feb 2024 21:39:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1F07 93 KB
33 KB 132ms
131ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 21:39:50 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F07 42 B
63 B 180ms
178ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DzMcPTVfMOVNyUILSKxsHJXzmqsPY0JkL8lxMWh_ulfhmQXc7dY4vOtqSYI6Yw5RImUaZiZ_zv2H_2BlqUx40_lAeRpa3ddshMDd-lLPbQTP07oAg

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 1F07 3 KB
1 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 17:11:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 1F07 20 KB
8 KB 68ms
66ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 17:11:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1F07 204 KB
61 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 22:01:35 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 18C4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB56fG7ZeHnvzQq9_mia1-A&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEB56fG7ZeHnvzQq9_mia1-A&google_cver=1

43 B
163 B

51ms
50ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEB56fG7ZeHnvzQq9_mia1-A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARik_YSAAjAB&v=APEucNWdTWB1XmH-Xde-E4QE7TbHt2U3bjgzhyBz2dAaMnfEirnq0HjFBKQIcrmbDVTf5j91-5RtcdgXurqIwIUeyD4CyVJcdw
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEB56fG7ZeHnvzQq9_mia1-A&google_cver=1
date: Sat, 17 Feb 2024 21:39:50 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 18C4
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2NhMjIyNDUtMTZhYi0yYzZkLWZmYWQtODVjYTFiMzI0MDky

170 B
188 B

84ms
83ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2NhMjIyNDUtMTZhYi0yYzZkLWZmYWQtODVjYTFiMzI0MDky

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARik_YSAAjAB&v=APEucNWdTWB1XmH-Xde-E4QE7TbHt2U3bjgzhyBz2dAaMnfEirnq0HjFBKQIcrmbDVTf5j91-5RtcdgXurqIwIUeyD4CyVJcdw

Protocol

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Feb 2024 21:39:50 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2NhMjIyNDUtMTZhYi0yYzZkLWZmYWQtODVjYTFiMzI0MDky
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame 18C4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFaDLNwxK6tR96EGZfd8kUY&google_cver=1

23 B
278 B

185ms
79ms

Image
image/gif

23.52.161.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFaDLNwxK6tR96EGZfd8kUY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARik_YSAAjAB&v=APEucNWdTWB1XmH-Xde-E4QE7TbHt2U3bjgzhyBz2dAaMnfEirnq0HjFBKQIcrmbDVTf5j91-5RtcdgXurqIwIUeyD4CyVJcdw
Protocol: H2
Server: 23.52.161.154 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-161-154.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 17 Feb 2024 21:39:50 GMT
pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEFaDLNwxK6tR96EGZfd8kUY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 18C4
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzE4MDU3ZDEtYzE5OC00YWM2LWI3ZWItM2Q4ZWY4MDcxYWVj

170 B
188 B

82ms
82ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzE4MDU3ZDEtYzE5OC00YWM2LWI3ZWItM2Q4ZWY4MDcxYWVj

Requested by

Protocol

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
server: pekko-http/1.0.0
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzE4MDU3ZDEtYzE5OC00YWM2LWI3ZWItM2Q4ZWY4MDcxYWVj
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Sat, 17 Feb 2024 21:39:50 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F07 0
20 B 126ms
126ms Ping
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8681136861526&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F07 0
20 B 131ms
131ms Ping
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8681136861526&version=m202401290101&ct=77&x=1&cor=14795047693045598000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1F07 34 KB
19 KB 115ms
114ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoCcAlxjpxLvVRLw6wnA4P3zImLxhIiaZJiko39HBH7a-ng81MWLKzFkuF_a2d7vbBs6BAU6SjYXAQW4zUvoUPaNIXTUdO-UI-kc2lbcHZG5E6B3LRwqAAaFr-XcB3JRxnTeExpUaYTAvVCzYEehRtkbrmtbkDdh62BoMh4_1P_h7YmyA&cry=1&dbm_d=AKAmf-CsgG8VGtroHkfbGGLhgwhMCHOm8pDBKRjNCekjo5mDkRRS2FsRmM00JD6x1Md0049e9ThVbT1ZNFdeKT2EYxxImh-BPejPsJRp9n4cqKdC_Mv0O2FCs_8rtNNXkwLnpr5718b0v-Rr1ZBm0H72yFCi1Zz18WIIvPlEBc_z4vZL43QjOOIYio8BTZZ7hyQzVjhj39-CwyrusK_fH_BuzjzPIFVZXpGP7Rq4XHJbKGMiy0Ewmr65JofjOcRiRi-kz7HFDVHGNuKJfKdybtI6qWcY1CnkReLWpFj-qQIaR9idFD7JVCr9OxgSMMWRd6Okq7ERx043gmdTmOgj-Wy0W8GACyI2Ns2LngXkJGbIwcOac9YPJgEHJtcWVCk24DZTVf8vorxiMfk03KOmtv8uF_ZOj0zfzwO0pWiTnCm_6vS4f7GirPnLGRJ8whKSnJkjgEFUCnkTL3mGJEY1TtkC5GopcEGB4x88B75ORCkO_lU791VES_MZXyP7izMTj4gKGKeoiTHr8JKWLm3kJZOdSDZBkvy3568bX5d63ZBq9u_IdTcIbD8kGLyAKrW4NlclhQsGb7QN81VZ3W-d_IBhMGEbcPa1LiMfZJUA7BBwqh2O5UE98BG88TvUSXzREqnrUN3a_a0KzA-9sUeLwl2Fcjp2D8VyDma5EeJDq93mF2khuJOv1A2z4WbDQFqCR6svWuBmxindoyMBY9jC_WlACXxRZTlO17Isu8wNWGqFFijZ5n_wQiX1o37XBkoG9pmFOasNYEYJePTKFB37uuCaRKsyuE66vr30MadCyzt6OLwfJlip4RSwspmD1a3GxpEroMD0OXdnhAigRtGkg_K1B9djsaPbiwza9QsSbRwztPWxwxLjMu6Ta7wNdFtYwZGJiR46IoFeV2FQ1hlskDJnq8jxVT4OZkQVWITzIZ18LcMknHEUYhnT5GqLS2kZrAVyk-so2f_fiYW9DVMHvUs9MAG7AwjlaM7BRyQ8N2O4r5o3zDZKTKGkEXkXX8YgQ196aP95s91XxLaY-fDJ6rhDgjF89ZSFsJUBw5PzOM1tAxGfDzkWRPo-ynDGpWrQLFuJcQUAQ9BdphMA6W8-EumCguP76wVEgn96Uhtffegoeg1Un__zcOb6qFw1gsI0wfN6TI_jwl9ZPkv_mCvjkFVg_nMGRnmfPL6Q5oV_vLB2hh6ZHQaZNKconXRlSPdNXfIwanp6yHTKhd3fu-1Q2dTSwQAFAWfzUIO8zcltzcsBHTMWbgQ7fKMlnNnlToyY5jOhWQ8FPc92wQkkea4V3n0EQFMawvwJB9AqGF5N6aJw0qwA3IV_X99FZ-SwUcOy53JT0nCdR0MgvLDBnWIFisPk353LT_L45VINlJ8Fq3AtYCr50EeLnZuhVWQrYwwIYvRjuc8FYeGpl3PwqPgxiJr9nNB7J8eDvMFBuYpo_zDhLDS1GTTyKQ_gQlG57RT1Iq_xqsesE7nE62X3PoW5J1CbXSOfwAr4JKk2pdMC-36Iv0t9DZQAKBylO1rXIthA6Sq0CwlPeSatKCuoEm-HPdds7__z1b-7uDsS3s0Etd5lnucMin3eV1fHGJi37FPulHTRyTOnxS-P7KWPoeqKZWZB5-6zSGmYj_U3Q2kXydp-NZpPNhpG-w0Hx1DZgSgRUjG3jji_LmDLzTfayTd3FQUNAAQnOW_y6Di3YRv822q_gULfURIZmA0Dyt7tGlr18j9bPNu2eFvkelOHKpPCOwaGQ6d7W_M6GflhzYDn_h43ar1OgM6_dWrHk1DeLeKXuRgGyJX05LymjrL2GRiDI3rRk0Wy6n4eeDTdAGXz3ub-_mCfXGzZrRLq4dzVKJXlwcNR3h8LDaIEk0Gg5WE1QcfAVAGEtPhPYQdzhFzrKWEnvf_c1laHIU_FwoMvpzk8P-Oy19kYNieNtrek2uSdbRs_GDvTlioi2DKzJWNC8_z_6jQq6b7tvPK8zU0ZmKehBVO-rpOnuNqb9dlcWoWBbt-NKkpzSqrNcdXX7nQa2IABDsgSjcLKuKInG-jz19EhP1YL9QBT60PGn10UCPR-OTEZRdDbpIVaSRgxgsEHRkRtudZIfXTOZaXEaGKtS7PKqyi-3U6Tr_04JIM_ilRJ6KhYz78yd6BL09XcjLgCYsYR3Qy_C0cTQlFWK-vV4M86fnJI_re8qWFs3OOiOoA4BjY_psIE0G9U2wFkYd_e5fsMAEUw09ult5tAdfM1TdXztu6p72K3wfUq2Zjyh2PV-CIF6l6U9g5_2ARxHgZTDxpaF0sSiJFtkKMr8iJW-7tYDXYSEfAu7BYsiml_6oV-sW5JmC0WLyZnds0-qsQ8Sllc2u3VDH0amYeegz3BEQjJkJ6HdaxKzt33cWhcWaqHOtz4fJ0jJEniWvtBO6KNnO0GoImEIfglQYpOMCFsj4szGRJOzFCAqJxqzxbUJdrJ4KDeAvPBJqxGND-4f0x_ewDxsQGgaA4MaVvlgU_oNozA1Y8417lvOWCPdpToZ4I_SozhzezipTEsK5bG6O7dCJkhezlkzFPaAsC_tJWLjH-v1Bhul0YWeTnWLAJfGPITN03UJ7tMq4tL9P3aZfnTPuDL8Mak4a9-XPgysQMiu8f1xdF3gBKPX8q_Vv0sKIHRi6dNtsJ1d8rySOZCsZfPz67QDmhBf-PfjHy7PjomSb9xnobFXbRXQblp6Kekz2aKY6PatOJ8eIl6vZTfxdYhVO4w3r0SWPNnLCr8oqVmMrx1C54iSf83SIgBcSzXn00IQABvgTco4cQbTp_WvrYp2u_Pb4mT6GXjBciWGGfMbRr8g5_bk5K1NdFpjXS9ldyzDEpwVLf5YLP9VOWCEQZM7Sm4Yjnutw4D2Dg9JalH_vG2FZgoW5biDnb8yRBkYhUrsUUdQM1gX79psHknirziv6ugPKy2wlRAdQFhXdWcamlSLs4w4xxROjSolRLnbpsarGY4Y2JOEATU2oBfdAoUOG-MbTtMD__Jh3zBTZLtEEG2Kx9Vu7sQZZcDmCZtApOIvlwJMvoOClyXwBub2MWsIN49nYjpqlutVP5wGL2ai3tc4iaT09FeRXn0_fuAUBFL3ccEmlYNTlfcT6FRSy5MFFn22sOSd5qoahmEvMnwSbT9Tslm5rG5TmGm5QedXB9qwzclJ5z7eV6JD65ZsR_Wb3jIgWQ4T9DAkj_m-5_Oa9QzhalDwmSPh_6JdCwReXUqenxi22xU9AQ2o0rkxg9-BxliLYs39jcK_pzzqUN-FkHyuJz8BzkG9buqM_JXc6C4wj9goNIkfNi8KDTw92wlPqUW00Gv3LStpcDfDqrFNiFybj7LPG8XXNQvAlw9M3u5iBg5XWDF699G9ivr-lLfbPJJucG9uViOlMQI1Oa1gp6vdZ7e5Z1D7ik-QR2htOa2V6RsLebNUUw27s7dsI0rX8WVTvSqaZGHfXbrVWgYx9wKjqSyTWUVdo-3mcEhDavWX4RHJ8GVl20oVC3mTig6qD1lx3RDJI22jF0VJ4UzcI4h1hhIT2atrYvreElWYjBBIeERbo3AoI2yo8adhsbKk85fzNwIsCnESCI_xSQa1OoEEoYkE8LCOqTHUm3ryU9Nmd3n6dzhwhC9zWAVKgD6rvpgSkw-BjOEPZFmtKqT2CVekknA9FxPNstBM8OEc8-uF7UA3kf-mMdSOcwink5hp6e-QRygqJys2vw7y6gutjEsEK3Jij_SwXzzkCStqiT1Q09Ls-WS7tDQbHrCCIsURMQk6KIjMb9Wf0GLHDn05UPtTrPmqhVDNzqsDPImgubxXZ0u_jFzYtPFcRVxGQ38kZheZeT84rdBQJpD4lnYOAtsD0RPjByfoMK1vcVTBTF_9WpN5ij2k7ajmUztxkKRtg3fRb3OuwkdN7M&cid=CAQSTgAvHhf_FvBdm-SbWY30ic1AtEZoC3bF1RAhO3NEmZn1pIwenCfnEhVqD8o3ZBvmAyICUI-EGb-YlXHuNiPVkXOdeO0yTq8RFKe3JCgOtBgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fhubdrive.lat&ds=l&xdt=1&iif=1&cor=14795047693045598000&adk=3690638928&idt=180&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbe7ffa3541c7835c04ae9904baa5da0f4368cbe3252a35d746702992ca063ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19592
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame E731 12 KB
2 KB 142ms
44ms Stylesheet
text/css 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3290176225%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo%26bag%3DydU9kaAfa6I%3D%26ruid%3D4a47d22a-4b61-4842-af9e-668883819508%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1707753195%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DFFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
age: 7139
etag: W/"656f1d9e-30c9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 85712f727ab89aef-MIA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame E731 3 KB
3 KB 142ms
45ms Image
image/png 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3290176225%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo%26bag%3DydU9kaAfa6I%3D%26ruid%3D4a47d22a-4b61-4842-af9e-668883819508%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1707753195%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DFFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:50 GMT
cf-cache-status: HIT
age: 1391
content-length: 3429
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
etag: "656f1d9e-d65"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 85712f727ab99aef-MIA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 0100657458245.jpeg
interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame E731 52 KB
53 KB 138ms
138ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3290176225%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo%26bag%3DydU9kaAfa6I%3D%26ruid%3D4a47d22a-4b61-4842-af9e-668883819508%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1707753195%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DFFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3290176225%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo%26bag%3DydU9kaAfa6I%3D%26ruid%3D4a47d22a-4b61-4842-af9e-668883819508%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1707753195%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DFFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:50 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-d0e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 53472

