urlscan.io logo urlscan.io
SecurityTrails logo

www.pagalguy.com Open in urlscan Pro
35.201.114.91  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Submission: On August 04 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 5 countries across 24 domains to perform 143 HTTP transactions. The main IP is 35.201.114.91, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.pagalguy.com.
TLS certificate: Issued by GTS CA 1D4 on June 28th 2021. Valid for: 3 months.
This is the only time www.pagalguy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 35.201.114.91 15169 (GOOGLE)
2 13.224.96.66 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.96.91 16509 (AMAZON-02)
4 2a03:2880:f01... 32934 (FACEBOOK)
2 2a03:2880:f11... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 142.250.184.226 15169 (GOOGLE)
4 2a04:4e42:3::393 54113 (FASTLY)
1 3 13.224.96.37 16509 (AMAZON-02)
5 88.99.215.229 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 35.186.226.184 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 37.157.3.28 198622 (ADFORM)
10 2a00:1450:400... 15169 (GOOGLE)
3 6 142.250.186.66 15169 (GOOGLE)
3 5 2.18.234.21 16625 (AKAMAI-AS)
3 4 185.33.221.14 29990 (ASN-APPNEX)
5 37.157.5.72 198622 (ADFORM)
4 13.224.193.34 16509 (AMAZON-02)
28 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
143 33
9    35.201.114.91 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 91.114.201.35.bc.googleusercontent.com
www.pagalguy.com
2    13.224.96.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-66.zrh50.r.cloudfront.net
as.ge.pgstatic.net
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.224.96.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-91.zrh50.r.cloudfront.net
sc-static.net
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
5    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
4    2a04:4e42:3::393 (United States)

ASN54113 (FASTLY, US)
res.cloudinary.com
3    13.224.96.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-37.zrh50.r.cloudfront.net
sb.scorecardresearch.com
5    88.99.215.229 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.229.215.99.88.clients.your-server.de
app.playstream.media
3    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
18    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
10    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
5    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
4    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
5    37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
4    13.224.193.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-34.fra2.r.cloudfront.net
visitanalytics.userreport.com
28    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    2600:9000:20eb:200:8:3ed5:e880:93a1 (United States)

ASN16509 (AMAZON-02, US)
acdn.flickstree.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
Domain Requested by
28 s0.2mdn.net s1.adform.net
29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
imasdk.googleapis.com
15 pagead2.googlesyndication.com securepubads.g.doubleclick.net
29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
srcdoc
10 tpc.googlesyndication.com 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
9 www.pagalguy.com www.pagalguy.com
6 track.adform.net 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
s1.adform.net
5 s1.adform.net track.adform.net
s1.adform.net
www.pagalguy.com
29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 googleads.g.doubleclick.net 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
www.pagalguy.com
imasdk.googleapis.com
5 app.playstream.media www.pagalguy.com
app.playstream.media
imasdk.googleapis.com
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
5 www.googletagservices.com www.pagalguy.com
securepubads.g.doubleclick.net
29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
app.playstream.media
4 visitanalytics.userreport.com s1.adform.net
29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 res.cloudinary.com www.pagalguy.com
4 connect.facebook.net www.pagalguy.com
connect.facebook.net
3 acdn.flickstree.com app.playstream.media
3 www.google-analytics.com www.pagalguy.com
www.google-analytics.com
app.playstream.media
3 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 sb.scorecardresearch.com 1 redirects www.pagalguy.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 imasdk.googleapis.com app.playstream.media
imasdk.googleapis.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google.com tpc.googlesyndication.com
2 tr.snapchat.com
2 www.gstatic.com www.pagalguy.com
2 www.facebook.com www.pagalguy.com
connect.facebook.net
2 as.ge.pgstatic.net www.pagalguy.com
1 adservice.google.com imasdk.googleapis.com
1 fonts.googleapis.com s1.adform.net
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
1 sc-static.net www.pagalguy.com
1 www.googletagmanager.com www.pagalguy.com
143 34

This site contains links to these domains. Also see Links.

Domain
www.reddit.com
Subject Issuer Validity Valid
www.pagalguy.com
GTS CA 1D4		 2021-06-28 -
2021-09-26		 3 months crt.sh
pgstatic.net
Amazon		 2021-02-18 -
2022-03-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-11 -
2022-02-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2020-05-27 -
2022-06-22		 2 years crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.playstream.media
AlphaSSL CA - SHA256 - G2		 2021-04-06 -
2022-05-08		 a year crt.sh
tr.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-01-23		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.userreport.com
Amazon		 2021-02-18 -
2022-03-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
acdn.flickstree.com
Amazon		 2021-07-09 -
2022-08-07		 a year crt.sh

This page contains 16 frames:

Primary Page: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Frame ID: DEF56DB12741B1B833EF7AFFCBB895DD
Requests: 55 HTTP requests in this frame

Frame: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9DE95998F4699B863482A79DBBD20618
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1de33b92-85ca-4244-bc3f-279e40587d06
Frame ID: 3E7F9675E9C9970837B005D7A7FB8E27
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 344D25FFF16D4B360FB009D4E01A2F14
Requests: 1 HTTP requests in this frame

Frame: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 738C4E9520A0F71CC5593988D29B95D3
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiPdRCH234YiebkmgEwAQ&v=APEucNVG3EXWeltMVBLwqaOn4QgWeSGZbseEllhTzxzANrDKY9HOnVHtkSLOeei0f_h0Cr9eL6m5GidWJZvPsHx0J-Ayg5LnLj7idD2Fwv5QHTUS7R3-rzR05C7aWLnRLAS6qvITPu6wZ4Bsn8SUwm7R2OOXxE-zR1cR9k-EACmku6QRKkMcopE
Frame ID: 70C203A796DF21AB6C5DC0D8282E62CD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8736AF662B9749838145A1CD3EBAF8B8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: FB4EE24441FA9CBCB85880A4E021D3B1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9ED545147608A25EF1CC5652DF85180D
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/19674/9622264/9622264.js?ADFassetID=9622264&bv=769
Frame ID: DD536890CC67D74E6A4DF9FB9EB84534
Requests: 33 HTTP requests in this frame

Frame: https://visitanalytics.userreport.com/hit.gif?event=iv-inview&f=yes&t=ORCadf2-2246887-7182218&i=no&d=&med=https%3A%2F%2Fwww.pagalguy.com%2F&rnd=zfw4u6iq5b&campaign=2246887&placement=7182218&order=Boxer%20%2F%20RTB%20%2F%202021&format=300x250&publisher=1452227&m=cross
Frame ID: EB895862C4541287CAEC2E397DCE0A28
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 42C05282D5BFFC819E1F7C09647A0768
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1E2C743B39AD842DA72E83C41856DFFA
Requests: 1 HTTP requests in this frame

Frame: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5DFA8C18B07864C4F14C2C918AD293F9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLuAtAIQ-v65Ahi9q6GrATAB&v=APEucNXJEx7FRYrVBpi9-tfcQTEdbddxh8ZROQvNG4WWgzRvZlGgEdOV9V5zxLZ7d1s4i8SE4YjExENeLfroIlEV9kv_IfRmuA
Frame ID: 9AF71C2A8D5F617BE57C5BBC93CC20E1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A70A78B45F9649097BD4309AB27C929F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Google Frontend/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

143
Requests

99 %
HTTPS

59 %
IPv6

24
Domains

34
Subdomains

33
IPs

5
Countries

2638 kB
Transfer

6949 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://sb.scorecardresearch.com/b?c1=2&c2=7602874&ns__t=1628108272836&ns_c=UTF-8&cv=3.5&c8=NFL%20STREAMS%20REDDIT&c7=https%3A%2F%2Fwww.pagalguy.com%2Fdiscussions%2Fnfl-streams-reddit-116062938591898&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7602874&ns__t=1628108272836&ns_c=UTF-8&cv=3.5&c8=NFL%20STREAMS%20REDDIT&c7=https%3A%2F%2Fwww.pagalguy.com%2Fdiscussions%2Fnfl-streams-reddit-116062938591898&c9=
Request Chain 50
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGnE8f9fNbQms5DAi8K56EU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGnE8f9fNbQms5DAi8K56EU&google_cver=1&C=1
Request Chain 51
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQr18WgnmDmHIOfUWUjoqAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKW_z6nKZRYoFUbz-qCocQ&google_cver=1
Request Chain 52
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHE0Xuwlf4jKcsdg7iy-oKo&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHE0Xuwlf4jKcsdg7iy-oKo%26google_cver%3D1
Request Chain 53
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM2MTc2Nzk1ODUyOTgzNTM1MA%3D%3D

143 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request nfl-streams-reddit-116062938591898
www.pagalguy.com/discussions/ 		134 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.114.91 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
91.114.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
58a360f78aef78229dbb8fa213ed96186c858ad096b5fe32d6e4733dc4e82c98

Request headers

:method
GET
:authority
www.pagalguy.com
:scheme
https
:path
/discussions/nfl-streams-reddit-116062938591898
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
vary
Accept-Encoding
surrogate-key
116063598145185 116063291803295 116063037870748 116062857207449 116062938591898 t-33
surrogate-control
public, max-age=6192000, stale-if-error=21600, stale-while-revalidate=900
etag
W/"2178a-qKHsUvjqMgPmCrfq1XXBpMtRdc4"
content-encoding
gzip
x-cloud-trace-context
de7540191b8348ac99333ae92dd969e0
date
Wed, 04 Aug 2021 20:17:51 GMT
server
Google Frontend
cache-control
private
content-length
29394
via
1.1 google
alt-svc
clear
blank.png
as.ge.pgstatic.net/paagal/static/img/ 		68 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://as.ge.pgstatic.net/paagal/static/img/blank.png
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-66.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 02:27:46 GMT
via
1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
age
15184206
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-length
68
last-modified
Fri, 01 Apr 2016 06:33:58 GMT
server
AmazonS3
etag
"978c1bee49d7ad5fc1a4d81099b13e18"
x-amz-version-id
FfdGoSTHMPad.Wf5L1mhOuYt4w1YR6bZ
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
MDVpuVSGXO6B632rwwd381r3hflflJ8JOc549LE22kEhHg0jqt_6uA==
expires
Sat, 30 May 2015 18:08:02 GMT
gtm.js
www.googletagmanager.com/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NF9H73T
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9680c8a4ea6c755d45a980c0d1579eaa9aaab4843126fd473726c9fac4886353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42377
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 18:59:43 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 04 Aug 2021 20:17:51 GMT
app-8d149275c2.css
www.pagalguy.com/assets/css/ 		188 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pagalguy.com/assets/css/app-8d149275c2.css
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.114.91 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
91.114.201.35.bc.googleusercontent.com
Software
nginx/1.16.1 /
Resource Hash
dc56f87b67d1c293ec96a34e0a46a0879962ad792fd7334e4c8b24337037dcdd

Request headers

:path
/assets/css/app-8d149275c2.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.pagalguy.com
referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-handled-by
frontend.pagalguy.com
date
Sun, 01 Aug 2021 10:25:56 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
nginx/1.16.1
age
294715
etag
W/"2f186-49773873e8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
via
1.1 google
x-cloud-trace-context
d84e9f453105c960c86d834acc347e16
cache-control
max-age=691200,public
alt-svc
clear
content-length
43138
expires
Mon, 09 Aug 2021 10:25:56 GMT
scevent.min.js
sc-static.net/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
CloudFront /
Resource Hash
a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:51 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
ZRH50-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
5873
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
x-amz-cf-id
1d1CUkWv1xPmOii-pEOVM1hlNPJ0kckCKvkwOCh7U3PQO3Y-_if-DQ==
useravatar.png
as.ge.pgstatic.net/beta2/img/ 		618 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://as.ge.pgstatic.net/beta2/img/useravatar.png
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-66.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4c9e5c11cf6430570dca3f6979b72b66e1dd5c21c013ee4ec2ae98d8bd8ceb2

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 15:35:59 GMT
via
1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
age
8484113
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-length
618
last-modified
Fri, 01 Apr 2016 06:18:55 GMT
server
AmazonS3
etag
"1977cc05b3770a0fd796977483c00a41"
x-amz-version-id
UVdat2tHNKWnmm0skYFT5akRVfnKE4rb
cache-control
public, max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
LWlm4D8Ab-qvc1sPagnu3hvnXvG2kW7CPQu5jqMzhDp4c7-G7et4OQ==
expires
Fri, 21 Feb 2014 08:15:14 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25944
x-xss-protection
0
pragma
public
x-fb-debug
YYn7a6+AK8ZXu97HkEcFxq3wH0rqGlAe1vYNL1vyYqGD2dynJm4rfCjdelgvWqiI4BzZZRRmfCiLDjFf/DYfig==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Wed, 04 Aug 2021 20:17:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
127938984215101
connect.facebook.net/signals/config/ 		253 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/127938984215101?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fc6b424bfb99ad902889a0dd1614ddc78808c8544ef8eb8f4b213cd6d74c12f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
BNEuCoptkqRlu/3U2Xzf9FYGFK+XtnwCJ2USq7UR0CuyDq57HxIyirBJMOqTR5ZxXaW88LWxX9bAPIG64ndb0Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 04 Aug 2021 20:17:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cropped-pg_logo.png
www.pagalguy.com/wp-content/uploads/2020/04/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pagalguy.com/wp-content/uploads/2020/04/cropped-pg_logo.png
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.114.91 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
91.114.201.35.bc.googleusercontent.com
Software
nginx/1.16.1 /
Resource Hash
613dca4e10c21b87aaeb1a8b43582fa057543d58d3389d4ddce2af1ca4d2b167

Request headers

:path
/wp-content/uploads/2020/04/cropped-pg_logo.png
pragma
no-cache
cookie
_gcl_au=1.1.1291037719.1628108272
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.pagalguy.com
referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-handled-by
litespeed
x-isfrontendauthenticated
0
date
Tue, 03 Aug 2021 14:49:17 GMT
via
1.1 google
age
106115
x-liteproxy-cache-status
STALE
alt-svc
clear
content-length
14678
pragma
public
last-modified
Mon, 13 Apr 2020 11:55:43 GMT
server
nginx/1.16.1
x-frontendauthenticatedvalue
0
etag
"3956-5e94533f-306b70b4b01a58c;;;"
content-type
image/png
x-iswpauthenticated
0
x-wpauthenticatedvalue
0
cache-control
public, max-age=604800
accept-ranges
bytes
x-isdesktop
0
expires
Thu, 02 Sep 2021 14:37:01 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=127938984215101&ev=PageView&dl=https%3A%2F%2Fwww.pagalguy.com%2Fdiscussions%2Fnfl-streams-reddit-116062938591898&rl=&if=false&ts=1628108272242&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628108272240.1291967903&it=1628108271837&coo=false&rqm=GET
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 04 Aug 2021 20:17:52 GMT
bundle-main-5256774f614593bad890.js
www.pagalguy.com/assets/ 		1 MB
483 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.114.91 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
91.114.201.35.bc.googleusercontent.com
Software
nginx/1.16.1 /
Resource Hash
15fbe313cb854871f6c509625836d2c357a045f6547cc7b7703effddbfce7b47

Request headers

:path
/assets/bundle-main-5256774f614593bad890.js
pragma
no-cache
cookie
_gcl_au=1.1.1291037719.1628108272; _fbp=fb.1.1628108272240.1291967903
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.pagalguy.com
referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-handled-by
frontend.pagalguy.com
date
Sun, 01 Aug 2021 10:25:56 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
nginx/1.16.1
age
294716
etag
W/"17404b-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 google
x-cloud-trace-context
10a1c43578c519ff34fdabee63819093
cache-control
max-age=691200,public
alt-svc
clear
content-length
493848
expires
Mon, 09 Aug 2021 10:25:56 GMT
bundle-4-d39e445a1014295bd9dd.js
www.pagalguy.com/assets/ 		331 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pagalguy.com/assets/bundle-4-d39e445a1014295bd9dd.js
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.114.91 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
91.114.201.35.bc.googleusercontent.com
Software
nginx/1.16.1 /
Resource Hash
414bf79e6c636ecf1482fd75e212b6dd43412fae7cc945921fa33ccf29f1b11b

Request headers

:path
/assets/bundle-4-d39e445a1014295bd9dd.js
pragma
no-cache
cookie
_gcl_au=1.1.1291037719.1628108272; _fbp=fb.1.1628108272240.1291967903
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.pagalguy.com
referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-handled-by
frontend.pagalguy.com
date
Sun, 01 Aug 2021 14:04:56 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
nginx/1.16.1
age
281576
etag
W/"52b36-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 google
x-cloud-trace-context
012faf559f7a1e411336be70837ea196
cache-control
max-age=691200,public
alt-svc
clear
content-length
113386
expires
Mon, 09 Aug 2021 14:04:56 GMT
gpt.js
www.googletagservices.com/tag/js/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25dc940b7795073e79da33da04b3bec9ff7577711a4eaa3fbc5f4d96169a5210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"949 / 740 of 1000 / last-modified: 1628076948"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24817
x-xss-protection
0
expires
Wed, 04 Aug 2021 20:17:52 GMT
firebase-app.js
www.gstatic.com/firebasejs/5.9.1/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.9.1/firebase-app.js
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b9e1f4a7913eb5b29d8b1fbe6b64992fb7462abc3d0b523a82c0b3a69cca2a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 19:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522895
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12927
x-xss-protection
0
last-modified
Thu, 21 Mar 2019 22:04:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Jul 2022 19:02:57 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.9.1/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.9.1/firebase-messaging.js
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e7fdb4d9f444a44d1c1dfe1ade065b7c16e61b8bea231a616b347effa35359c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9626
x-xss-protection
0
last-modified
Thu, 21 Mar 2019 22:04:12 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Aug 2022 20:05:53 GMT
register-service-worker.js
www.pagalguy.com/assets/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pagalguy.com/assets/register-service-worker.js?v=2
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.114.91 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
91.114.201.35.bc.googleusercontent.com
Software
nginx/1.16.1 /
Resource Hash
c13e2ba2aa8d423a9a5d0a846214aaf2b8ee5070f75eafc8534fa056ff7d3f26

Request headers

:path
/assets/register-service-worker.js?v=2
pragma
no-cache
cookie
_gcl_au=1.1.1291037719.1628108272; _fbp=fb.1.1628108272240.1291967903
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.pagalguy.com
referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-handled-by
frontend.pagalguy.com
date
Sun, 01 Aug 2021 10:25:56 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
nginx/1.16.1
age
294716
etag
W/"42d-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 google
x-cloud-trace-context
87fe9c5cf8def540c89f50a8c9065d90
cache-control
max-age=691200,public
alt-svc
clear
content-length
582
expires
Mon, 09 Aug 2021 10:25:56 GMT
pubads_impl_2021072901.js
securepubads.g.doubleclick.net/gpt/ 		325 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 08:44:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116135
x-xss-protection
0
expires
Wed, 04 Aug 2021 20:17:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		111 B
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.pagalguy.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
67b451a89cd17c8f60d588b35b793ae8c9fe77b120232ccb2774e31d9d2e027e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 04 Aug 2021 20:17:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96
x-xss-protection
0
expires
Wed, 04 Aug 2021 20:17:52 GMT
https%3A%2F%2Fwww.pagalguy.com%2Fwp-content%2Fuploads%2F2020%2F04%2Fcropped-pg_logo.png
res.cloudinary.com/prepathon/image/fetch/w_280,c_pad,f_auto,q_90/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/prepathon/image/fetch/w_280,c_pad,f_auto,q_90/https%3A%2F%2Fwww.pagalguy.com%2Fwp-content%2Fuploads%2F2020%2F04%2Fcropped-pg_logo.png
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
c8e096e7196964fbfe05d1422b5f55f27e43052f9709d00919ac648d23f6cca6
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:52 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="cropped-pg_logo.webp"
server-timing
fastly;dur=3;cpu=2;start=2021-08-04T20:17:52.538Z;desc=hit,rtt;dur=5
vary
Accept,User-Agent
content-length
8218
last-modified
Mon, 07 Dec 2020 08:53:52 GMT
server
Cloudinary
etag
"33ff26d6d7530ad5eb2108b1a71a74d5"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
bundle-7-1b33559573c86427eb73.js
www.pagalguy.com/assets/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pagalguy.com/assets/bundle-7-1b33559573c86427eb73.js
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.114.91 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
91.114.201.35.bc.googleusercontent.com
Software
nginx/1.16.1 /
Resource Hash
a99bf1063c70f0aa80ae036a6c1be4e7f9e6a04f9f9cd5ddc61a4c07cc4c9b0e

Request headers

:path
/assets/bundle-7-1b33559573c86427eb73.js
pragma
no-cache
cookie
_gcl_au=1.1.1291037719.1628108272; _fbp=fb.1.1628108272240.1291967903
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.pagalguy.com
referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-handled-by
frontend.pagalguy.com
date
Fri, 30 Jul 2021 11:43:30 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
nginx/1.16.1
age
462862
etag
W/"b7ec-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 google
x-cloud-trace-context
4177eaf00daa43ed461cd018de62493a
cache-control
max-age=691200,public
alt-svc
clear
content-length
12374
expires
Sat, 07 Aug 2021 11:43:30 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/assets/bundle-4-d39e445a1014295bd9dd.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
33a5cbdc9f176f43bd994e3c3fb812097e358e79488e0251f213b623f8a3356d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
PbgUkMqSU6N0cD7KXbNopw==
cross-origin-resource-policy
cross-origin
expires
Wed, 04 Aug 2021 20:27:40 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
cGXr6izFsdbq4kjg0F0Qpl6wpt2jGdZxwI2oPGzC0r6o5hBPv7cLFWiRFGS4qD6Nq5dhAudfXtWhAP3zZ/yHIg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
x-fb-content-md5
d2cfcd0b40b1e2cbb579bf841ef885ca
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 04 Aug 2021 20:17:52 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"9332fa4570ca3c74229d40128b206a3e"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
bundle-0-b14c0feef91640a58f54.js
www.pagalguy.com/assets/ 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pagalguy.com/assets/bundle-0-b14c0feef91640a58f54.js
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.114.91 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
91.114.201.35.bc.googleusercontent.com
Software
nginx/1.16.1 /
Resource Hash
fd11294e1f6694dd7401880736deb6bbdf6429724fcdfd868f6238c0d5b2d2dd