GET
H2 200 0933414948049.jpeg
interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame E731 14 KB
15 KB 411ms
410ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3290176225%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo%26bag%3DydU9kaAfa6I%3D%26ruid%3D4a47d22a-4b61-4842-af9e-668883819508%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1707753195%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DFFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3290176225%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo%26bag%3DydU9kaAfa6I%3D%26ruid%3D4a47d22a-4b61-4842-af9e-668883819508%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1707753195%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DFFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:50 GMT
last-modified: Wed, 15 Aug 2018 10:56:50 GMT
server: nginx
etag: "5b7406f2-393b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 14651

GET
H2 200 0350025199145.jpeg
interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame E731 35 KB
35 KB 412ms
411ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3290176225%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo%26bag%3DydU9kaAfa6I%3D%26ruid%3D4a47d22a-4b61-4842-af9e-668883819508%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1707753195%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DFFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3290176225%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo%26bag%3DydU9kaAfa6I%3D%26ruid%3D4a47d22a-4b61-4842-af9e-668883819508%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1707753195%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DFFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:50 GMT
last-modified: Tue, 17 Jul 2018 10:46:08 GMT
server: nginx
etag: "5b4dc8f0-8b17"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 35607

GET
H2 200 01289039865190.jpeg
interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame E731 49 KB
50 KB 412ms
411ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3290176225%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo%26bag%3DydU9kaAfa6I%3D%26ruid%3D4a47d22a-4b61-4842-af9e-668883819508%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1707753195%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DFFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3290176225%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo%26bag%3DydU9kaAfa6I%3D%26ruid%3D4a47d22a-4b61-4842-af9e-668883819508%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1707753195%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DFFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:50 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-c502"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 50434