Request headers

:path
/assets/bundle-0-b14c0feef91640a58f54.js
pragma
no-cache
cookie
_gcl_au=1.1.1291037719.1628108272; _fbp=fb.1.1628108272240.1291967903
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.pagalguy.com
referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-handled-by
frontend.pagalguy.com
date
Sun, 01 Aug 2021 10:25:59 GMT
content-encoding
gzip
age
294713
alt-svc
clear
content-length
20277
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
nginx/1.16.1
etag
W/"11904-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 google
x-cloud-trace-context
872b20609e77f64f5f82cccda797cd75
cache-control
max-age=691200,public
accept-ranges
bytes
expires
Mon, 09 Aug 2021 10:25:59 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-37.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 19:53:48 GMT
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1444
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
81p9bzaPApJO5sAgQzklQXBjO0jAiu2nmibYW9dbrUOO_-5ZVW7N4w==
https%3A%2F%2Fas.ge.pgstatic.net%2Fdefault_avatars%2F17.png
res.cloudinary.com/prepathon/image/fetch/w_40,h_40,c_fill,g_face,f_auto,q_90/ 		286 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/prepathon/image/fetch/w_40,h_40,c_fill,g_face,f_auto,q_90/https%3A%2F%2Fas.ge.pgstatic.net%2Fdefault_avatars%2F17.png
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
5acd9bae126b09d1760eee11a877082036df997111036c2cbfe97ead1423e462
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:52 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="17.webp"
server-timing
fastly;dur=2;cpu=1;start=2021-08-04T20:17:52.660Z;desc=hit,rtt;dur=5
vary
Accept,User-Agent
content-length
286
last-modified
Sat, 31 Oct 2020 07:48:05 GMT
server
Cloudinary
etag
"0b489d9540c8df3b6e49074e39f34af5"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
https%3A%2F%2Fas.ge.pgstatic.net%2Fbeta2%2Fimg%2Fuseravatar.png
res.cloudinary.com/prepathon/image/fetch/w_32,h_32,c_fill,g_face,f_auto,q_90/ 		108 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/prepathon/image/fetch/w_32,h_32,c_fill,g_face,f_auto,q_90/https%3A%2F%2Fas.ge.pgstatic.net%2Fbeta2%2Fimg%2Fuseravatar.png
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
4507b4e3cc99e263174feacfb82ee385d28f874ca44677cef09da95f709668d2
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:52 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="useravatar.webp"
server-timing
fastly;dur=1;start=2021-08-04T20:17:52.660Z;desc=hit,rtt;dur=5
vary
Accept,User-Agent
content-length
108
last-modified
Sat, 31 Oct 2020 08:40:20 GMT
server
Cloudinary
etag
"26d2a173523108fbad66e4d2e144a4e0"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
https%3A%2F%2Ffi.ge.pgstatic.net%2Fpagalguyv9%2Fembed_images%2F26fc91b38f1a4b6496742d9364800066.jpg
res.cloudinary.com/prepathon/image/fetch/w_550,c_limit,f_auto,q_90/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/prepathon/image/fetch/w_550,c_limit,f_auto,q_90/https%3A%2F%2Ffi.ge.pgstatic.net%2Fpagalguyv9%2Fembed_images%2F26fc91b38f1a4b6496742d9364800066.jpg
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
1bba3dae0c5bc59ddbdfa88c3f1d32d24193a9bf23d3cc91669100cb6be36f11
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:53 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="26fc91b38f1a4b6496742d9364800066.webp"
server-timing
fastly;dur=399;cpu=0;start=2021-08-04T20:17:52.660Z;desc=miss,rtt;dur=5,cloudinary;dur=23;start=2021-08-04T20:17:52.986Z
vary
Accept,User-Agent
content-length
22894
last-modified
Wed, 04 Aug 2021 20:10:58 GMT
server
Cloudinary
etag
"de25197ed4f077af2b1a6fc05495f2b5"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
4f6f81e3-b6a2-4a34-83e4-373c8182bcc6.js
app.playstream.media/domain/instream/ 		1 KB
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.playstream.media/domain/instream/4f6f81e3-b6a2-4a34-83e4-373c8182bcc6.js
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.229.215.99.88.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
519272ded2722b716ff2639d808492b3f7a1f2eb1c311ec75dca3e3ec1838797

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:52 GMT
content-encoding
br
last-modified
Mon, 21 Dec 2020 11:02:47 GMT
server
nginx/1.17.10
etag
W/"5fe080d7-41b"
content-type
application/javascript; charset=utf-8
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryiSvhUI3tARilrx7a

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Wed, 04 Aug 2021 20:17:52 GMT
content-type
text/plain
access-control-allow-origin
https://www.pagalguy.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
sdk.js
connect.facebook.net/en_US/ 		234 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=72bbab41a1680846370211759b47de2c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa6952857ab4d540c5c1160e47d09e90ebaa6b4274415ba17d086acc489e3cea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.pagalguy.com
Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
kow3pEd3lV8O5pvLm2/riA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
69543
x-fb-rlafr
0
x-fb-debug
Q2hsXm37t53B8GEAOZjIh9c9k+K38jETRJX4AcEv97HH9TkTRTNMH3IdwT/2p/fsfrtRkFkxleZmZpZNhcLtdg==
x-fb-content-md5
8d7a033bc31cdc1667f3e81b57dc25a8
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 04 Aug 2021 20:17:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"e4f116279413cfbf5bf0339030f7cff4"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 04 Aug 2022 18:37:36 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=7602874&ns__t=1628108272836&ns_c=UTF-8&cv=3.5&c8=NFL%20STREAMS%20REDDIT&c7=https%3A%2F%2Fwww.pagalguy.com%2Fdiscussions%2Fnfl-streams-reddit-1160629385918...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7602874&ns__t=1628108272836&ns_c=UTF-8&cv=3.5&c8=NFL%20STREAMS%20REDDIT&c7=https%3A%2F%2Fwww.pagalguy.com%2Fdiscussions%2Fnfl-streams-reddit-116062938591...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=7602874&ns__t=1628108272836&ns_c=UTF-8&cv=3.5&c8=NFL%20STREAMS%20REDDIT&c7=https%3A%2F%2Fwww.pagalguy.com%2Fdiscussions%2Fnfl-streams-reddit-116062938591898&c9=
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-37.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:52 GMT
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
7pRP_Wk4lAQU2sqe1l8bB-6wiYgV53IdVpGaOKDQbPL8FBipQXctYQ==

Redirect headers

date
Wed, 04 Aug 2021 20:17:52 GMT
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=7602874&ns__t=1628108272836&ns_c=UTF-8&cv=3.5&c8=NFL%20STREAMS%20REDDIT&c7=https%3A%2F%2Fwww.pagalguy.com%2Fdiscussions%2Fnfl-streams-reddit-116062938591898&c9=
content-length
226
x-amz-cf-id
n5m6cP-N6OgdZq9mKhrEZ3j6Fur6dEiv4kIJvO10SFWN6PS987k2qw==
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2521257354806272&correlator=2597547456118135&output=ldjh&impl=fifs&eid=31060438%2C44742768%2C20211866&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210804&iu_parts=21805061584%2CPDL_Network%2CPDL_Pagalguy_WC_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1628108272&dt=1628108272844&dlt=1628108271757&idt=1046&frm=20&biw=1600&bih=1200&oid=3&adxs=650&adys=367&adks=612759384&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.pagalguy.com%2Fdiscussions%2Fnfl-streams-reddit-116062938591898&vis=1&dmc=8&scr_x=0&scr_y=0&psz=580x0&msz=300x0&ga_vid=1018949766.1628108273&ga_sid=1628108273&ga_hid=1843710945&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
92d9d0b79b806f07e777d7cfe8e5fa6a7ab8739837f8be1f540a4ec2ae6737bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8192
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.pagalguy.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9DE9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pagalguy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pagalguy.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 04 Aug 2021 20:17:52 GMT
expires
Thu, 04 Aug 2022 20:17:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
instream.js
app.playstream.media/js/instream/ 		283 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.playstream.media/js/instream/instream.js
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/domain/instream/4f6f81e3-b6a2-4a34-83e4-373c8182bcc6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.229.215.99.88.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
58ee36480aa68e791322f58872f412e74002d6ed20de2bb8ea2b69d95487b903

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:52 GMT
content-encoding
br
last-modified
Sat, 06 Mar 2021 07:09:26 GMT
server
nginx/1.17.10
etag
W/"60432aa6-46db6"
content-type
application/javascript; charset=utf-8
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
2479
date
Wed, 04 Aug 2021 19:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 04 Aug 2021 21:36:34 GMT
i
tr.snapchat.com/cm/ Frame 3E7F 		0
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=1de33b92-85ca-4244-bc3f-279e40587d06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=1de33b92-85ca-4244-bc3f-279e40587d06
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pagalguy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pagalguy.com/

Response headers

server
nginx/1.17.3
date
Wed, 04 Aug 2021 20:17:53 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame 344D 		0
206 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
275
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.pagalguy.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pagalguy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://www.pagalguy.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pagalguy.com/