GET
H2 200 player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame E731 28 KB
28 KB 139ms
46ms Image
image/png 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3290176225%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo%26bag%3DydU9kaAfa6I%3D%26ruid%3D4a47d22a-4b61-4842-af9e-668883819508%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1707753195%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DFFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:50 GMT
cf-cache-status: HIT
age: 3675
content-length: 28527
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
etag: "656f1d9e-6f6f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 85712f727abc9aef-MIA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 script.js Show response
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame E731 1 KB
936 B 137ms
44ms Script
application/javascript 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3290176225%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DyJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo%26bag%3DydU9kaAfa6I%3D%26ruid%3D4a47d22a-4b61-4842-af9e-668883819508%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F1707753195%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DFFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
age: 3814
etag: W/"656f1d9e-58b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 85712f727abb9aef-MIA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4B86 42 B
174 B 131ms
131ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqT1UHubIabwyu9r8bn57uhyY4RHA0CJu7XuvDCczr-Wz-XQjco9LHg6dXJaKzqNTGmU1VhjYF1Rg6VBgCR15BrXL_D83O7CZIW98pUOYyK3c4XlQ94ZCWDQ0Ly46qA4Dknz0P8E-idbO2IHCNn9FWFx3HMxozqmA&sai=AMfl-YQCRJe64mVdkEPDE8jZoWhuwnMAi_X0hAxwj3H7XRNQwj3WTX5vdzdTRuNaZvCWhGKum0i0PpLH3X1Vcbv_xxQ8Tqh2_v9sMj_cTUit0iUxoryXAz-TXTOh66NdQtyAP7kmXbZOQPiO_BXpQ6Hn0Q&sig=Cg0ArKJSzE0_fqt7UrA_EAE&cid=CAQSTwAvHhf_EyfvkxDkPDyLIoO_Ajc8n-gzDtqUu9LFcwMx0ngOFpAc5b7a-CASiXAMoXrrvg3l7dPQRtWrJt8BFM1IbM9Cp5Di7G1HDJKXqHkYAQ&id=lidar2&mcvt=1003&p=652,702,902,1002&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4224613116&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=413878900&rst=1708205989154&rpt=513&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 1F07 30 KB
11 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoCcAlxjpxLvVRLw6wnA4P3zImLxhIiaZJiko39HBH7a-ng81MWLKzFkuF_a2d7vbBs6BAU6SjYXAQW4zUvoUPaNIXTUdO-UI-kc2lbcHZG5E6B3LRwqAAaFr-XcB3JRxnTeExpUaYTAvVCzYEehRtkbrmtbkDdh62BoMh4_1P_h7YmyA&cry=1&dbm_d=AKAmf-CsgG8VGtroHkfbGGLhgwhMCHOm8pDBKRjNCekjo5mDkRRS2FsRmM00JD6x1Md0049e9ThVbT1ZNFdeKT2EYxxImh-BPejPsJRp9n4cqKdC_Mv0O2FCs_8rtNNXkwLnpr5718b0v-Rr1ZBm0H72yFCi1Zz18WIIvPlEBc_z4vZL43QjOOIYio8BTZZ7hyQzVjhj39-CwyrusK_fH_BuzjzPIFVZXpGP7Rq4XHJbKGMiy0Ewmr65JofjOcRiRi-kz7HFDVHGNuKJfKdybtI6qWcY1CnkReLWpFj-qQIaR9idFD7JVCr9OxgSMMWRd6Okq7ERx043gmdTmOgj-Wy0W8GACyI2Ns2LngXkJGbIwcOac9YPJgEHJtcWVCk24DZTVf8vorxiMfk03KOmtv8uF_ZOj0zfzwO0pWiTnCm_6vS4f7GirPnLGRJ8whKSnJkjgEFUCnkTL3mGJEY1TtkC5GopcEGB4x88B75ORCkO_lU791VES_MZXyP7izMTj4gKGKeoiTHr8JKWLm3kJZOdSDZBkvy3568bX5d63ZBq9u_IdTcIbD8kGLyAKrW4NlclhQsGb7QN81VZ3W-d_IBhMGEbcPa1LiMfZJUA7BBwqh2O5UE98BG88TvUSXzREqnrUN3a_a0KzA-9sUeLwl2Fcjp2D8VyDma5EeJDq93mF2khuJOv1A2z4WbDQFqCR6svWuBmxindoyMBY9jC_WlACXxRZTlO17Isu8wNWGqFFijZ5n_wQiX1o37XBkoG9pmFOasNYEYJePTKFB37uuCaRKsyuE66vr30MadCyzt6OLwfJlip4RSwspmD1a3GxpEroMD0OXdnhAigRtGkg_K1B9djsaPbiwza9QsSbRwztPWxwxLjMu6Ta7wNdFtYwZGJiR46IoFeV2FQ1hlskDJnq8jxVT4OZkQVWITzIZ18LcMknHEUYhnT5GqLS2kZrAVyk-so2f_fiYW9DVMHvUs9MAG7AwjlaM7BRyQ8N2O4r5o3zDZKTKGkEXkXX8YgQ196aP95s91XxLaY-fDJ6rhDgjF89ZSFsJUBw5PzOM1tAxGfDzkWRPo-ynDGpWrQLFuJcQUAQ9BdphMA6W8-EumCguP76wVEgn96Uhtffegoeg1Un__zcOb6qFw1gsI0wfN6TI_jwl9ZPkv_mCvjkFVg_nMGRnmfPL6Q5oV_vLB2hh6ZHQaZNKconXRlSPdNXfIwanp6yHTKhd3fu-1Q2dTSwQAFAWfzUIO8zcltzcsBHTMWbgQ7fKMlnNnlToyY5jOhWQ8FPc92wQkkea4V3n0EQFMawvwJB9AqGF5N6aJw0qwA3IV_X99FZ-SwUcOy53JT0nCdR0MgvLDBnWIFisPk353LT_L45VINlJ8Fq3AtYCr50EeLnZuhVWQrYwwIYvRjuc8FYeGpl3PwqPgxiJr9nNB7J8eDvMFBuYpo_zDhLDS1GTTyKQ_gQlG57RT1Iq_xqsesE7nE62X3PoW5J1CbXSOfwAr4JKk2pdMC-36Iv0t9DZQAKBylO1rXIthA6Sq0CwlPeSatKCuoEm-HPdds7__z1b-7uDsS3s0Etd5lnucMin3eV1fHGJi37FPulHTRyTOnxS-P7KWPoeqKZWZB5-6zSGmYj_U3Q2kXydp-NZpPNhpG-w0Hx1DZgSgRUjG3jji_LmDLzTfayTd3FQUNAAQnOW_y6Di3YRv822q_gULfURIZmA0Dyt7tGlr18j9bPNu2eFvkelOHKpPCOwaGQ6d7W_M6GflhzYDn_h43ar1OgM6_dWrHk1DeLeKXuRgGyJX05LymjrL2GRiDI3rRk0Wy6n4eeDTdAGXz3ub-_mCfXGzZrRLq4dzVKJXlwcNR3h8LDaIEk0Gg5WE1QcfAVAGEtPhPYQdzhFzrKWEnvf_c1laHIU_FwoMvpzk8P-Oy19kYNieNtrek2uSdbRs_GDvTlioi2DKzJWNC8_z_6jQq6b7tvPK8zU0ZmKehBVO-rpOnuNqb9dlcWoWBbt-NKkpzSqrNcdXX7nQa2IABDsgSjcLKuKInG-jz19EhP1YL9QBT60PGn10UCPR-OTEZRdDbpIVaSRgxgsEHRkRtudZIfXTOZaXEaGKtS7PKqyi-3U6Tr_04JIM_ilRJ6KhYz78yd6BL09XcjLgCYsYR3Qy_C0cTQlFWK-vV4M86fnJI_re8qWFs3OOiOoA4BjY_psIE0G9U2wFkYd_e5fsMAEUw09ult5tAdfM1TdXztu6p72K3wfUq2Zjyh2PV-CIF6l6U9g5_2ARxHgZTDxpaF0sSiJFtkKMr8iJW-7tYDXYSEfAu7BYsiml_6oV-sW5JmC0WLyZnds0-qsQ8Sllc2u3VDH0amYeegz3BEQjJkJ6HdaxKzt33cWhcWaqHOtz4fJ0jJEniWvtBO6KNnO0GoImEIfglQYpOMCFsj4szGRJOzFCAqJxqzxbUJdrJ4KDeAvPBJqxGND-4f0x_ewDxsQGgaA4MaVvlgU_oNozA1Y8417lvOWCPdpToZ4I_SozhzezipTEsK5bG6O7dCJkhezlkzFPaAsC_tJWLjH-v1Bhul0YWeTnWLAJfGPITN03UJ7tMq4tL9P3aZfnTPuDL8Mak4a9-XPgysQMiu8f1xdF3gBKPX8q_Vv0sKIHRi6dNtsJ1d8rySOZCsZfPz67QDmhBf-PfjHy7PjomSb9xnobFXbRXQblp6Kekz2aKY6PatOJ8eIl6vZTfxdYhVO4w3r0SWPNnLCr8oqVmMrx1C54iSf83SIgBcSzXn00IQABvgTco4cQbTp_WvrYp2u_Pb4mT6GXjBciWGGfMbRr8g5_bk5K1NdFpjXS9ldyzDEpwVLf5YLP9VOWCEQZM7Sm4Yjnutw4D2Dg9JalH_vG2FZgoW5biDnb8yRBkYhUrsUUdQM1gX79psHknirziv6ugPKy2wlRAdQFhXdWcamlSLs4w4xxROjSolRLnbpsarGY4Y2JOEATU2oBfdAoUOG-MbTtMD__Jh3zBTZLtEEG2Kx9Vu7sQZZcDmCZtApOIvlwJMvoOClyXwBub2MWsIN49nYjpqlutVP5wGL2ai3tc4iaT09FeRXn0_fuAUBFL3ccEmlYNTlfcT6FRSy5MFFn22sOSd5qoahmEvMnwSbT9Tslm5rG5TmGm5QedXB9qwzclJ5z7eV6JD65ZsR_Wb3jIgWQ4T9DAkj_m-5_Oa9QzhalDwmSPh_6JdCwReXUqenxi22xU9AQ2o0rkxg9-BxliLYs39jcK_pzzqUN-FkHyuJz8BzkG9buqM_JXc6C4wj9goNIkfNi8KDTw92wlPqUW00Gv3LStpcDfDqrFNiFybj7LPG8XXNQvAlw9M3u5iBg5XWDF699G9ivr-lLfbPJJucG9uViOlMQI1Oa1gp6vdZ7e5Z1D7ik-QR2htOa2V6RsLebNUUw27s7dsI0rX8WVTvSqaZGHfXbrVWgYx9wKjqSyTWUVdo-3mcEhDavWX4RHJ8GVl20oVC3mTig6qD1lx3RDJI22jF0VJ4UzcI4h1hhIT2atrYvreElWYjBBIeERbo3AoI2yo8adhsbKk85fzNwIsCnESCI_xSQa1OoEEoYkE8LCOqTHUm3ryU9Nmd3n6dzhwhC9zWAVKgD6rvpgSkw-BjOEPZFmtKqT2CVekknA9FxPNstBM8OEc8-uF7UA3kf-mMdSOcwink5hp6e-QRygqJys2vw7y6gutjEsEK3Jij_SwXzzkCStqiT1Q09Ls-WS7tDQbHrCCIsURMQk6KIjMb9Wf0GLHDn05UPtTrPmqhVDNzqsDPImgubxXZ0u_jFzYtPFcRVxGQ38kZheZeT84rdBQJpD4lnYOAtsD0RPjByfoMK1vcVTBTF_9WpN5ij2k7ajmUztxkKRtg3fRb3OuwkdN7M&cid=CAQSTgAvHhf_FvBdm-SbWY30ic1AtEZoC3bF1RAhO3NEmZn1pIwenCfnEhVqD8o3ZBvmAyICUI-EGb-YlXHuNiPVkXOdeO0yTq8RFKe3JCgOtBgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fhubdrive.lat&ds=l&xdt=1&iif=1&cor=14795047693045598000&adk=3690638928&idt=180&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 21:07:33 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1F07 41 KB
14 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102458
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 17:12:12 GMT

GET
H3 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODIwNTk5MDY2MTU1MQogIHNlcnZlcl9pcDogODk4MjU0MzMKICBwcm9jZXNzX2lkOiAzNTQwNzY3NTk0Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIK...
ad.doubleclick.net/ddm/activity/ Frame 1F07 0
22 B 98ms
97ms Image
image/png 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODIwNTk5MDY2MTU1MQogIHNlcnZlcl9pcDogODk4MjU0MzMKICBwcm9jZXNzX2lkOiAzNTQwNzY3NTk0Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2Fkb2JlLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAyMDkzNTA4MzQ5MTQ4Mjk0NjA4CmRlYnVnX2tleTogNTU5ODI5ODg2Mjk5ODMwMjg2MAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMTciCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5MjEyMjUyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzgyMzk3MTg2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MDA0OTMxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE5MjcyNzk5MzU2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTM2OTUyNDg0CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2Fkb2JlLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZsYXNodGFsa2luZy5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNApkbWFfcHJvZHVjdF9pZDogMTIyNzE1ODM3Cg

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x4950d338e1f0bbd20000000000000000","13":"0x5ffeab8658d197130000000000000000","14":"0xa3b514608c86b6610000000000000000","15":"0xa938ab4566381d6a0000000000000000"},"debug_key":"5598298862998302860","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"2093508349148294608"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1F07 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef41c2200bac61cf15d8c6d2baeace45a48db6035e3adc61bd9cdf088c661252