Response headers

server
nginx/1.17.3
date
Wed, 04 Aug 2021 20:17:53 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBgRUAIAQFwIm8h1+yTsIUhu8OLxsdTFsraEkXRZ4ilN10MdjFjJi6sOvB8AfkSrmTMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1843710945&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pagalguy.com%2Fdiscussions%2Fnfl-streams-reddit-116062938591898&dp=%2Fdiscussions%2Fnfl-streams-reddit-116062938591898&ul=en-us&de=UTF-8&dt=NFL%20STREAMS%20REDDIT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAhAAEABEAAAAC~&jid=2026226904&gjid=1871020324&cid=1018949766.1628108273&tid=UA-64518-1&_gid=31682174.1628108273&_r=1&_slc=1&cd2=&cd3=Staff%20Selection%20Commission%20(SSC)&cd4=empty&cd7=empty&z=1856869398
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.pagalguy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-64518-1&cid=1018949766.1628108273&jid=2026226904&gjid=1871020324&_gid=31682174.1628108273&_u=aAhAAEAAEAAAAC~&z=592418664
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 04 Aug 2021 20:17:53 GMT
content-type
text/plain
access-control-allow-origin
https://www.pagalguy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-64518-1&cid=1018949766.1628108273&jid=2026226904&_u=aAhAAEAAEAAAAC~&z=2084344929
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-64518-1&cid=1018949766.1628108273&jid=2026226904&_u=aAhAAEAAEAAAAC~&z=2084344929
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d5c86c9f0e808bbcc5428a28aec61b7aad82b49b8d178c9f8df2cbae3bd9ac7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 04 Aug 2021 20:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8765
x-xss-protection
0
container.html
29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 738C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pagalguy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pagalguy.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 04 Aug 2021 20:17:52 GMT
expires
Thu, 04 Aug 2022 20:17:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:53 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627903448373927"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Wed, 04 Aug 2021 20:17:53 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 70C2 		624 B
594 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiPdRCH234YiebkmgEwAQ&v=APEucNVG3EXWeltMVBLwqaOn4QgWeSGZbseEllhTzxzANrDKY9HOnVHtkSLOeei0f_h0Cr9eL6m5GidWJZvPsHx0J-Ayg5LnLj7idD2Fwv5QHTUS7R3-rzR05C7aWLnRLAS6qvITPu6wZ4Bsn8SUwm7R2OOXxE-zR1cR9k-EACmku6QRKkMcopE
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNiPdRCH234YiebkmgEwAQ&v=APEucNVG3EXWeltMVBLwqaOn4QgWeSGZbseEllhTzxzANrDKY9HOnVHtkSLOeei0f_h0Cr9eL6m5GidWJZvPsHx0J-Ayg5LnLj7idD2Fwv5QHTUS7R3-rzR05C7aWLnRLAS6qvITPu6wZ4Bsn8SUwm7R2OOXxE-zR1cR9k-EACmku6QRKkMcopE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 04 Aug 2021 20:17:53 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlkGsOO8RgWYOGumEZ9TXyhdB87XjOOtc_PYwkFDAQFuEprvGeQpZFTgKUC; expires=Mon, 29-Aug-2022 20:17:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 04 Aug 2021 20:17:53 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 738C 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnhAO2isE0VXqXvh_mnFpCZArt_Z_Ctp6cdwL4B_gofM3Db90C-G4vxTiOZyq_IyDbtonegw-KblyQLWSV3rZ1iL5JQkudfykauec6XdVTtZIXW4iHWPux9KcnStRFbgyDajPDD4eWSrJ9UztM2CCh5kEimg&cry=1&dbm_d=AKAmf-Az6kOTMdJ4dfqw3xRMWApAChGItb5PQ5mkpKl74JaJ2aXKihLQ6s2FgLkbE5CkxFnTWzTQ0qEd1OY3aQf6ti6lh4lKNHZhqqtWTUZyHUm3X4sLUAI2Net-pa64-FY_F9RyXtaY_lNiGimxpwZMpBXWMapVzA6Ppwr-2EEi2p_-coloM83KzgTFLGOPNxUzdcL5Rbzyc-Zxncx17ckXC8OJLmwQU7w0PvAmC1zlkAuWc0bSch3Vez8DvOwg6u48EsOL_Fvogdeypz5sisTcyNW82AkInes13hCQtoulwuLQYheUgp70XnyHFqoeHwn95Eh_YDRhRhfho4s7aaC-3-u-k4DhsLhSipzS0Ny58_fSQD9gFLKTnujC5_qW4kkq9922CMJZmbVEpqD9iois_LTCVmAGJoLiV6lmAxnV69_lhqhIeHfDxWLeVWHCRgufEwCYdVbIBqrzaZTUoOUNz4k-DZDQ1lbjG7SrxcFB0DjiG_6r63xm9UoNcRc06tMTxCW2RDASOz8wDf7gEtAP0k1DXIcrFUdZYcEfnJ9iJ8Y3xyU0DPw0qtmxk1V6nPxayRyCvjP98iPOzc6KNibH017c6CycpwdrsEMkzGU9UwRO2pRnfuEUQ9sM9O4ND_rIOZJhZpYe0WbQxyTtUp5MkUmeRG2AONOZPI3fmlKhaeLfgOnjz-j-_vdD0JCPGuHQcjfMXVif751N1kTtS5jxtMFCV1KFj6oaNSDauhgsYa_CGoSkDb2KBUBrAS8EZPYhOvgzcWITUvVs-tV6xGlxUgt7CicL1tv3ZLimJMiTcNyJJUSFAsKt-hYklm3cibCFGc2ldMwM5D2NMfEMZxe910DTpIfvAPuGaHfVGMj5cIhHe-YlHA472ZiI2mMeit30SHpdfdhn0BGweWcX_XIDL566L6qeSK_0vHIlkoOMQBEWXoR95RZWeqpvrACVH9xHF6bQnK-yJ3InXgOxIT98xp29U1xWomJobMWNbHar1uITP67q5qrMv1jWtZAEkMbMXy0P9f9zHwQhkV7AfCy9y11gnCWb2vY3goEi-9wZ0yhjdS2f5v1WhlaAFnIqdmlWSv96T4AkjZjtyBFj9FVOb6HNcBphZMjVI4srSXhjxmgVjM63Nh_pwO4-C0gUi5GImu5ge8fGT3U4_-RuNwE5C_JipWqxaPE93aeOtf3RTDPG0q4CxNBMTd8tUiZ7gdc66ma-MuZOhfuR2DALsRYYQsF6vOhP1-7o84RWtAx_VHZ4CqorCxWvbVhG5BMxYWQ0clgPdfIOYAZxFa3tN8GldViwAr4CCi2qqBZYX19xm_9pdBeMairatIzI8gx3SJGuXpt_L9Et4TODrKmCYw4HMizrMKj9foMpXFQvHH9QZk1UyJPad9psIvjNVBDAhbaDKC5O8C2UcUvZye8CS9_esv4id5MwEBZVQLrRPaGfzsPBqN58bAYcvcDjcQZOn-_HpvtKfLqDrPbxJ41fAYUHejzLST8lHPFkmMlCJgY3qfI_Fc1j9UP183Oju8ijSVRAa6jpoE_lr3iU3kQsS7tJncowhWJFHE_5JSI9BFPF5OGT0QWaQosd2tSmJNO1_U7wcLyKOG_NcBGbmIWm7cvUeazSB7RxVbPf7eeukV6fF-feLUhOvqC4Om31jXE0um57MCNf2gn-kvMDVZm_44zNor5FFBI79zjCvBSffY6VAUMZWJdysoGM1PNzroAVfiSMIbKIvr2DdvrUHApMHAdMzrA5X2ebuV-Y8P8geHpHwaF7i7665MRDqL-Z7b42oOIzM3S4U4_861_l72_di9jWdu8vF3E2ZKjfnSmMPgCx2BxbdGGxWH6v89ppE21at14bUop4IRxwZ23_liMw68ma9A_1UG5cTNLrnoTnvgqeLS1DAwvAG2R5jgtCwgMx-oXrKpLVqzNOJRQosJmqsAbrEXgO5QCdgYhMpHPnrmSnET-fRfthl0eNZtGydK7hXV2nD5T7jcMOMDn2f8O4Bg-CNbJQgbdrEFItygLAZKOI91JmQQfUr7eZmVbeKi4RzRshs51W31BkLXRQQcsgycgsohsDQWYCauvnWK_BH2ujUk2si6bOmxgPe8oV1ne5hPyDygNeEg1rQdTM94K4LxwoVk3KtPqcd_nrCpnvFoFdtVGL5WU9l-EBmTWmm44OFeFasJAs3pjEALIZpKvJOYMldfBh5izN0CBAPKD3sCBrCee4rGX217NagJIkPnS8tW0T5-7fNdMjagyhn_F4tlLDl7-dVvvCyhVjrL2Lyc9xauPry-ephxvLLMSgCSu1rv461Rs1VetmF4Y2JHJ2USWxZVxe-AuPnNwyxt0Q5k_8hg6vve5alh1KLNOkrh-Zb9u6mAXOjPJRBIMb4Oa5V5Su8zC_jNqSfZ1U2zQomiBwsz7uh2KTTuS_zlezLAdE9Z5ljm6-fzUM2sOWKRhS8HTK-ry_ZqvLMy8kG9A5214f80ECpQ7bVXxw3laG4MPrPGSPcCO4GVRpk34jr9AKvwzC5WgEOLsztB70EytDxnTFD9O6-79nJHO-UVcIdG6VrkbYW5yD8b5qc-PGdAWP67Cc_bvvew2qbp0gdw2mKPFfvmQCI_l2_PVnlESJUmqE6HsRDCHbI5lI1cjXyUbx4sSE6yQVj-BsAdezjaD-HQdGg6LK8LvGsFP5NxIG0S7oMVLS-dneTCfjb1xlexQvyk33N8sIMyOv8GeP_gGl_hhhJ04mMHEIsh3DDf6Izyb8ORxuWNK7_9s95qaDXoVxKsNUfZw3-Pkcx0eioH6Bl_Bt8JnZVVzdtDiYTJONe0gnRhxSZ1O8lhsWudcQpK-ZOiDEPeTOu_HW_OO_8GdVvtIjh_cE-u1jT4D8Vr9bsPwoqBUJWl-EdH5clNLjhCKkbwQZkRT8igE3XTidijs8gKfXR_CkXHaMpqU80pUOZO8RdaIQajZKwSztVxYvqVIevTYNK4QCBTROvrR-y9d_qT5Hu5FPg3cCGu6IgFnZdTvQA7onQU6tSyUZ76toVQogP6SHERgXGPsKySl2rlpk2Rii2A9ODwFF-0eKGqjATNRAKtXR2RpBIgRA88XoWbgyDnb6QF9UJS4WVYlsX5H2V6wqN9_98gUbxwxxKFQ34AC9HWZbLYqEZ_Ed0G5WcAd57621P0mgl0uhlev39U5557lA9rlXvsU-SJ9UGGirZMPl_3knnW76qY-f1YgzBK99izucyaXXmt8J0U_KqQiSMjVlC7UCl1l9o3KiL3BXmbD1HrNkSRTm8N9aX6fQ8Naz2AKGTC-ewQhtLCePVN1ipRg2vYxnSibVgyzHlLXJY0ucmhChn-yiGHah&cid=CAASFeRoZ3Ftb4kGIWzVo3fVWvIiYf8IkQ&rfl=1%2Chttps%253A%252F%252Fwww.pagalguy.com%252F%240
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b50c0e51cf09f44ec138dc7e40e8bce5caa109ed66490bb1dd460ddb667cc9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13116
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 738C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C3ojtaOgVlXMuTmeQhqL0-EhcGDS3axGoltbX0FtSuOiM4u-Zmbg-8ipeVp--sSuERQ61DiwysYaUiWO5EN_dZiN2ubMIjqFVFO__dCnrlVhcRPSs
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfscript/ Frame 738C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=43161537;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C4sKX8PUKYdeBO8TB-gbekrrQBP2X7cdjqcXVlPANj9mRmo8OEAEg2cD0cmDRgbmC0AegAZmLh4sDyAEJqQKWWE6z0F2FPqgDAaoE1QFP0FJtnhb3u8Q3CHZdzlzbwz2Y96UGC_UFcTiZ2MBeGShLkFFj1fOthgfhn7dByZgnsgJHxSpfIV0WneT4_I9ZORZSsW8y2lPZFAlZzydp57SC6slXsGpmnWGw05WcCtnOWGSde0MMAKdFm_8uVV1RKzsBays3pav_qdC9lRscXMQeNz8r9dFJT5yES-lPNIExEmbHhYV3LWLWKCgAbrpu3Widqyon5rLHg1ZYByjMzPNxge1XDdIx79d0BEMixtCa6H2CNRpE0vneTqLAPCNXfQrSybvABLv09Z_EA-AEA5AGAaAGTYAHz_T4dKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzUwMjY4MTk2NDQxMTA5OIAKA5gLAcgLAYAMAbAT1p6XDMgTl-CgCdATANgTCtgUAdAVAYAXAQ&ae=1&num=1&cid=CAASFeRoZ3Ftb4kGIWzVo3fVWvIiYf8IkQ&sig=AOD64_3VFyoIyDheLeOSEjyYJCuSFr7VsA&client=ca-pub-3737030722290655&dbm_c=AKAmf-AOMbmM0VeV2-sovK0J3uvwZHZ9LDtqguReaKb-K_3HKYikTkRtvtEu3y492B8kA747SkdxjwoLz2KwaeCNNR_b1R1tXM4ySMgdpvf0KO-t0tHFKYqulsLzy6g3xsYOpa4jmj2hbTL1UGtFFUHEeDFp6e9zAw&cry=1&dbm_d=AKAmf-AFdkZKaLTancR7ooeUHGBFEFL4Jz78Pei6GAxkdlKSHYwqHZjI95-5GIlKRGYWbykNFWmwlck9bnNFQkuTDudPBsbefpRRUYrDpLQjCSfa_yQuAtuB-i1dhr_HZvMhlhPTYUTn6xZrBAoOp4g4lsBHeTsm56pvaM_BfM2l6SaG6Y8VK5XpSp8RBxDKhODczLvJOV7kpQN2XjrDCQ05AdzQctS7XR0B6VTxdyKFQI9661h5RldohDY8JIbhMZ1ZAil4sQXhLHqKIuYPteJZN71mEjqweIDREGTE-o7O-4rgq5llBnvEYBL769ZfptNgw8tFiNUUQQTo49nB0N04TJ6DW9OzKl934lc9wNctZQYVJVRa410hnzbSXL7egKV1RZuuMO6TYpYIk3-mOEcoomqpCAe3Ma3g_VF7psACyN1DilS_L3jy99fXdbaPS7ClHVj31ybJVD4JFhK63o1XHlEfbGuXzXxTzkEsfVvTRxgKRkWj29IDLA6Hw5dWkGTAutDdWDK-&adurl=