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 134ms
134ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402130101&jk=2248023175560213&bg=!SUqlSgXNAAZN4L4YbeA7ADQBe5WfOAU6ltrK9MlDsjWhvpaJZNZbFqdswzV9AFsja58qHhb4Sf61lz3QazjTUgxbYA5ZAgAAAUFSAAAAIWgBBwoAcsc7xMxOpTIWxnMfTcAs0f7uI5q0pq6-qg2wLcbz25rK3rOOn42IZon9UN9Dl_0BWExOFOPnDIHg8nA0ZWBg47dQ6C2-L3yOkD0ranfASYxxTciNs3M5mroSP8WK-_4btWKKX4rFBnjI8M7DdmfaxYngN5kCuR_QBnK5oK44MR9J-Qv-RmujorYCUmMhCWkwzIgImCrBFk3tWegPYekiX9i-TIxWQTPZVR0K1T9eRNyNj_mPlmjYqGjTwd13qOXecH-24j9eIXhHuqNOGhO_H3CMmpb72-ZfVaZAugEOu4vswqtknMNOsOyT_O_QW1K4O2JVTGGmime2eRq3XGANiJzgZ6dJz89gt-81zuGDfNM7c4duWqXB66U4C9OI1Uf-6K_uIZC34crcoGN1HMFFXHs2RHjNdqP6g63w-ZGGHZb2ZzoiPIwljlg28HhADGcZvruE-tCxL3IDldLEdmt7FJsEXG1JxULc7vDCCoHsooMH_zJEmVahYuLrWqvkpxwLt6aFRPUBVic8_kOajnJkLCNGskPCpKIyxqWe-yljIF2QlHuEXsg8AnSngHuqytT5IHnSuv_fXJ1L7tvonuJVHAwjpq4Gbuhp7cPymXGF2UuBM5J3pLoeJdjDq-h7SC5XtL2Cb9KcQ7be1g9B5MCvuKcdWdEP77XI_xN-4cOfH6m66JK5WP-E9UbHmY91nf3Ki2aGh4VpIQ98CTip54qFmb2lLm5cy2w9YyImdvs2zHHWtCO6owha265LXiVKb01ecWOzRaXg_Ufkys30mUsnhhS-IhUn6RRNYlKC7w9wWmE9CcE5HjQvRaeuAnPcU45WY8vPIqkI8UTbDrgpgcJaSwtWEPkqE9Hje4awLeI4RxeNS0ErWDTS29WbaAnyysddzTYO3Tt-PhfHgAq56SgUklMmFYt9YSdPJFFjlQwkimavfplWTXPWk7YqFvQOMxaf3JDn6NYv75NCx6U_cxXwJfzBytzp9K7b6Xi-tP1QBosD1BkRAthPbyRcMtzM2y97fQvyCu2eg0xvFgGIrybLbLJkXLESilZrCb8wM2oXJqyLBNgAxzImqde0xBLj0pQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/8/225407;7893664;201;jsappend;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntentUSDSKBAN300x250/ Frame 1F07 2 KB
1 KB 239ms
79ms Script
text/javascript 23.192.34.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/8/225407;7893664;201;jsappend;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntentUSDSKBAN300x250/?ftOBA=1&ft_agentEnv=0&ft_referrer=hubdrive.co/&us_privacy=${US_PRIVACY}&site_url=hubdrive.co/&pub_id=1&sup_platform=1&cachebuster=596561.3341896667

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.34.122 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-34-122.deploy.static.akamaitechnologies.com

Software

prod-xre-app26.ash11 /

Resource Hash

a7b50550f89158637852c2017ea55f829accd775e838ab29844f5ea7ba90da28

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 21:39:51 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app26.ash11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 907
Expires: Sat, 17 Feb 2024 21:39:51 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C934 42 B
108 B 131ms
131ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiL8zaBmLTO54m4zcqnb_01p7iSeplg7PLE0w1ZzrFKZqVK2GGPVCEpXBYYsMk9pcrd-hl_hr9vsI4uB2-N6W5pUSZyqqxs5siKsG3i309yWcK6TfBJLr7KiuoYc4EvxHwLrcua_ohPqEL3pRVjwueEFtluv2DJOk&sai=AMfl-YTfnXQRBVjlBuraLjMBaNYDZ_5byBnHpNOW3oCCjVsaFDPgmvVmDCco0O2fPFG3AJPXCfgr4Nt1jvKwGFZeVTJzPULfFI1O4pwK1fIw3JEehFhGMURSDtQnTTlbl4wi4CkOxxxgG-iPdi2nAGPDCQ&sig=Cg0ArKJSzPkFTAWaA7-nEAE&cid=CAQSTwAvHhf_7zrsdhzoRo7gsAc7BfWSrHMEu0X_54pDerjSABbHKimwtPn99sDZnJQ9yx2PzmlwS9ZdU55TkJm2dKxGMvtnKE8nxGBtcGsLJHAYAQ&id=lidar2&mcvt=1033&p=372,684,652,1020&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3263134374&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=413878900&rst=1708205989420&rpt=338&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5729 38 KB
13 KB 65ms
64ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 152286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:21:44 GMT
expires: Sat, 15 Feb 2025 03:21:44 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5729 39 KB
15 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Feb 2025 20:08:09 GMT

GET
H/1.1 200
OK ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame 1F07 86 KB
27 KB 225ms
74ms Script
application/javascript 23.34.59.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/225407;7893664;201;jsappend;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntentUSDSKBAN300x250/?ftOBA=1&ft_agentEnv=0&ft_referrer=hubdrive.co/&us_privacy=${US_PRIVACY}&site_url=hubdrive.co/&pub_id=1&sup_platform=1&cachebuster=596561.3341896667
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.34.59.20 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-34-59-20.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 50b9b32493095c6ce4391b1faa2588105712b6c3350fddfdffbd4670708e53b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 21:39:51 GMT
Content-Encoding: gzip
Akamai-Cache-Status: Miss from child
x-amz-request-id: MT81AC84TKV1W6X9
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 26381
x-amz-id-2: RW9MHuaSgJbb/p5sUF9VmakoPz+4plGlrWmJqc+ZGOo0RveOLjrtaOTV7P0XXzyNe8Jt0LW8XTdpn/9+L48xcg==
Last-Modified: Mon, 12 Feb 2024 15:44:51 GMT
Server: AmazonS3
ETag: W/"ced6ce1b7b99b74cc94c9fe3e5e2b4d1"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding, Accept-Encoding
Cache-Control: max-age=86400
X-Varnish: 868191144 762188643
Accept-Ranges: bytes
Expires: Sun, 18 Feb 2024 21:39:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5729 0
20 B 132ms
131ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BhAO3pifRZa-wKJnB6toP6qavmA0AAAAAOAHgBAI&bg=!sLOls_zNAAZN4L4YbeA7ADQBe5WfOOZXsGZCzNOM9fA-zk_9_4hgz7592W_fBYFlpm7PHH_Txw27gVOSll3bbpd1gbsZAgAAAGxSAAAABmgBB5kDAu3Brn4-PCHmEA4QLwZXmhgUxqHUkxKYehpyNj0Wc84d_zE2mvJVHYF439aS9_A0Xhl_cjTIP_BGSA4HAvpEnOeHtKVoJO3kfQCS9F-M5TE9uSYq6ZynYO5hRybEcS6PdcIymiuafRXmupDumYkIB4fzCMzSRkueaMbHcrxZLBe-cN-TfYYrw_Vt6Qwei7xtcvZATAg82SdK2J_fvZDuMGM9p4bwD_xKqeT13NY3MgWQBYI2Ei8BwWw6BCAUyAAykUuB3UDUoi58yx4Tg9dV9CaMoiNOe9eQgEVIFVMMyW0yit6d9wHXm8WGkMlnwjV-DXs8KuL4ITQz5LJiqbQr6b1khsNwqzDnymrrS_O24DkYjPhuh_2loypfBjh5Mh9rwLb_pLDFeHXW-GaAb2Xk80kbXJ56Gl38h99cBkGWWX7MXZI8rTTMPxcLNBmyEmOnbYYTtyCNCn_dsWZ5yp04NHOtF1DKj9QBOCbvDFDCv19iE8cpj5rT8B1eUk466XHBWz-iZiqFLP9CPgmPyLnDNFoSmUoF9wCcZqbQD-OnnuJRfIrIq9GOtoSVsDc_sbe24R50-gt67-LZeVvHzPnK90vDzDPHAyWToAYvBTvWG1idZSevukMGvvtvYPHpET9yTdkorSBjOw7tOaQEkrhAQ1LAIVGQ4FIyTS8z5OnkyvurZqDDELnipDSIcsYb3lvFPHIYNqSMbw5KEciHz4wPgc9FPbz3V5Hgdefaj8gTZUlcBVH_nQxQERofZMn--z4Q3Owd_D2CqU7Ikjs78alrrwg-HwdmOJLaI8AZBEqzDqNPMmChJM6_PNN2t7XegUSY_HD38zl3hRIlFAmQVgzm3b9e6N3yCqpX6yPY8GuWgqSvFXDGVjWjBPrRBe8FMwEddrBQyO-g4Akxmu2-tbxr-FhNyFe0kpgZv65lM8WEco5fw5ih8Nt0t_tWtuuvbiADRF_TMZPkyaWJTMPqpYGWDm3WgTKXs9XvmsGdGQPwrrJ0xIpom2jHUU86aegPRl0SiYno

Requested by

Host: be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
URL: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 11
thubanoa.com/ Frame 0
0 138ms
138ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/11?rnd=2792388477&z=7013738&b=5362695&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=yJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo&ruid=4a47d22a-4b61-4842-af9e-668883819508&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sc
Access-Control-Request-Method: GET
Origin: https://hubdrive.lat
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://hubdrive.lat
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Sat, 17 Feb 2024 21:39:51 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 11 Show response
thubanoa.com/ 0
880 B 142ms
141ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/11?rnd=2792388477&z=7013738&b=5362695&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=yJXkM35PREhgNLg4Rj5QjZfOPAl-blIow-uJb_Q_TRo8NKRx0-hy3TzdhVjgJo305hEpf4KWqzlaoQZC8rPTDAfKutMdCENFnzNjylEHlQDZQFEw-jf2fLbtNfjojvn6PPhFJH3vApew1AyHhiPi3q5hQCEaKYnTJWwQ0QNFPkEeTq_i0jM_gvW0QGZzv2DzTMjm5zvTmfsrsq1LNyc2nIMJKXE0AKhEsB9GUqxyejPfR6waAoO9FtsDzQIvPXY5dchz71uFBGUDWUyNLtO05bY17LjwWwcD8XiZU0X_vcafueMMhnI7GkuJ5riuCNmo&ruid=4a47d22a-4b61-4842-af9e-668883819508&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
Requested by: Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
X-Sc: FFMryJizRcE5m0Xp-nk5GVRrl2-JMo9csSVeo3dPqotj7gJEZYK1lpv3nh7-IkCgOEaO0wQkiA474Wxw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: 369c5cc4216cea7781a5d0e0770aa97d
pragma: no-cache
date: Sat, 17 Feb 2024 21:39:51 GMT
x-sc: I0G20TjGAR2WkFKWbnapqc8qZc9Vwnz7NNmf_uwoRvUw5mJOruik-ObSgQ1hKZC5O6TrVj7uhd2z0C5YJdZMEDMey87oxDnkgzc-l0qDguvM1XLr_Drlyu9cyAgSnvt-RT7ngD0pAlr6L79oKalR-uEuuDI9yKX-
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E731 548 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 4251819.json Show response
agen-assets.ftstatic.com/display/7893664/ Frame 1F07 4 KB
2 KB 365ms
63ms XHR
application/json 13.35.93.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/7893664/4251819.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-38.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4b6d7e7ce7a78f46ee5e89e202e7f1e9a6b6bb010f90348448a719f3ab76545