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
911c4927660adbc441504c59932f940ae550bda3f745257cffbed228ce5f75f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2159
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/ Frame 738C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/window_focus_fy2019.js
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:12:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Aug 2021 20:12:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 738C 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:53 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627903459924584"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38134
x-xss-protection
0
expires
Wed, 04 Aug 2021 20:17:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/ Frame 738C 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:05:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
736
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
11055049251678278959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Aug 2021 20:05:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Wed, 04 Aug 2021 20:17:53 GMT
rum
dsum-sec.casalemedia.com/ Frame 70C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGnE8f9fNbQms5DAi8K56EU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGnE8f9fNbQms5DAi8K56EU&google_cver=1&C=1
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGnE8f9fNbQms5DAi8K56EU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiPdRCH234YiebkmgEwAQ&v=APEucNVG3EXWeltMVBLwqaOn4QgWeSGZbseEllhTzxzANrDKY9HOnVHtkSLOeei0f_h0Cr9eL6m5GidWJZvPsHx0J-Ayg5LnLj7idD2Fwv5QHTUS7R3-rzR05C7aWLnRLAS6qvITPu6wZ4Bsn8SUwm7R2OOXxE-zR1cR9k-EACmku6QRKkMcopE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 20:17:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 2021 20:17:53 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 20:17:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGnE8f9fNbQms5DAi8K56EU&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Wed, 04 Aug 2021 20:17:53 GMT
rum
dsum-sec.casalemedia.com/ Frame 70C2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQr18WgnmDmHIOfUWUjoqAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKW_z6nKZRYoFUbz-qCocQ&google_cver=1
43 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKW_z6nKZRYoFUbz-qCocQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiPdRCH234YiebkmgEwAQ&v=APEucNVG3EXWeltMVBLwqaOn4QgWeSGZbseEllhTzxzANrDKY9HOnVHtkSLOeei0f_h0Cr9eL6m5GidWJZvPsHx0J-Ayg5LnLj7idD2Fwv5QHTUS7R3-rzR05C7aWLnRLAS6qvITPu6wZ4Bsn8SUwm7R2OOXxE-zR1cR9k-EACmku6QRKkMcopE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 20:17:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 2021 20:17:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBKW_z6nKZRYoFUbz-qCocQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 70C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHE0Xuwlf4jKcsdg7iy-oKo&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHE0Xuwlf4jKcsdg7iy-oKo%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHE0Xuwlf4jKcsdg7iy-oKo%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiPdRCH234YiebkmgEwAQ&v=APEucNVG3EXWeltMVBLwqaOn4QgWeSGZbseEllhTzxzANrDKY9HOnVHtkSLOeei0f_h0Cr9eL6m5GidWJZvPsHx0J-Ayg5LnLj7idD2Fwv5QHTUS7R3-rzR05C7aWLnRLAS6qvITPu6wZ4Bsn8SUwm7R2OOXxE-zR1cR9k-EACmku6QRKkMcopE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 20:17:53 GMT
X-Proxy-Origin
37.120.194.188; 37.120.194.188; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8066d063-4b2b-4859-a23a-11e099f9d07d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 20:17:53 GMT
X-Proxy-Origin
37.120.194.188; 37.120.194.188; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
409bc3a3-5497-4bce-894b-c16c5bb7ad9a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHE0Xuwlf4jKcsdg7iy-oKo%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 70C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM2MTc2Nzk1ODUyOTgzNTM1MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM2MTc2Nzk1ODUyOTgzNTM1MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNiPdRCH234YiebkmgEwAQ&v=APEucNVG3EXWeltMVBLwqaOn4QgWeSGZbseEllhTzxzANrDKY9HOnVHtkSLOeei0f_h0Cr9eL6m5GidWJZvPsHx0J-Ayg5LnLj7idD2Fwv5QHTUS7R3-rzR05C7aWLnRLAS6qvITPu6wZ4Bsn8SUwm7R2OOXxE-zR1cR9k-EACmku6QRKkMcopE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 04 Aug 2021 20:17:53 GMT
X-Proxy-Origin
37.120.194.188; 37.120.194.188; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9bef9260-a1e6-431d-b720-6b215392603a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM2MTc2Nzk1ODUyOTgzNTM1MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210802/r20110914/ Frame 738C 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210802/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnhAO2isE0VXqXvh_mnFpCZArt_Z_Ctp6cdwL4B_gofM3Db90C-G4vxTiOZyq_IyDbtonegw-KblyQLWSV3rZ1iL5JQkudfykauec6XdVTtZIXW4iHWPux9KcnStRFbgyDajPDD4eWSrJ9UztM2CCh5kEimg&cry=1&dbm_d=AKAmf-Az6kOTMdJ4dfqw3xRMWApAChGItb5PQ5mkpKl74JaJ2aXKihLQ6s2FgLkbE5CkxFnTWzTQ0qEd1OY3aQf6ti6lh4lKNHZhqqtWTUZyHUm3X4sLUAI2Net-pa64-FY_F9RyXtaY_lNiGimxpwZMpBXWMapVzA6Ppwr-2EEi2p_-coloM83KzgTFLGOPNxUzdcL5Rbzyc-Zxncx17ckXC8OJLmwQU7w0PvAmC1zlkAuWc0bSch3Vez8DvOwg6u48EsOL_Fvogdeypz5sisTcyNW82AkInes13hCQtoulwuLQYheUgp70XnyHFqoeHwn95Eh_YDRhRhfho4s7aaC-3-u-k4DhsLhSipzS0Ny58_fSQD9gFLKTnujC5_qW4kkq9922CMJZmbVEpqD9iois_LTCVmAGJoLiV6lmAxnV69_lhqhIeHfDxWLeVWHCRgufEwCYdVbIBqrzaZTUoOUNz4k-DZDQ1lbjG7SrxcFB0DjiG_6r63xm9UoNcRc06tMTxCW2RDASOz8wDf7gEtAP0k1DXIcrFUdZYcEfnJ9iJ8Y3xyU0DPw0qtmxk1V6nPxayRyCvjP98iPOzc6KNibH017c6CycpwdrsEMkzGU9UwRO2pRnfuEUQ9sM9O4ND_rIOZJhZpYe0WbQxyTtUp5MkUmeRG2AONOZPI3fmlKhaeLfgOnjz-j-_vdD0JCPGuHQcjfMXVif751N1kTtS5jxtMFCV1KFj6oaNSDauhgsYa_CGoSkDb2KBUBrAS8EZPYhOvgzcWITUvVs-tV6xGlxUgt7CicL1tv3ZLimJMiTcNyJJUSFAsKt-hYklm3cibCFGc2ldMwM5D2NMfEMZxe910DTpIfvAPuGaHfVGMj5cIhHe-YlHA472ZiI2mMeit30SHpdfdhn0BGweWcX_XIDL566L6qeSK_0vHIlkoOMQBEWXoR95RZWeqpvrACVH9xHF6bQnK-yJ3InXgOxIT98xp29U1xWomJobMWNbHar1uITP67q5qrMv1jWtZAEkMbMXy0P9f9zHwQhkV7AfCy9y11gnCWb2vY3goEi-9wZ0yhjdS2f5v1WhlaAFnIqdmlWSv96T4AkjZjtyBFj9FVOb6HNcBphZMjVI4srSXhjxmgVjM63Nh_pwO4-C0gUi5GImu5ge8fGT3U4_-RuNwE5C_JipWqxaPE93aeOtf3RTDPG0q4CxNBMTd8tUiZ7gdc66ma-MuZOhfuR2DALsRYYQsF6vOhP1-7o84RWtAx_VHZ4CqorCxWvbVhG5BMxYWQ0clgPdfIOYAZxFa3tN8GldViwAr4CCi2qqBZYX19xm_9pdBeMairatIzI8gx3SJGuXpt_L9Et4TODrKmCYw4HMizrMKj9foMpXFQvHH9QZk1UyJPad9psIvjNVBDAhbaDKC5O8C2UcUvZye8CS9_esv4id5MwEBZVQLrRPaGfzsPBqN58bAYcvcDjcQZOn-_HpvtKfLqDrPbxJ41fAYUHejzLST8lHPFkmMlCJgY3qfI_Fc1j9UP183Oju8ijSVRAa6jpoE_lr3iU3kQsS7tJncowhWJFHE_5JSI9BFPF5OGT0QWaQosd2tSmJNO1_U7wcLyKOG_NcBGbmIWm7cvUeazSB7RxVbPf7eeukV6fF-feLUhOvqC4Om31jXE0um57MCNf2gn-kvMDVZm_44zNor5FFBI79zjCvBSffY6VAUMZWJdysoGM1PNzroAVfiSMIbKIvr2DdvrUHApMHAdMzrA5X2ebuV-Y8P8geHpHwaF7i7665MRDqL-Z7b42oOIzM3S4U4_861_l72_di9jWdu8vF3E2ZKjfnSmMPgCx2BxbdGGxWH6v89ppE21at14bUop4IRxwZ23_liMw68ma9A_1UG5cTNLrnoTnvgqeLS1DAwvAG2R5jgtCwgMx-oXrKpLVqzNOJRQosJmqsAbrEXgO5QCdgYhMpHPnrmSnET-fRfthl0eNZtGydK7hXV2nD5T7jcMOMDn2f8O4Bg-CNbJQgbdrEFItygLAZKOI91JmQQfUr7eZmVbeKi4RzRshs51W31BkLXRQQcsgycgsohsDQWYCauvnWK_BH2ujUk2si6bOmxgPe8oV1ne5hPyDygNeEg1rQdTM94K4LxwoVk3KtPqcd_nrCpnvFoFdtVGL5WU9l-EBmTWmm44OFeFasJAs3pjEALIZpKvJOYMldfBh5izN0CBAPKD3sCBrCee4rGX217NagJIkPnS8tW0T5-7fNdMjagyhn_F4tlLDl7-dVvvCyhVjrL2Lyc9xauPry-ephxvLLMSgCSu1rv461Rs1VetmF4Y2JHJ2USWxZVxe-AuPnNwyxt0Q5k_8hg6vve5alh1KLNOkrh-Zb9u6mAXOjPJRBIMb4Oa5V5Su8zC_jNqSfZ1U2zQomiBwsz7uh2KTTuS_zlezLAdE9Z5ljm6-fzUM2sOWKRhS8HTK-ry_ZqvLMy8kG9A5214f80ECpQ7bVXxw3laG4MPrPGSPcCO4GVRpk34jr9AKvwzC5WgEOLsztB70EytDxnTFD9O6-79nJHO-UVcIdG6VrkbYW5yD8b5qc-PGdAWP67Cc_bvvew2qbp0gdw2mKPFfvmQCI_l2_PVnlESJUmqE6HsRDCHbI5lI1cjXyUbx4sSE6yQVj-BsAdezjaD-HQdGg6LK8LvGsFP5NxIG0S7oMVLS-dneTCfjb1xlexQvyk33N8sIMyOv8GeP_gGl_hhhJ04mMHEIsh3DDf6Izyb8ORxuWNK7_9s95qaDXoVxKsNUfZw3-Pkcx0eioH6Bl_Bt8JnZVVzdtDiYTJONe0gnRhxSZ1O8lhsWudcQpK-ZOiDEPeTOu_HW_OO_8GdVvtIjh_cE-u1jT4D8Vr9bsPwoqBUJWl-EdH5clNLjhCKkbwQZkRT8igE3XTidijs8gKfXR_CkXHaMpqU80pUOZO8RdaIQajZKwSztVxYvqVIevTYNK4QCBTROvrR-y9d_qT5Hu5FPg3cCGu6IgFnZdTvQA7onQU6tSyUZ76toVQogP6SHERgXGPsKySl2rlpk2Rii2A9ODwFF-0eKGqjATNRAKtXR2RpBIgRA88XoWbgyDnb6QF9UJS4WVYlsX5H2V6wqN9_98gUbxwxxKFQ34AC9HWZbLYqEZ_Ed0G5WcAd57621P0mgl0uhlev39U5557lA9rlXvsU-SJ9UGGirZMPl_3knnW76qY-f1YgzBK99izucyaXXmt8J0U_KqQiSMjVlC7UCl1l9o3KiL3BXmbD1HrNkSRTm8N9aX6fQ8Naz2AKGTC-ewQhtLCePVN1ipRg2vYxnSibVgyzHlLXJY0ucmhChn-yiGHah&cid=CAASFeRoZ3Ftb4kGIWzVo3fVWvIiYf8IkQ&rfl=1%2Chttps%253A%252F%252Fwww.pagalguy.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44b9a9d2c3baadad3ce45a7368c567c905db6d1473139b93b50123e3197e20c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:13:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9339
x-xss-protection
0
server
cafe
etag
8973662780436066029
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Aug 2021 20:13:30 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 738C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnhAO2isE0VXqXvh_mnFpCZArt_Z_Ctp6cdwL4B_gofM3Db90C-G4vxTiOZyq_IyDbtonegw-KblyQLWSV3rZ1iL5JQkudfykauec6XdVTtZIXW4iHWPux9KcnStRFbgyDajPDD4eWSrJ9UztM2CCh5kEimg&cry=1&dbm_d=AKAmf-Az6kOTMdJ4dfqw3xRMWApAChGItb5PQ5mkpKl74JaJ2aXKihLQ6s2FgLkbE5CkxFnTWzTQ0qEd1OY3aQf6ti6lh4lKNHZhqqtWTUZyHUm3X4sLUAI2Net-pa64-FY_F9RyXtaY_lNiGimxpwZMpBXWMapVzA6Ppwr-2EEi2p_-coloM83KzgTFLGOPNxUzdcL5Rbzyc-Zxncx17ckXC8OJLmwQU7w0PvAmC1zlkAuWc0bSch3Vez8DvOwg6u48EsOL_Fvogdeypz5sisTcyNW82AkInes13hCQtoulwuLQYheUgp70XnyHFqoeHwn95Eh_YDRhRhfho4s7aaC-3-u-k4DhsLhSipzS0Ny58_fSQD9gFLKTnujC5_qW4kkq9922CMJZmbVEpqD9iois_LTCVmAGJoLiV6lmAxnV69_lhqhIeHfDxWLeVWHCRgufEwCYdVbIBqrzaZTUoOUNz4k-DZDQ1lbjG7SrxcFB0DjiG_6r63xm9UoNcRc06tMTxCW2RDASOz8wDf7gEtAP0k1DXIcrFUdZYcEfnJ9iJ8Y3xyU0DPw0qtmxk1V6nPxayRyCvjP98iPOzc6KNibH017c6CycpwdrsEMkzGU9UwRO2pRnfuEUQ9sM9O4ND_rIOZJhZpYe0WbQxyTtUp5MkUmeRG2AONOZPI3fmlKhaeLfgOnjz-j-_vdD0JCPGuHQcjfMXVif751N1kTtS5jxtMFCV1KFj6oaNSDauhgsYa_CGoSkDb2KBUBrAS8EZPYhOvgzcWITUvVs-tV6xGlxUgt7CicL1tv3ZLimJMiTcNyJJUSFAsKt-hYklm3cibCFGc2ldMwM5D2NMfEMZxe910DTpIfvAPuGaHfVGMj5cIhHe-YlHA472ZiI2mMeit30SHpdfdhn0BGweWcX_XIDL566L6qeSK_0vHIlkoOMQBEWXoR95RZWeqpvrACVH9xHF6bQnK-yJ3InXgOxIT98xp29U1xWomJobMWNbHar1uITP67q5qrMv1jWtZAEkMbMXy0P9f9zHwQhkV7AfCy9y11gnCWb2vY3goEi-9wZ0yhjdS2f5v1WhlaAFnIqdmlWSv96T4AkjZjtyBFj9FVOb6HNcBphZMjVI4srSXhjxmgVjM63Nh_pwO4-C0gUi5GImu5ge8fGT3U4_-RuNwE5C_JipWqxaPE93aeOtf3RTDPG0q4CxNBMTd8tUiZ7gdc66ma-MuZOhfuR2DALsRYYQsF6vOhP1-7o84RWtAx_VHZ4CqorCxWvbVhG5BMxYWQ0clgPdfIOYAZxFa3tN8GldViwAr4CCi2qqBZYX19xm_9pdBeMairatIzI8gx3SJGuXpt_L9Et4TODrKmCYw4HMizrMKj9foMpXFQvHH9QZk1UyJPad9psIvjNVBDAhbaDKC5O8C2UcUvZye8CS9_esv4id5MwEBZVQLrRPaGfzsPBqN58bAYcvcDjcQZOn-_HpvtKfLqDrPbxJ41fAYUHejzLST8lHPFkmMlCJgY3qfI_Fc1j9UP183Oju8ijSVRAa6jpoE_lr3iU3kQsS7tJncowhWJFHE_5JSI9BFPF5OGT0QWaQosd2tSmJNO1_U7wcLyKOG_NcBGbmIWm7cvUeazSB7RxVbPf7eeukV6fF-feLUhOvqC4Om31jXE0um57MCNf2gn-kvMDVZm_44zNor5FFBI79zjCvBSffY6VAUMZWJdysoGM1PNzroAVfiSMIbKIvr2DdvrUHApMHAdMzrA5X2ebuV-Y8P8geHpHwaF7i7665MRDqL-Z7b42oOIzM3S4U4_861_l72_di9jWdu8vF3E2ZKjfnSmMPgCx2BxbdGGxWH6v89ppE21at14bUop4IRxwZ23_liMw68ma9A_1UG5cTNLrnoTnvgqeLS1DAwvAG2R5jgtCwgMx-oXrKpLVqzNOJRQosJmqsAbrEXgO5QCdgYhMpHPnrmSnET-fRfthl0eNZtGydK7hXV2nD5T7jcMOMDn2f8O4Bg-CNbJQgbdrEFItygLAZKOI91JmQQfUr7eZmVbeKi4RzRshs51W31BkLXRQQcsgycgsohsDQWYCauvnWK_BH2ujUk2si6bOmxgPe8oV1ne5hPyDygNeEg1rQdTM94K4LxwoVk3KtPqcd_nrCpnvFoFdtVGL5WU9l-EBmTWmm44OFeFasJAs3pjEALIZpKvJOYMldfBh5izN0CBAPKD3sCBrCee4rGX217NagJIkPnS8tW0T5-7fNdMjagyhn_F4tlLDl7-dVvvCyhVjrL2Lyc9xauPry-ephxvLLMSgCSu1rv461Rs1VetmF4Y2JHJ2USWxZVxe-AuPnNwyxt0Q5k_8hg6vve5alh1KLNOkrh-Zb9u6mAXOjPJRBIMb4Oa5V5Su8zC_jNqSfZ1U2zQomiBwsz7uh2KTTuS_zlezLAdE9Z5ljm6-fzUM2sOWKRhS8HTK-ry_ZqvLMy8kG9A5214f80ECpQ7bVXxw3laG4MPrPGSPcCO4GVRpk34jr9AKvwzC5WgEOLsztB70EytDxnTFD9O6-79nJHO-UVcIdG6VrkbYW5yD8b5qc-PGdAWP67Cc_bvvew2qbp0gdw2mKPFfvmQCI_l2_PVnlESJUmqE6HsRDCHbI5lI1cjXyUbx4sSE6yQVj-BsAdezjaD-HQdGg6LK8LvGsFP5NxIG0S7oMVLS-dneTCfjb1xlexQvyk33N8sIMyOv8GeP_gGl_hhhJ04mMHEIsh3DDf6Izyb8ORxuWNK7_9s95qaDXoVxKsNUfZw3-Pkcx0eioH6Bl_Bt8JnZVVzdtDiYTJONe0gnRhxSZ1O8lhsWudcQpK-ZOiDEPeTOu_HW_OO_8GdVvtIjh_cE-u1jT4D8Vr9bsPwoqBUJWl-EdH5clNLjhCKkbwQZkRT8igE3XTidijs8gKfXR_CkXHaMpqU80pUOZO8RdaIQajZKwSztVxYvqVIevTYNK4QCBTROvrR-y9d_qT5Hu5FPg3cCGu6IgFnZdTvQA7onQU6tSyUZ76toVQogP6SHERgXGPsKySl2rlpk2Rii2A9ODwFF-0eKGqjATNRAKtXR2RpBIgRA88XoWbgyDnb6QF9UJS4WVYlsX5H2V6wqN9_98gUbxwxxKFQ34AC9HWZbLYqEZ_Ed0G5WcAd57621P0mgl0uhlev39U5557lA9rlXvsU-SJ9UGGirZMPl_3knnW76qY-f1YgzBK99izucyaXXmt8J0U_KqQiSMjVlC7UCl1l9o3KiL3BXmbD1HrNkSRTm8N9aX6fQ8Naz2AKGTC-ewQhtLCePVN1ipRg2vYxnSibVgyzHlLXJY0ucmhChn-yiGHah&cid=CAASFeRoZ3Ftb4kGIWzVo3fVWvIiYf8IkQ&rfl=1%2Chttps%253A%252F%252Fwww.pagalguy.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 15:53:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:53:48 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8736 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 03 Aug 2021 15:54:04 GMT
expires
Wed, 03 Aug 2022 15:54:04 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
102229
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js
pagead2.googlesyndication.com/bg/ Frame 8736 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 15:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
18678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13202
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Aug 2022 15:06:35 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 738C 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=43161537;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C4sKX8PUKYdeBO8TB-gbekrrQBP2X7cdjqcXVlPANj9mRmo8OEAEg2cD0cmDRgbmC0AegAZmLh4sDyAEJqQKWWE6z0F2FPqgDAaoE1QFP0FJtnhb3u8Q3CHZdzlzbwz2Y96UGC_UFcTiZ2MBeGShLkFFj1fOthgfhn7dByZgnsgJHxSpfIV0WneT4_I9ZORZSsW8y2lPZFAlZzydp57SC6slXsGpmnWGw05WcCtnOWGSde0MMAKdFm_8uVV1RKzsBays3pav_qdC9lRscXMQeNz8r9dFJT5yES-lPNIExEmbHhYV3LWLWKCgAbrpu3Widqyon5rLHg1ZYByjMzPNxge1XDdIx79d0BEMixtCa6H2CNRpE0vneTqLAPCNXfQrSybvABLv09Z_EA-AEA5AGAaAGTYAHz_T4dKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzUwMjY4MTk2NDQxMTA5OIAKA5gLAcgLAYAMAbAT1p6XDMgTl-CgCdATANgTCtgUAdAVAYAXAQ&ae=1&num=1&cid=CAASFeRoZ3Ftb4kGIWzVo3fVWvIiYf8IkQ&sig=AOD64_3VFyoIyDheLeOSEjyYJCuSFr7VsA&client=ca-pub-3737030722290655&dbm_c=AKAmf-AOMbmM0VeV2-sovK0J3uvwZHZ9LDtqguReaKb-K_3HKYikTkRtvtEu3y492B8kA747SkdxjwoLz2KwaeCNNR_b1R1tXM4ySMgdpvf0KO-t0tHFKYqulsLzy6g3xsYOpa4jmj2hbTL1UGtFFUHEeDFp6e9zAw&cry=1&dbm_d=AKAmf-AFdkZKaLTancR7ooeUHGBFEFL4Jz78Pei6GAxkdlKSHYwqHZjI95-5GIlKRGYWbykNFWmwlck9bnNFQkuTDudPBsbefpRRUYrDpLQjCSfa_yQuAtuB-i1dhr_HZvMhlhPTYUTn6xZrBAoOp4g4lsBHeTsm56pvaM_BfM2l6SaG6Y8VK5XpSp8RBxDKhODczLvJOV7kpQN2XjrDCQ05AdzQctS7XR0B6VTxdyKFQI9661h5RldohDY8JIbhMZ1ZAil4sQXhLHqKIuYPteJZN71mEjqweIDREGTE-o7O-4rgq5llBnvEYBL769ZfptNgw8tFiNUUQQTo49nB0N04TJ6DW9OzKl934lc9wNctZQYVJVRa410hnzbSXL7egKV1RZuuMO6TYpYIk3-mOEcoomqpCAe3Ma3g_VF7psACyN1DilS_L3jy99fXdbaPS7ClHVj31ybJVD4JFhK63o1XHlEfbGuXzXxTzkEsfVvTRxgKRkWj29IDLA6Hw5dWkGTAutDdWDK-&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:53 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 12:36:46 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 05 Aug 2021 23:16:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame FB4E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pagalguy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pagalguy.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Wed, 04 Aug 2021 20:17:02 GMT
expires
Thu, 04 Aug 2022 20:17:02 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
51
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9ED5 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
976267e46c8c1c02520c90555d198d5710876504391edd18e29ff0f4f4ec86d9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gpbq7sfzYa8bIvR/vimbDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pagalguy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pagalguy.com/