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:32 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.1), 1.1 2da1a465458d2c4bd692e693d75f0780.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 21
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1799
last-modified: Wed, 14 Feb 2024 16:45:45 GMT
server: AmazonS3
etag: W/"5eb712c9c9be47b86bc419734dc8268f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 1034982719 1036980305
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: _-MRyILGgTizA1xlZpI0L1Sonj-tw2G94VF3YxX86-nKdz2LpoayxQ==

GET
H2 200 d9core Show response
d9.flashtalking.com/ Frame 1F07 11 KB
11 KB 253ms
60ms Script
application/javascript 44.214.189.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.214.189.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-214-189-209.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: aa4d0e8efcec216a936ef73e0ee042851655b45b738a2cd589231612a9846e9f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:51 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
etag: 5bc31bf7d4a298e1bef9d35fce222bfc
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: d9.flashtalking.com
content-type: application/javascript;charset=utf-8
cache-control: private, must-revalidate, proxy-revalidate, max-age=172800
access-control-allow-credentials: true

GET
H/1.1 200
OK adobe_contractor_300x250.html Show response
cdn.flashtalking.com/172799/4251819/ Frame 227B 3 KB
2 KB 283ms
65ms Document
text/html 23.52.160.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/172799/4251819/adobe_contractor_300x250.html
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.160.52 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-160-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 0a3fbb228fb341deb6baf30f676646b536340159d1ecd8a7e249ec68538dcbfe

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Cache-Control: max-age=442
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1213
Content-Type: text/html
Date: Sat, 17 Feb 2024 21:39:52 GMT
ETag: W/"f5fa67fa28d4cd06a607ef38365b01db"
Expires: Sat, 17 Feb 2024 21:47:14 GMT
Last-Modified: Thu, 09 Mar 2023 21:49:33 GMT
Server: Flashtalking (AKA)
Vary: Accept-Encoding
X-FT-Origin: us
X-Varnish: 663633286 661813937

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame 1F07 549 KB
160 KB 227ms
77ms Script
application/javascript 2600:9000:261f:6600:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:261f:6600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a06c4c7e8189e33f4546a8ea658c82a4a841b550fbef298e6e5d42d267c046ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 20:39:57 GMT
Content-Encoding: br
Via: 1.1 547ed58ab09c3c811d28ab963755fcd8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK52-P3
Age: 3594
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Sat, 17 Feb 2024 20:39:57 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: AGuWR1nC_4rRF7bVduz3d2xoe7gDJZnCyx8TeWtqD9s2VFlL8t2AUA==
Expires: Sun, 18 Feb 2024 20:39:57 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame 1F07 17 KB
6 KB 289ms
67ms Script
application/javascript 23.52.160.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.160.52 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-160-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 21:39:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
X-FT-Origin: us
Vary: Accept-Encoding
X-Varnish: 413862034 236107414
Content-Type: application/javascript
Cache-Control: max-age=84808
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Sun, 18 Feb 2024 21:13:20 GMT

GET
H/1.1 200
OK iconc.png
cdn.flashtalking.com/oba/icon/ Frame 1F07 1 KB
2 KB 282ms
65ms Image
image/png 23.52.160.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.160.52 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-160-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 21:39:52 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:31 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin: us
X-Varnish: 108102152
Content-Type: image/png
Cache-Control: max-age=2177570
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Thu, 14 Mar 2024 02:32:42 GMT

GET
DATA 200
OK truncated
/ Frame 1F07 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1F07 42 B
64 B 131ms
130ms Fetch
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNin4B5fKS4gdFiH8MVb9sbg6LsbhA_y7rGKD8jHwBC_oYoXsIkHa_JJmmlGvs2pKUYvutF-5AKONgh-MzF4silyWf-usdE_WJuENA4XK6UsB9JyCmTjjazp9yDsbDcG7YXFlDKRg1ee8ZG09t3QJbmECB9dJVRjE&sai=AMfl-YQqp55xrPcKC7KcZXZ4t4nWmD_HF_nYo8JhjDSnZ8jvFjvrosyKzQed7UcMqF7UkW88tHwvhIE6LS_VgSoq_BFP5gUne9u3Mt8nn9HsL2ZW8l5ealQNaqBLY9jFhIdxuJuGPOiCha4_ix_u6Pp7&sig=Cg0ArKJSzLSbnLgXU9dBEAE&cid=CAQSTgAvHhf_FvBdm-SbWY30ic1AtEZoC3bF1RAhO3NEmZn1pIwenCfnEhVqD8o3ZBvmAyICUI-EGb-YlXHuNiPVkXOdeO0yTq8RFKe3JCgOtBgB&id=lidar2&mcvt=1000&p=156,702,406,1002&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4268415557&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=413879000&rst=1708205990313&rpt=473&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 227B 236 KB
63 KB 275ms
87ms Script
text/javascript 2600:1400:9000::687e:7771
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/172799/4251819/adobe_contractor_300x250.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1400:9000::687e:7771 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:52 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:54:52 GMT

GET
H3 200 gsap_3.11.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 227B 69 KB
27 KB 80ms
79ms Script
text/javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js

Requested by

Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/172799/4251819/adobe_contractor_300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27635
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:03:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Feb 2024 21:39:52 GMT

GET
H/1.1 200
OK adobe_contractor_300x250.js Show response
cdn.flashtalking.com/172799/4251819/ Frame 227B 158 KB
39 KB 78ms
77ms Script
application/javascript 23.52.160.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/172799/4251819/adobe_contractor_300x250.js?1677110633077
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/172799/4251819/adobe_contractor_300x250.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.160.52 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-160-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: d89da1877d7e6b1811df452cfd21e78ddd5da2b11236ecfb23348ccff6e0aa33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/172799/4251819/adobe_contractor_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 21:39:52 GMT
Content-Encoding: gzip
X-FT-Origin: us
Connection: keep-alive
Content-Length: 39070
Last-Modified: Thu, 09 Mar 2023 21:49:33 GMT
Server: Flashtalking (AKA)
ETag: W/"b77f29c1aff5e7718269b63fc552c23a"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding
Cache-Control: max-age=442
X-Varnish: 417199875
Accept-Ranges: bytes
Expires: Sat, 17 Feb 2024 21:47:14 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7893664;4251819;0;271;71B03F3A-F62E-4308-2AC7-D47685FA53D7/ Frame 1F07 0
67 B 195ms
58ms Image
text/plain 100.24.196.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7893664;4251819;0;271;71B03F3A-F62E-4308-2AC7-D47685FA53D7/?cachebuster=349539721
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.196.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-196-120.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:52 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 1F07 1 B
377 B 302ms
101ms Image
text/plain 23.52.160.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7893664;4251819;0-304-0-0-937540747
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.160.52 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-160-52.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 21:39:52 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Sat, 17 Feb 2024 21:39:52 GMT

POST
H2 200 lgc Show response
d9.flashtalking.com/ Frame 1F07 103 B
575 B 91ms
90ms XHR
application/json 44.214.189.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/lgc
Requested by: Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.214.189.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-214-189-209.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: a00db96687ddc535aff899eb1c1e1c0b9c56126185fea738bbab3615bd5331bb

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 17 Feb 2024 21:39:52 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
content-type: application/json;charset=ISO-8859-1
access-control-allow-credentials: true
content-length: 103

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 1F07 121 B
717 B 295ms
82ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=hTimbwdPVJUWXIicAlyoFStPnQZSwJbR-FE7fPshldVTrKDwR03zDGk/D-E03BNM9naVHrMQ==&pm_ct=bfec968ba07e1db2ad1980c2&pm_pl=1708205992193&pm_td=28&pid=1000925&en=1.1&callback=__pm_glbl_Jp2ugyLDsL5PYLlZu3i8JvbC._gc1&tt=g&v=0a0f38d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 6913b048346efd06877888168b8b0186f370ceefacc37e9f41804bcaeb2f2219

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 21:39:52 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 121

GET
DATA 200
OK truncated
/ Frame 9477 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1F07 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/7893664;4251819;0;401;71B03F3A-F62E-4308-2AC7-D47685FA53D7/ Frame 1F07 42 B
343 B 76ms
76ms Image
image/gif 23.192.34.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/state/7893664;4251819;0;401;71B03F3A-F62E-4308-2AC7-D47685FA53D7/?ft_data=d9:3e2ab5e1030d4011af74bee54aeb5a02;d9s:3e2ab5e1030d4011af74bee54aeb5a02&cachebuster=694994379

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.34.122 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-34-122.deploy.static.akamaitechnologies.com

Software

prod-xre-app35.ash11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 21:39:52 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app35.ash11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Sat, 17 Feb 2024 21:39:52 GMT

GET
BLOB 200
OK 24d42541-b34f-4de9-bcae-4781c6dc53eb
https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/ Frame 1F07 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/24d42541-b34f-4de9-bcae-4781c6dc53eb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK 4fbc56fc-d57f-4150-ba4d-03704655c3f6
https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/ Frame 1F07 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/4fbc56fc-d57f-4150-ba4d-03704655c3f6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 1F07 1 B
377 B 66ms
65ms Image
text/plain 23.52.160.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7893664;4251819;0-306-0-0-241686034
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.160.52 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-160-52.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 21:39:52 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Sat, 17 Feb 2024 21:39:52 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F07 0
20 B 127ms
127ms Ping
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8681136861526&version=m202401290101&ct=77&x=1&cor=14795047693045598000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 1F07 1 B
320 B 141ms
140ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=hTimbwdPVJUWXIicAlyoFStPnQZSwJbR-FE7fPshldVTrKDwR03zDGk/D-E03BNM9naVHrMQ==&pm_ct=bfec968ba07e1db2ad1980c2&pm_pl=1708205992193&pm_td=637&pid=1000925&en=1.1&callback=__pm_glbl_Jp2ugyLDsL5PYLlZu3i8JvbC._gc2&tt=g&v=0a0f38d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
Date: Sat, 17 Feb 2024 21:39:52 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
BLOB 200
OK f0d93673-b4b2-4d84-b861-f33daa49532e
https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/ Frame 1F07 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/f0d93673-b4b2-4d84-b861-f33daa49532e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 1F07 6 KB
6 KB 263ms
65ms Image
image/png 23.52.160.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.160.52 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-160-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 21:39:53 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin: us
X-Varnish: 977502517 975897158
Content-Type: image/png
Cache-Control: max-age=370
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Sat, 17 Feb 2024 21:46:03 GMT

GET
H/1.1 200
OK adobe_contractor_300x250_atlas_P_1.png
cdn.flashtalking.com/172799/4251819/images/ Frame 227B 64 KB
65 KB 77ms
77ms Image
image/png 23.52.160.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/172799/4251819/images/adobe_contractor_300x250_atlas_P_1.png?1677110633033
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.160.52 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-160-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 218f36351173ba32d2174766c988b36276f03a2bfae4cefe3aecbcd1efae5921

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/172799/4251819/adobe_contractor_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 21:39:52 GMT
X-FT-Origin: us
Connection: keep-alive
Content-Length: 65929
Last-Modified: Thu, 09 Mar 2023 21:49:33 GMT
Server: Flashtalking (AKA)
ETag: W/"7e837f41f57dae5bed7c97b1e57a9125"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=597
X-Varnish: 758784637
Accept-Ranges: bytes
Expires: Sat, 17 Feb 2024 21:49:49 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 1F07 1 B
320 B 70ms
70ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=hTimbwdPVJUWXIicAlyoFStPnQZSwJbR-FE7fPshldVTrKDwR03zDGk/D-E03BNM9naVHrMQ==&pm_ct=bfec968ba07e1db2ad1980c2&pm_pl=1708205992193&pm_td=784&pid=1000925&en=1.1&callback=__pm_glbl_Jp2ugyLDsL5PYLlZu3i8JvbC._gc3&tt=g&v=0a0f38d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
Date: Sat, 17 Feb 2024 21:39:53 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK adobe_contractor_300x250_atlas_NP_1.jpg
cdn.flashtalking.com/172799/4251819/images/ Frame 227B 112 KB
113 KB 71ms
71ms Image
image/jpeg 23.52.160.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/172799/4251819/images/adobe_contractor_300x250_atlas_NP_1.jpg?1677110633033
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.160.52 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-160-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: bfe19adde9c04e9276b17f5ba9a2758b130a2f0be1bd14da628ff1d579d8b505

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/172799/4251819/adobe_contractor_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 21:39:53 GMT
X-FT-Origin: us
Connection: keep-alive
Content-Length: 114652
Last-Modified: Thu, 09 Mar 2023 21:49:33 GMT
Server: Flashtalking (AKA)
ETag: W/"795316ba5b57291013ae32d045521d5f"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=596
X-Varnish: 738586781 740233348
Accept-Ranges: bytes
Expires: Sat, 17 Feb 2024 21:49:49 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 1F07 1 B
320 B 71ms
70ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=hTimbwdPVJUWXIicAlyoFStPnQZSwJbR-FE7fPshldVTrKDwR03zDGk/D-E03BNM9naVHrMQ==&pm_ct=bfec968ba07e1db2ad1980c2&pm_pl=1708205992193&pm_td=947&pid=1000925&en=1.1&callback=__pm_glbl_Jp2ugyLDsL5PYLlZu3i8JvbC._gc4&tt=g&v=0a0f38d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
Date: Sat, 17 Feb 2024 21:39:53 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F07 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 1F07 1 B
320 B 72ms
72ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=hTimbwdPVJUWXIicAlyoFStPnQZSwJbR-FE7fPshldVTrKDwR03zDGk/D-E03BNM9naVHrMQ==&pm_ct=bfec968ba07e1db2ad1980c2&pm_pl=1708205992193&pm_td=1083&pid=1000925&en=1.1&callback=__pm_glbl_Jp2ugyLDsL5PYLlZu3i8JvbC._gc5&tt=g&v=0a0f38d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
Date: Sat, 17 Feb 2024 21:39:53 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 52ms
48ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8QTNRD0R4M&gtm=45je42e0v9175770313za200&_p=1708205987835&gcd=13l3l3l3l1&npa=0&dma=0&cid=1605445105.1708205988&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1708205988&sct=1&seg=0&dl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F1707753195&dr=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&dt=HubDrive%20%7C%20Kaatera%202023%201080p%20Hindi(Studio-DUB%20OST)%2BKannada%20x264-SkymoviesHD.mkv&en=scroll&epn.percent_scrolled=90&_et=12&tfd=6283
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8QTNRD0R4M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 21:39:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lazy-iwc.9b430e25.js Show response
static.arc.io/broker/js/ Frame 4880 14 KB
5 KB 68ms
67ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.9e6bf337.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 170fc28046efe0a2310c72af9f6d88c39458c227d4b9d7f77738f78cf1c3a11f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:53 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: FC8B19E98STPFYG3
x-amz-server-side-encryption: AES256
cdn-cachedat: 10/13/2023 07:46:38
cdn-pullzone: 786569
x-amz-id-2: OZ28pOUxEGU3SE8hMb1/WQPcAo34l2WWKG+dLpP7P+2+5j3nllzqM6Ne2PHpD56W+EisZ7IVEZM=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"1343454a1c763177d59f06c307b3a5a2"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: f3688ce820d2712837292f3c18f88b1f
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 1F07 1 B
377 B 79ms
78ms Image
text/plain 23.52.160.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7893664;4251819;0-307-0-0-313616641
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.160.52 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-160-52.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Feb 2024 21:39:53 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Sat, 17 Feb 2024 21:39:53 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7893664;4251819;0;202;71B03F3A-F62E-4308-2AC7-D47685FA53D7/ Frame 1F07 0
66 B 59ms
58ms Image
text/plain 100.24.196.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7893664;4251819;0;202;71B03F3A-F62E-4308-2AC7-D47685FA53D7/?cachebuster=407873245
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.196.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-196-120.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:53 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 200 vendors~widget-sc-client.js Show response
static.arc.io/widget/js/ 60 KB
17 KB 68ms
67ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 31501078b411835882c834ed620bebe77a2b8ff3664514358cda957fba8c247d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:53 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: BA38ATH4X87SDNW9
x-amz-server-side-encryption: AES256
cdn-cachedat: 12/27/2023 05:29:58
cdn-pullzone: 786569
x-amz-id-2: nvIjyyob9X5Cj9ELnlxyr6OPFj2ciQM0S1nWl1dIS9D/LdKPjS0U7wo+X1eozAzCOWAU7CrEMsY=
last-modified: Wed, 20 Dec 2023 16:47:53 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"1bfa017c8b068bd2857ce731fa38ab1d"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 9eeb2e3e9c1cdd375bad45f42a93ab69
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget-sc-client.js Show response
static.arc.io/widget/js/ 3 KB
2 KB 76ms
76ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-sc-client.js?197dbd2e
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 3465ab3f72d4c3ddc2943112cabd7d5bf5faec502ce18319571234957329a1b0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:53 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: B7ZSB5WG9DAY0PZ5
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/12/2023 01:19:33
cdn-pullzone: 786569
x-amz-id-2: RlilRLb9l1RfszxsiLaktvtg0XbJxjbgMZZdjm/KOBAj617mrLXA0f4PTFStEYhsuis3yuYoB28=
last-modified: Sun, 09 Apr 2023 20:18:37 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"00fc1f9530439ec3d2415f9420e814d7"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 70c00c60fc749af30e723d5f2ccfc7fd
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 1F07 1 B
320 B 70ms
70ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=hTimbwdPVJUWXIicAlyoFStPnQZSwJbR-FE7fPshldVTrKDwR03zDGk/D-E03BNM9naVHrMQ==&pm_ct=bfec968ba07e1db2ad1980c2&pm_pl=1708205992193&pm_td=1630&pid=1000925&en=1.1&callback=__pm_glbl_Jp2ugyLDsL5PYLlZu3i8JvbC._gc6&tt=g&v=0a0f38d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
Date: Sat, 17 Feb 2024 21:39:53 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 200 strn.min.js Show response
unpkg.com/@filecoin-saturn/js-client@0.3.7/dist/ 230 KB
53 KB 52ms
52ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@filecoin-saturn/js-client@0.3.7/dist/strn.min.js

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a77bee92347b9bbd0786d53fe05e0d5c3d486c5db3f4682d9f4dfc21960542e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5260634
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HHZQ81MW3AA06RFG2ZP4RBA5-mia
server: cloudflare
etag: W/"3965a-Lu2VKHRN+UwzJYzS2puHZQw9qzs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 85712f85adcb4c0f-MIA

GET
H2 200 vendors~saturn-benchmark.js Show response
static.arc.io/widget/js/ 72 KB
22 KB 72ms
72ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~saturn-benchmark.js?b7a151e4
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: b6fae66819d4c9cc2ddfd2906f37491aadbbe749dd671815b9e519ddbf5f1b8f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:53 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: R7RF7K1R30ABHQ2Q
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 21:53:36
cdn-pullzone: 786569
x-amz-id-2: tNYXdLuBOwj3IPk4w01eB0CDLcUNdjBVCDA0GAbJCL90HXvhAtMBLsUOkz897oHjRWC+3bTuyMo=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"1c4f530c31856a4351aba686878efab5"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 2efdb3462ff345598d15d38397fb8214
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 saturn-benchmark.js Show response
static.arc.io/widget/js/ 7 KB
4 KB 68ms
68ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/saturn-benchmark.js?058026e9
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: d32e230d0853796d6ab90219c1003e0648167fd6341182e5fa0252cc253a4801