Response headers

expires
Wed, 04 Aug 2021 20:17:53 GMT
date
Wed, 04 Aug 2021 20:17:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-gpbq7sfzYa8bIvR/vimbDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		438 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2521257354806272&correlator=2597547456118135&output=ldjh&impl=fifs&eid=31060438%2C44742768%2C20211866&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210804&iu_parts=1005587%2CPaagal_UPSC_ALL_LHS_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=180x150%7C200x200&cookie=ID%3D5419017c46a5d768-220fbed097c800a4%3AT%3D1628108272%3AS%3DALNI_MYtbHJGlr6YuUTZyQXIKP3Qf9Ll2w&bc=31&abxe=1&lmt=1628108273&dt=1628108273612&dlt=1628108271757&idt=1046&frm=20&biw=1600&bih=1200&oid=3&adxs=200&adys=342&adks=700176167&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.pagalguy.com%2Fdiscussions%2Fnfl-streams-reddit-116062938591898&vis=1&dmc=8&scr_x=0&scr_y=0&psz=276x0&msz=276x0&ga_vid=1018949766.1628108273&ga_sid=1628108273&ga_hid=1843710945&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
323518ae3240858cdf8377f5fa14a0edb141adfeae38f432801267340389447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.pagalguy.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfserve/ Frame 738C 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=43161537;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C4sKX8PUKYdeBO8TB-gbekrrQBP2X7cdjqcXVlPANj9mRmo8OEAEg2cD0cmDRgbmC0AegAZmLh4sDyAEJqQKWWE6z0F2FPqgDAaoE1QFP0FJtnhb3u8Q3CHZdzlzbwz2Y96UGC_UFcTiZ2MBeGShLkFFj1fOthgfhn7dByZgnsgJHxSpfIV0WneT4_I9ZORZSsW8y2lPZFAlZzydp57SC6slXsGpmnWGw05WcCtnOWGSde0MMAKdFm_8uVV1RKzsBays3pav_qdC9lRscXMQeNz8r9dFJT5yES-lPNIExEmbHhYV3LWLWKCgAbrpu3Widqyon5rLHg1ZYByjMzPNxge1XDdIx79d0BEMixtCa6H2CNRpE0vneTqLAPCNXfQrSybvABLv09Z_EA-AEA5AGAaAGTYAHz_T4dKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzUwMjY4MTk2NDQxMTA5OIAKA5gLAcgLAYAMAbAT1p6XDMgTl-CgCdATANgTCtgUAdAVAYAXAQ&ae=1&num=1&cid=CAASFeRoZ3Ftb4kGIWzVo3fVWvIiYf8IkQ&sig=AOD64_3VFyoIyDheLeOSEjyYJCuSFr7VsA&client=ca-pub-3737030722290655&dbm_c=AKAmf-AOMbmM0VeV2-sovK0J3uvwZHZ9LDtqguReaKb-K_3HKYikTkRtvtEu3y492B8kA747SkdxjwoLz2KwaeCNNR_b1R1tXM4ySMgdpvf0KO-t0tHFKYqulsLzy6g3xsYOpa4jmj2hbTL1UGtFFUHEeDFp6e9zAw&cry=1&dbm_d=AKAmf-AFdkZKaLTancR7ooeUHGBFEFL4Jz78Pei6GAxkdlKSHYwqHZjI95-5GIlKRGYWbykNFWmwlck9bnNFQkuTDudPBsbefpRRUYrDpLQjCSfa_yQuAtuB-i1dhr_HZvMhlhPTYUTn6xZrBAoOp4g4lsBHeTsm56pvaM_BfM2l6SaG6Y8VK5XpSp8RBxDKhODczLvJOV7kpQN2XjrDCQ05AdzQctS7XR0B6VTxdyKFQI9661h5RldohDY8JIbhMZ1ZAil4sQXhLHqKIuYPteJZN71mEjqweIDREGTE-o7O-4rgq5llBnvEYBL769ZfptNgw8tFiNUUQQTo49nB0N04TJ6DW9OzKl934lc9wNctZQYVJVRa410hnzbSXL7egKV1RZuuMO6TYpYIk3-mOEcoomqpCAe3Ma3g_VF7psACyN1DilS_L3jy99fXdbaPS7ClHVj31ybJVD4JFhK63o1XHlEfbGuXzXxTzkEsfVvTRxgKRkWj29IDLA6Hw5dWkGTAutDdWDK-&adurl=;js=1;adfxid=1x;10205;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.pagalguy.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
10138f4262249a503e434cad06f7b6cf2ad5fcb144652fbbb0f1cc935c82fead
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3804
expires
-1
cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js
pagead2.googlesyndication.com/bg/ Frame FB4E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 15:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
18678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13202
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Aug 2022 15:06:35 GMT
hit.js
visitanalytics.userreport.com/ Frame 738C 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visitanalytics.userreport.com/hit.js?t=ORCadf2-2246887-7182218&event=iv-loaded&i=no&d=&med=https%3a%2f%2fwww.pagalguy.com%2f&rnd=45642&campaign=2246887&placement=7182218&order=Boxer+%2f+RTB+%2f+2021&format=300x250&publisher=1452227
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-34.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
200bab94b898cd8f4a89b2ab0ba5f4e820b946d1892ea35149e666586da42f2c

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
2MBswZvdAbV_gKp7Mq_0zT3EGQrHGqbe
Via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 15 Apr 2021 14:58:29 GMT
Server
AmazonS3
Age
80463
ETag
"9f4e655454a6c358cb8e398e93b8ba79"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
public, max-age=3600, s-maxage=300
Date
Tue, 03 Aug 2021 21:56:51 GMT
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
7087
X-Amz-Cf-Id
a-4Bfa8JVtoMcQlkNGopFn2oxPsIB53hty3FWxmUtov51VVv0PhF0A==
/
track.adform.net/jsmetrics/ Frame 738C 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?adfserve=54&asset=130&sid=208&rid=25021&cid=146417
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:53 GMT
last-modified
Wed, 17 Apr 2019 14:00:27 GMT
server
nginx
etag
"5cb7317b-2b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
43
hit.gif
visitanalytics.userreport.com/ Frame 738C 		43 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitanalytics.userreport.com/hit.gif?t=ORCadf2-2246887-7182218&event=impression&d=&med=https%3a%2f%2fwww.pagalguy.com%2f&rnd=63818&campaign=2246887&order=Boxer+%2f+RTB+%2f+2021&placement=7182218&format=300x250&publisher=1452227
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-34.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fZAqbzuxSGtIKd7g0Oj0VzvG4UrkztnT
Via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
Age
70070
x-amz-meta-cb-modifiedtime
Tue, 14 Apr 2015 11:43:27 GMT
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
43
Last-Modified
Thu, 15 Oct 2015 11:22:45 GMT
Server
AmazonS3
Date
Wed, 04 Aug 2021 00:50:04 GMT
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
dOLGd7EHLmyzNpBPm4x8VFOfV7aCRZUA4n9ntXAOLKVm5h5u66sE0w==
Expires
0
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 738C 		89 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c441bbf89d0d9390e8b0148ea04b49e3ceeaee39fe451b6cbef7b3ed39ef25b6

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:53 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 12:36:46 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 05 Aug 2021 23:49:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8736 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BR9e_8fUKYe3nFtiP7_UP4MO58AQAAAAAOAHgBAI&bg=!FhWlFVHNAAals0SOpbM7ACkAdvg8WmIrSL3p1uWZ0nRxuygmfCfgQGm9gim2PF_HYVTuD8j9Xm99bwIAAADHUgAAAC5oAQcKABNVbHQECzDC7X0N4Ttz-_ZAUkvimQLcsdIwj7yxHeo8RKm4BzzNAGp8RknDSkHY2HFqp82AkBbT2Xi0XlE6sRqI6ZJOtJmiAuOrk3DV8SxahzkZUySGSW_RnNxkQJhfwI-6KMRMFh34sjIIeVsn96Cll0Wo1mPYAiojGI6XGLQh389NNt_NeEFy9aZ_hxtabbWogJCwmk9TsgllKTWSTect_KE4uTp6CRN-ln6CcYjnwbSfZNk1hED3RZOX4AzEp03awkgjVLTJ6osLPcFu_WDT_b84g_N6L4QM3nEFrG0gjM44KHg1zAFlxn40EMajM3BClIWiPPJozpIzx8YfRAU64P074edFrYawOvzBD9viZ3BsRqAxKvbQmHrqL1S3Efm_dhRU18AaDR1UVq6BlWig3a0GGh35s2D7O5I3GsCHoMF9LjD6eURZq40-LEFisnOlH3q6bm7lGmN4cqOJzmjbbmxb4ecQTojn26972tuSdz3KMxWpnbOnOoqtoYZzi7dFinAjyxeX_ERbEfPQEoS95cjGcF6rS-_1xncJlWq8xxzbAppjKqp_sINhBgjlK3uvAM_FfHXQymff0fSdfCKbPRAjVWwwp6ubmTOrLp8Q3lvGP4hAPWvPyQx73gNYq3AjioLb4VBNtgPS9UpfG_TqRnJJknkA4cHCUfkkPAyroMnrvM95aVRcm52GBB6BwxQ3WS2TnFmsUFNAvokBUGoEZ3XnMVMKJYV0kEeVcQWJjvSH_42cu4p5f2bnrIN5Gt3LfIM8sQUssjhg3QzAAyu-xXLzsxBuVLt2Qq0RIEeHBJy0gKouYBZ0JzNSWqVaXOtEcuUbeU7CskGKbynfaCX9zWH3Nup8DDxdyAR_1dEpV3TGJzBKqK9euC_uOLEBZQdybONrv1HhyKZ1tgAFNjgt3OX-TJ1sNk78aeVjgZn8dUA9hY4Uml0OQ_NlAWS81svDdFky0sArZE_aez2hwPjwLKJO6XCyHQuTtlSXcXtpKDU3
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hit.gif
visitanalytics.userreport.com/ Frame 738C 		43 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitanalytics.userreport.com/hit.gif?event=iv-supported&t=ORCadf2-2246887-7182218&i=no&d=&med=https%3A%2F%2Fwww.pagalguy.com%2F&rnd=5gbnyf02qb&campaign=2246887&placement=7182218&order=Boxer%20%2F%20RTB%20%2F%202021&format=300x250&publisher=1452227&m=cross
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-34.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fZAqbzuxSGtIKd7g0Oj0VzvG4UrkztnT
Via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
Age
70070
x-amz-meta-cb-modifiedtime
Tue, 14 Apr 2015 11:43:27 GMT
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
43
Last-Modified
Thu, 15 Oct 2015 11:22:45 GMT
Server
AmazonS3
Date
Wed, 04 Aug 2021 04:18:38 GMT
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
LPW7a5Z-9XW9H5bwXu7nOMp--r3dzUnJWymLOosSw7wSzf5f0Zpi8w==
Expires
0
truncated
/ Frame 738C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
229a12c725a0736633d5d89235901d78c391b11c4c59665e338f9c292c985604