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:53 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: R7RFNPGXSZ85AKMC
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 21:53:36
cdn-pullzone: 786569
x-amz-id-2: mMXVBoW8dxXPeYHoAIcX29ucbR6zIG9dJrTB1kyrXTaCB1ObcoIl919m+jpXsayH0lvyEwSX500=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"8ab68a778a1cff7b08b0ecb6558184ad"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: f56475d3e84ccf61404755c3df20b6a2
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 nodes Show response
orchestrator.strn.pl/ 14 KB
5 KB 363ms
116ms Fetch
application/json 54.187.207.111

General

Check archive.org

Show headers Download Go to

Full URL: https://orchestrator.strn.pl/nodes?maxNodes=100
Requested by: Host: unpkg.com
URL: https://unpkg.com/@filecoin-saturn/js-client@0.3.7/dist/strn.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.207.111 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f335bf8f784b806e2f4024efba23443bf5da6e33fd57660a8f71be55a73b3a36

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Feb 2024 21:39:54 GMT
content-encoding: gzip
etag: W/"385f-JDrQrQyxjNKFXyihI3rxipFUS1Q"
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 nodes Show response
orchestrator.strn-test.pl/ 738 B
1 KB 366ms
117ms Fetch
application/json 54.148.16.68

General

Check archive.org

Show headers Download Go to

Full URL: https://orchestrator.strn-test.pl/nodes?maxNodes=100
Requested by: Host: unpkg.com
URL: https://unpkg.com/@filecoin-saturn/js-client@0.3.7/dist/strn.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.16.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c7ef1cfbb9a18cec258c6dab145183885d7816a7c5b205051b6829f3fdf751d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Feb 2024 21:39:54 GMT
etag: W/"2e2-YdQaFgeFMQAy7NEZa8fC+HZyHzI"
content-length: 738
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 chunk-2d0cf2b3.js Show response
static.arc.io/widget/js/ 3 MB
691 KB 68ms
68ms Script
text/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/chunk-2d0cf2b3.js?d98d2542
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: d5f83459cd7022769a57a436f24ed1540369eec2ebbec331275d46d8cfbea98c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:54 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 6B3Q75K35T7CM81M
x-amz-server-side-encryption: AES256
cdn-cachedat: 10/31/2023 18:52:41
cdn-pullzone: 786569
x-amz-id-2: reK0rPSCr55LKMWDGRNr9bG4IqyvZO1hFnJ2SZUDd/BdUS6Qjs2BOg5nH00L4XX24leZq9eDlAg=
last-modified: Tue, 31 Oct 2023 18:10:04 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"3e9a577ca6bcba5cdf18d0dafd192870"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: dad194b9ff56565a9888b90c968b115e
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 top-cids Show response
cids.arc.io/ 6 KB
4 KB 250ms
67ms Fetch
application/json 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cids.arc.io/top-cids
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 461d0de8a053d33d52dac5281e5148855ddd8f6e26dcb90b4098ac7de9a611ab

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 21:39:54 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 02/17/2024 21:34:53
cdn-pullzone: 1392871
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"199a-KhUvlQfr3secO2FWQbdx82uXjEg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=3600
cdn-requestid: 0597b8ab13201666a976ab44405a67f7
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET /
su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tracker.arc.io
URL: https://tracker.arc.io/

Domain: su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws
URL: https://su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws/?clientKey=c11dbbe1-a007-4e59-86d5-fc67dc8f317c

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hubdrive.lat/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6721007100c5ff3b13d9e707ffc6233d
greenfox.ink/	1969-12-31 23:59:59	Name: OAGEO Value: 2%7CUS%7CNA%7C%7CMiami%7C33018%7C25.9092%7C-80.3927%7C20%7CAmerica%2FNew_York%7C528%7CFL%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.hubdrive.lat/	1970-01-21 04:06:05	Name: _ga Value: GA1.1.1605445105.1708205988
.hubdrive.lat/	1970-01-21 04:06:05	Name: _ga_8QTNRD0R4M Value: GS1.1.1708205988.1.0.1708205988.0.0.0
thubanoa.com/	1970-01-21 03:15:41	Name: oaidts Value: 1708205988
core.arc.io/	1970-01-21 03:15:41	Name: _immortal\|Arc_nodeId Value: LHSUgr1wLjFHeKsER5iMGv
.criteo.com/	1970-01-21 03:51:41	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 03:51:41	Name: uid Value: bce65645-d682-40fa-aa22-39f014cdfd2a
greenfox.ink/	1970-01-21 03:15:41	Name: OAID Value: 21f735ab274a6da193c5faea5f14f9ce
.criteo.com/	1970-01-21 03:51:41	Name: partitioned_bundle Value: I7OijV9WWXZnTTVMSnVEZEpHbTBoUko1Z1psbkVlTGIlMkYlMkIwdGQyT2hTQmFybWFaJTJGMERiMDl1RmZENXduSyUyQkltRXhjJTJCd1h3OHBWMTY1QVFZakI4QjRKZTRZRUFJdVZGcm1aNmxKcyUyRm1STzFLRCUyQlNWMFhKMnAlMkJrVXpONm1CS0h6b0RQV2ZkVWxvT3Q5QmxpcXJnYlVvWE9WN0hyb1ppSWw0ZUR1alVHJTJCT3ZtaiUyQlpaRjVObEgwSU9nS3p6TzRlcUZMN2JEbw
.hubdrive.lat/	1970-01-21 03:51:41	Name: cto_bundle Value: vfD3SV9WWXZnTTVMSnVEZEpHbTBoUko1Z1psbkVlTGIlMkYlMkIwdGQyT2hTQmFybWFaJTJGMERiMDl1RmZENXduSyUyQkltRXhjJTJCd1h3OHBWMTY1QVFZakI4QjRKZTRZRUFJdVZGcm1aNmxKcyUyRm1STzFLRCUyQlNWMFhKMnAlMkJrVXpONm1CS0h6b0RQV2Z3R2lNeGdrOWNaVzVuZzdpdWx5dWN3JTNEJTNE
.arc.io/	1970-01-21 04:06:05	Name: widgetOptState Value: {%22state%22:%22UNDECIDED%22%2C%22date%22:%222024-02-17T21:39:48.204Z%22%2C%22dismissedAt%22:null}
.doubleclick.net/	1970-01-21 04:06:05	Name: IDE Value: AHWqTUmLykzJVnAR13i5QUhipnhdTFDUdFJ410lnVZ7LIyUR56IHM2PZjEg6hvE39QQ
.doubleclick.net/	1970-01-20 22:49:17	Name: receive-cookie-deprecation Value: 1
my.rtmark.net/	1970-01-21 03:15:41	Name: ID Value: f247597d96d84d17823e7119f6390db8
.casalemedia.com/	1970-01-20 20:39:41	Name: CMPS Value: 1471
.adnxs.com/	1970-01-21 04:06:05	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:39:41	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>:CO^X<!@wnfH8K6pQK`!5=E<L5?%KFf8<gr7mR['/?ccWj5gF#dX3$C?MNgg/S@z0bpRzqF1`b_8=*).G<
.casalemedia.com/	1970-01-21 03:15:41	Name: CMID Value: ZdEnpdHM76EAAD2WACQ7IwAA
.casalemedia.com/	1970-01-20 20:39:41	Name: CMPRO Value: 1471
.adnxs.com/	1970-01-20 20:39:41	Name: XANDR_PANID Value: bszA-wOFaaYavmXNYQo_-bY-OyGC0lUM3JayGV3DT8oMine8K5OBZNuqjL0BmeVFucag-VPP9vWJGVhKSxq2tx2uR0h5ZyBJKBP6M-I6I30.
.adnxs.com/	1970-01-20 20:39:41	Name: uuid2 Value: 2103070948921217848
thubanoa.com/	1970-01-21 03:15:41	Name: OAID Value: f247597d96d84d17823e7119f6390db8
.hubdrive.lat/	1970-01-21 03:51:41	Name: __gads Value: ID=32c12ae9edcc402a:T=1708205988:RT=1708205988:S=ALNI_MY7SbnoBojWziM7yZmujiXgY-QKDA
.hubdrive.lat/	1970-01-21 03:51:41	Name: __gpi Value: UID=00000dcad13d9443:T=1708205988:RT=1708205988:S=ALNI_MZNbVudZTAR4QTdMR0paDJyVY_euQ
.hubdrive.lat/	1970-01-20 22:49:17	Name: __eoi Value: ID=1c590ae8d173bc32:T=1708205988:RT=1708205988:S=AA-AfjaUh6xzoT1lAjN7LvirzVap
.openx.net/	1970-01-21 03:15:41	Name: i Value: c361ced6-765b-4d3e-b09b-179bb5f7bd0f\|1708205990
.doubleclick.net/	1970-01-20 22:49:17	Name: APC Value: AfxxVi6QhgvwU3Xxfp2lNJaDtW_gWoVX50qaUNy1-HH0lEGobhkQPw
.teads.tv/	1970-01-21 03:14:15	Name: tt_viewer Value: c18057d1-c198-4ac6-b7eb-3d8ef8071aec
.doubleclick.net/	1970-01-20 19:13:17	Name: ar_debug Value: 1
.flashtalking.com/	1970-01-21 03:59:29	Name: flashtalkingad1 Value: "GUID=5891ADFFCB93B1"
thubanoa.com/	1970-01-21 03:15:41	Name: oaidvc Value: 1
thubanoa.com/	1970-01-20 18:30:09	Name: CNT Value: 2_f247597d96d84d17823e7119f6390db8-counters
.flashtalking.com/	1970-01-21 03:15:41	Name: _D9J Value: c6569c2babad42e3b20ed42482ae56a2

172 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: Failed to create WebGPU Context Provider
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hubdrive.lat/file/1707753195 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8proof.com
ad-events.flashtalking.com
ad.doubleclick.net
agen-assets.ftstatic.com
ajax.googleapis.com
ajs-assets.ftstatic.com
arc.io
be4a738d32dad6a135fd70313e35c7dc.safeframe.googlesyndication.com
cdn.flashtalking.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cids.arc.io
cm.g.doubleclick.net
code.createjs.com
core.arc.io
d9.flashtalking.com
data.ad-score.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
greenfox.ink
gum.criteo.com
hubdrive-lat.cdn.ampproject.org
hubdrive.lat
ib.adnxs.com
id5-sync.com
interstitial-08.com
js.ad-score.com
littlecdn.com
mug.criteo.com
my.rtmark.net
orchestrator.strn-test.pl
orchestrator.strn.pl
pagead2.googlesyndication.com
s0.2mdn.net
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
stat.flashtalking.com
static.arc.io
static.criteo.net
storage.googleapis.com
su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws
sync.teads.tv
thubanoa.com
tpc.googlesyndication.com
tracker.arc.io
unpkg.com
us-u.openx.net
use.fontawesome.com
warden.arc.io
www-google-com.cdn.ampproject.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
su4hesnyinnwvtk3h2rkauh5ja0qrisq.lambda-url.us-west-2.on.aws
tracker.arc.io
100.24.196.120
13.35.93.38
130.211.115.4
139.45.195.8
139.45.197.151
139.45.197.242
142.250.65.198
142.250.81.226
162.19.138.116
172.64.151.101
18.223.141.84
2001:4860:4802:32::178
23.192.34.122
23.34.59.20
23.52.160.52
23.52.161.154
2600:1400:9000::687e:7771
2600:9000:2511:5400:a:e047:753:eb41
2600:9000:261f:6600:a:deb0:3380:93a1
2606:4700:10::6816:1974
2606:4700:10::ac43:266a
2606:4700:3037::ac43:b687
2606:4700::6810:7eaf
2606:4700::6811:180e
2606:4700:e6::ac40:ce26
2607:f8b0:4006:816::2001
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::201b
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::2008
2607:f8b0:4006:821::200a
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2006
2620:100:a001::4
2620:100:a001::c
2a02:6ea0:c454::1
2a04:4e42:400::485
35.244.159.8
44.214.189.209
5.45.74.150
52.116.53.150
52.85.61.22
54.148.16.68
54.187.207.111
68.67.179.155
74.119.119.139
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
03d5ffcc6177da76ee1578b71967331daf019b28e914d75dcc256de90fe9b016
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a3fbb228fb341deb6baf30f676646b536340159d1ecd8a7e249ec68538dcbfe
0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14579d762d09f2f9fca1b2ab1024fcc2732f889e7951036f201f2a32781162bc
1526f73de1bf43d964f28078db0415d20c0effa892051f6eeda5d830ab3b4d83
15dd17bc017fd6b5c5874bf0c0f127131b09f9f8a4a5f596aa846269f4bad7c9
15e43a1366b7c320c12ace3497892fd0eff14b08d3db0d833874c7a65712fa18
1664d91ecac81370ecbbe5f5ae6297a1a5e6c80e8cc5b51ff934ee2bf47f51f3
170fc28046efe0a2310c72af9f6d88c39458c227d4b9d7f77738f78cf1c3a11f
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
206990309abc82f83cda48281612279a46e32424883e7ee847bb72bbd2baa7a1
207e1e1afb3c9744375f80c1ab090b495ad5dbfc65f4f97ac49a113e79cbb347
218f36351173ba32d2174766c988b36276f03a2bfae4cefe3aecbcd1efae5921
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2ab8edff9c58f204e081ac899a8ba31288f81c61a493c8deeef596e8848b26e0
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d69a91e3b105d9ced4a5c0244a9dc3905f8eb061e72cb5518db5ef6d0d0635d
2dcb308a0ea2c9de8bbdee44a276aa7649ee5b3c6b19b956f03bb7191b3f661d
309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469
31501078b411835882c834ed620bebe77a2b8ff3664514358cda957fba8c247d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b
3465ab3f72d4c3ddc2943112cabd7d5bf5faec502ce18319571234957329a1b0
35876455baa5aee4bfb708042ab2a3c663020c92d4df5b2c1439fd540123fd09
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707
3c7ef1cfbb9a18cec258c6dab145183885d7816a7c5b205051b6829f3fdf751d
400851f4cac11f9e1867253c679fa40d686f328c0f61fa2957178ac544625f2c
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
461d0de8a053d33d52dac5281e5148855ddd8f6e26dcb90b4098ac7de9a611ab
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46c655c687b5d0fc7a2ed518db152a9313dc99c742d8db6985766262d31cf9f2
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
487bc1cf7b1631ce796c055c044f8b4e06a7caaaae72a0804c23e5f2f1791a52
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50b9b32493095c6ce4391b1faa2588105712b6c3350fddfdffbd4670708e53b1
5101d202c69226aa554c5a7dd1e747e5bfcd5354fcf9013f43cbda40e6362996
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
66803328f1ae4c73f53c1437c894e0340cf9c4c78b6d077eefdc5216e8a9e608
674095eb1ff2879823b8e203195d40bfd9c744568573a769c68575f6da98e5cd
6913b048346efd06877888168b8b0186f370ceefacc37e9f41804bcaeb2f2219
6aa048b01d7ab8f8552bc0f4a8326bebf170a51a476e961256e1f44c82a78a62
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
757b9768e0c48924a1cdf690463a65d4f48b864f131da4a6e67cafc15bd66430
7a4a51ab0b9301083e145526762d065e622a0ec8cfb5a866cd6b20c87087ff08
7d48b893dd21233b45473aacf13949b01afc7bd6686d5e25d363a8c3cf79208d
7e168d805ce7c7375cca70cdea9dccf17566a1e88011aa58bc93e353b1fcc653
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
823f3d2e7339af58d25572f5e697ed7564ceba53e72a911b012f9b5cf7560869
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
8e3737c1cbde4b54f6c8b42fcb3448200d1321b3b514684fcff6411f7e93c63d
8f913733fa2872d794c45a1e2191f2e9c75976a7715faf1ef70cf3e364df9458
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2
90151b963997a3db39b5d8d617142ca032dbb484a74008b6c5088ce86acc164f
913e171b5245fff3ab97eec98f479794d485656bccf280b8c70b5063bd86ed7b
96eadd31bb4448a864cabeb7062cbf560d879d719896034cb3ece73cf29d1187
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00db96687ddc535aff899eb1c1e1c0b9c56126185fea738bbab3615bd5331bb
a06c4c7e8189e33f4546a8ea658c82a4a841b550fbef298e6e5d42d267c046ed
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
a4ba6c968a796bdb16a92ddc4c307b8e7f686a710b1dd91878b28f07d70ae973
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a77bee92347b9bbd0786d53fe05e0d5c3d486c5db3f4682d9f4dfc21960542e9
a7b50550f89158637852c2017ea55f829accd775e838ab29844f5ea7ba90da28
aa4d0e8efcec216a936ef73e0ee042851655b45b738a2cd589231612a9846e9f
aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89
b085792cba4cacf7144409083b663be6d15686af10d7b3a1293aea5b7d9b3932
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39d09ccb303b024e73b2cb2888b32e1a5dd3f9e69baf6a4e0b0a3d1bafaf01b
b6fae66819d4c9cc2ddfd2906f37491aadbbe749dd671815b9e519ddbf5f1b8f
bb0f8d0ddd86c8950343123306347b29b3dfb334281d37a69069bd2dbe73f42a
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
bfe19adde9c04e9276b17f5ba9a2758b130a2f0be1bd14da628ff1d579d8b505
c096b03fb7123cf73a1d83a0b6887763401ebecf5dbe445752723b63c024c94c
c4553db9c6f8ac8363f52730234c6e6978828fd5638df4d0dbcfd8bec71a08ca
c4b6d7e7ce7a78f46ee5e89e202e7f1e9a6b6bb010f90348448a719f3ab76545
c54daeb5ad4fc2a0b82bbfb60caa61b869a55d15b2042554f4debade3756f932
ca943937aa6c69286d489d0720b1c8734d67446f5495374ff618f40788b65c75
cbe7ffa3541c7835c04ae9904baa5da0f4368cbe3252a35d746702992ca063ac
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d32e230d0853796d6ab90219c1003e0648167fd6341182e5fa0252cc253a4801
d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac
d5f83459cd7022769a57a436f24ed1540369eec2ebbec331275d46d8cfbea98c
d83b7c0e9b8f2e74b3cbe129a54793a25ea5410d9f7730f049df3e1f387be59f
d865c4606f6f8fdc900cd531f630064d76dff960ccf06cb46cd3f7a04d713bb3
d89da1877d7e6b1811df452cfd21e78ddd5da2b11236ecfb23348ccff6e0aa33
e039951c939cffe12fa9b4a8153712c6030d5b0206c303441001139691def56f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e571f01efdbaddcd862e78dd681302574b36f10254085432d81db3a9ee103f9c
e90a5c637aaf3fd0551492ed68bc29507ab232407fa0e5e6c3b3f823a7c52c46
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
edb3c01e1be23cd4ab06a59dd05ed00229349a2c70b703607ad37e618b6251d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef28985fbd9f194aaf189d73dbc036bb40bfa2265163bdd54480ea0946669a1f
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
ef41c2200bac61cf15d8c6d2baeace45a48db6035e3adc61bd9cdf088c661252
f07623eb23e21cec855bb1ed8235a08a0fa4c6e115a750e141aeef0273e8378d
f335bf8f784b806e2f4024efba23443bf5da6e33fd57660a8f71be55a73b3a36
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b
fba7b9242113390e99277bd207daba9b5b1bf029ae5a5867472cf0d8c589b05d
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

hubdrive.lat Open in urlscan Pro 2606:4700:3037::ac43:b687 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

203 Requests

91 %HTTPS

52 %IPv6

36 Domains

58 Subdomains

51 IPs

4 Countries

3425 kBTransfer

9860 kBSize

34 Cookies

1 Outgoing links

Page URL History

Redirected requests

203 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hubdrive.lat Open in urlscan Pro
2606:4700:3037::ac43:b687 Public Scan

Screenshot
Live screenshot

Full Image

203
Requests

91 %
HTTPS

52 %
IPv6

36
Domains

58
Subdomains

51
IPs

4
Countries

3425 kB
Transfer

9860 kB
Size

34
Cookies

203 HTTP transactions
17 data transactions