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/csimpr/ Frame 738C 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=43161537&csi=Ob0Ehh50WnOOQnHY23zlBZ1rLRgCmA8XGFcIjDzwFibrygPkIxxfk26FUIj38PF3rw9bJ9ADGyMl-BGPGzzV8t6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:53 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
9622264.js
s1.adform.net/Banners/Elements/Files/19674/9622264/ Frame DD53 		80 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/19674/9622264/9622264.js?ADFassetID=9622264&bv=769
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2cb385380d613ae4968b465fc7ac539348c5194f3e9cc941f5150e076e5f407a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:54 GMT
content-encoding
gzip
last-modified
Wed, 26 May 2021 09:10:02 GMT
server
nginx
etag
W/"60ae106a-13f98"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072901&jk=2521257354806272&bg=!xMelx4PNAAals0SOpbM7ACkAdvg8Wg3R66_MThbqvvqkUzQukjRtQ_Oey7nZGve5roVeAuVxazi2nQIAAAEcUgAAAAtoAQcKAMWRXppmzaSXse9bAwiHeSDpJslNijpri3bznZb1DSCMJn2fOhyf08GjedNUJ6Tjkc6qe95h4xZXBmESvDnUkRCgqcCzSp5q8-3r0c4qT0oXtBUSVKfb5DDrG60F0c3813GiU5s1TpXo3r8cCuHgxM-ImqNHoAzMIEY9rANeJKXzvGxuU5Y7Ajm1hZDuqmY46ulbPphgl5NOO2HZqMW3bI50rfQX4IYrreUy01C53grRKeaqREjabrWb-_I1cJ5rObnBVBcmCZkCcUa7QHvhXV8fzHkYuZSPrearfQRa60-D-RlFNYzOUtff0kWeH6aGLDTJlkIUcwwWg94Ub4CYHr4C6e-dGmbbftQXlxdmsqBnZJ_xAYsQ2louBVoQqI3Pup90_VFDbjQ4u0EmAvZVHqdCBkDmGP8T9ZH9oB4vax1Hpw7NQaDRzCR6HAd2A2HrwFVsM1ucDmKmyra1OswNyGnAEaty8pm_1utAqDSazmHhTAsc-bj0jVz2aFzXukhsnESvO9sT9j9XcZjTYbflqGyXcNKION75tmcqKhTGpulThwBE3UROSLIAlDyHjLsfoXyWGoIdbDV9J1LcB9Ti1Afc7u0DwBs4ftjvdTxKI2lzt48DAORFYw6gUU-VO56CEUQN0sUiuA002kd__4VCqdwJ4zhA22OTH8P8wh22QRjlZhFYln_LfgYfO8qRLV8FJu4YOPkZaSHe4a_rVBxTGvn6t70r2FfsvHexypNMqNbHdt80l9pFjjp-cgb3YXzRY0fyjf_uQQXGxCH9mnh8sTf5k_V2Z4beMTN3rX2wlQgT0J_mrT2fKlJENAODe8k-K9LzKlWLXFp0ko3b79k_Zd3AR7uUNZ_xAN9Ch1QjmVStTo815X64uSV_vlO8yuEV7JtAPAKskLi-408AHJHpt-9iaVk-_R23na8UaGdSwf8FavXdDEqYhJqqET1ZfBpWFE86BfB-K5AB0NQHdTsdXWXR2Zk9q461z44jffvmazUUWN2qVwYC9bhnC2foOk-oiPYYJyF72kiWtKz0mFThyNslOxGCkfZALOy-DM7CtsDGF2Cl9FYPBeYd2wHdzR1B54OCexYJkQvu9C4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame DD53 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:54 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:21 GMT
server
nginx
etag
W/"609e6e89-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
300x250.css
s0.2mdn.net/creatives/assets/4129914/ Frame DD53 		193 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4129914/300x250.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84cb24d1a9681228aa3ffe6871878174b9514540b29ecc286efe81959a3b8d93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:04:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12699
x-xss-protection
0
last-modified
Thu, 22 Apr 2021 07:42:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:19:22 GMT
css
fonts.googleapis.com/ Frame DD53 		6 KB
774 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700,800,regular
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3391e827aae64d0b6b12715ca02a96496b97a38c8b8b2e835971876aeeb41367
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 19:42:19 GMT
server
ESF
date
Wed, 04 Aug 2021 20:17:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Aug 2021 20:17:54 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame DD53 		131 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a134a4f4968b6d1236867542326458915854a8f1c52d4235b8e952ead82dffd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45173
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:56:36 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:20:48 GMT
null
s1.adform.net/Banners/Elements/Files/19674/9622264/bvpath_769/ Frame DD53 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/19674/9622264/bvpath_769/null
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame DD53 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,800,regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 01:25:07 GMT
x-content-type-options
nosniff
age
154367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 01:25:07 GMT
mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame DD53 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,800,regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 01:32:50 GMT
x-content-type-options
nosniff
age
153904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15188
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 01:32:50 GMT
splash.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		2 KB
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/splash.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f24b5e099d8662fee8a536ca50a633c9c8f4586e492812d46df238a1edecbcf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
955
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 07:42:12 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
boxer_logo_sort.svg
s0.2mdn.net/creatives/assets/3872966/ Frame DD53 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3872966/boxer_logo_sort.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87012dcbe31d4f5924907b3446e82f05946023c5283328016d1996ad8003ba96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1407
x-xss-protection
0
last-modified
Fri, 25 Sep 2020 11:59:24 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
flare_02.png
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/flare_02.png
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f223ffc5d3bd6cd805b0d9e8f9fa1d7933e5e4e25750e1e4253ae8e17efd089c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:14:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Apr 2021 08:47:32 GMT
server
sffe
age
186
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24446
x-xss-protection
0
expires
Wed, 04 Aug 2021 20:29:48 GMT
hand_puck.png
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/hand_puck.png
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96f2fadca9ec95155d380c6ab6caf05b4f11a270e3dad15338946135d576b6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:14:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Apr 2021 08:47:40 GMT
server
sffe
age
186
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39652
x-xss-protection
0
expires
Wed, 04 Aug 2021 20:29:48 GMT
arm_left_knips.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		454 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/arm_left_knips.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60723cbbee76bb826441202f0f8bac320431190f81f696a0a6c069003c406f19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:05 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
hand_pege.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/hand_pege.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2d21745be03e1c6e39143306529a3d28942784569e2d19afa845cbc430b1c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1661
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:37 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
hand_knips.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/hand_knips.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea5c413e9ef1d052c546e3249c2f7b7dbcbddf2300f86c480d66fd20215e3ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1730
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:34 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
arm_right_under_01_2.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/arm_right_under_01_2.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90061186c50213da184641262f6d5360a908c7249b19a3e4b415804bec804b48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1564
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:11 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
arm_left_01.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		2 KB
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/arm_left_01.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c1ab4354d01407c129a5879dcd04c2bb7a289d6e915f09e02f1a96c79e253e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
887
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:02 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
arm_right_over_01.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		607 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/arm_right_over_01.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bd9364a0bff9ccf87d633b5c5197205f4e9fd0c7f035fd7888ac428aed0bf80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
391
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:08 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
krop_1.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		14 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/krop_1.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0a586663709d67024b54bab734a2f730e2819d8351faaf1a9eb3f475c367666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4948
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:46 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
nose.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		364 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/nose.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8ad80b5d483ea82dec9afa543dc1f73c68318ea3066f2f2cd35418807cc6374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:54 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
mund_02.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		470 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/mund_02.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec2d58d9bbf982e9470b0cc01e6425ab7e1037f4754cccf741f76af0c72e076d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
333
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:51 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
mund_01.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		596 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/mund_01.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c96de0e8b35eaf5e6dfac6d067309fa76d6ad998854bcfc87035c21d081bdc0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
378
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:49 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
bryn_01.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		293 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/bryn_01.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d29bb2dd9583f3cb68787a92bd217c953ce3198a5a1421a1abeab24422931bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
bryn_02.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		334 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/bryn_02.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8936d879b73d7d194213cd710ed803d3d836b856725fb392e919ccef96306adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:22 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
eye.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		618 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/eye.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8d5564f5798a3e45b52bb3380965e4f66faad847d51e54d4d2d5a899f266e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
377
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:29 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
ear.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		397 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/ear.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9acc78ac92794ae9e1095830e0abfa582fcfac544dba4940293e37b6cca9c9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
263
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:25 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
ansigt.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		634 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/ansigt.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3d07f572f1816074ec4047f74e047c837977e7d24746de785ffa89a416478f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
414
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:46:59 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
hoved.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/hoved.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0437453acc527dd58c4e62621cb400633e84a72d44c32e08c4dcbdffa55f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1067
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:43 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
ben.svg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		9 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/ben.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b2e12c075cbb646404f424d5683e8070b81c6ea9d6b07161a7057a86645ed30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2169
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 08:47:14 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
bg_300x250.jpg
s0.2mdn.net/creatives/assets/4104545/ Frame DD53 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4104545/bg_300x250.jpg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72d001ee2e11a41861ca143d3e3175953525e83a46d6a96e23e6a56aa8a05c53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:16:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Apr 2021 09:21:21 GMT
server
sffe
age
86
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9678
x-xss-protection
0
expires
Wed, 04 Aug 2021 20:31:28 GMT
truncated
/ Frame DD53 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
knap_hvid.svg
s0.2mdn.net/creatives/assets/3872966/ Frame DD53 		2 KB
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3872966/knap_hvid.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dad3d994075f0626204fcf0029d7e0118c557a57699194490a16d766ef59e2ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
843
x-xss-protection
0
last-modified
Fri, 25 Sep 2020 11:59:22 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
knap_blaa.svg
s0.2mdn.net/creatives/assets/3872966/ Frame DD53 		2 KB
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3872966/knap_blaa.svg
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c14b77ce1e567c1dd83550ce992c6283be83c910547b37cc2a725bd8f82e498e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
843
x-xss-protection
0
last-modified
Fri, 25 Sep 2020 11:59:19 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Aug 2021 20:18:04 GMT
bundle-23-49c170b0837e029a950a.js
www.pagalguy.com/assets/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pagalguy.com/assets/bundle-23-49c170b0837e029a950a.js
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.114.91 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
91.114.201.35.bc.googleusercontent.com
Software
nginx/1.16.1 /
Resource Hash
bf69ec0f66506711f59d97a86384aa123f8af2ab81c437c25311ad2139ad81a6

Request headers

:path
/assets/bundle-23-49c170b0837e029a950a.js
pragma
no-cache
cookie
_gcl_au=1.1.1291037719.1628108272; _fbp=fb.1.1628108272240.1291967903; _scid=e2fc79d8-30e5-469a-8c0b-9660a3ddf68c; _ga=GA1.2.1018949766.1628108273; _gid=GA1.2.31682174.1628108273; _gat=1; __gads=ID=5419017c46a5d768:T=1628108272:S=ALNI_MZpIrIHiL5M8YoyJr8l3lZYTjZ6HQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.pagalguy.com
referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-handled-by
frontend.pagalguy.com
date
Tue, 03 Aug 2021 14:51:27 GMT
content-encoding
gzip
age
105987
alt-svc
clear
content-length
8511
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
nginx/1.16.1
etag
W/"72f1-49773873e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 google
x-cloud-trace-context
2f57028e9625111a633bd575224dfb31
cache-control
max-age=691200,public
accept-ranges
bytes
expires
Wed, 11 Aug 2021 14:51:27 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:55 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Wed, 04 Aug 2021 20:17:55 GMT
hit.gif
visitanalytics.userreport.com/ Frame EB89 		43 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitanalytics.userreport.com/hit.gif?event=iv-inview&f=yes&t=ORCadf2-2246887-7182218&i=no&d=&med=https%3A%2F%2Fwww.pagalguy.com%2F&rnd=zfw4u6iq5b&campaign=2246887&placement=7182218&order=Boxer%20%2F%20RTB%20%2F%202021&format=300x250&publisher=1452227&m=cross
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-34.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fZAqbzuxSGtIKd7g0Oj0VzvG4UrkztnT
Via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
Age
70072
x-amz-meta-cb-modifiedtime
Tue, 14 Apr 2015 11:43:27 GMT
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
43
Last-Modified
Thu, 15 Oct 2015 11:22:45 GMT
Server
AmazonS3
Date
Wed, 04 Aug 2021 04:18:38 GMT
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
OI-tgh4Q65i8LMQtn6iAzrhVbgmT7S9Yg5sw4fX662EEcOO_FYC-1w==
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 738C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDxvV3f-3CpueUNzpTZPJ0agVtCaNyg5Xd28Z7Q72wO9E3SAhjVM8Yn0gcaYUeuuc8X09pT4r4RRqzKbplpite_DdMEhrcVbMNRkLY-A0LBuIwqScLekkO8QwBbQ&sai=AMfl-YTt6u9u9uCh6fpChPiteqvajlut_9KzVc_KmCFhNyaOnhqfPyUooHT4ksadGWhnRBz-d8SIcuT_usF3iCOPMsJovoJWRDAsWJXKFc3npaxG4Tis2wlj0y90XN7akDk&sig=Cg0ArKJSzD2eL2z5olTBEAE&cid=CAASFeRoZ3Ftb4kGIWzVo3fVWvIiYf8IkQ&id=lidar2&mcvt=1000&p=382,650,636,950&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210802&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=612759384&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628108273325&dlt=22&rpt=627&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
urlChecker
app.playstream.media/api/ 		15 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.playstream.media/api/urlChecker?url=https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.229.215.99.88.clients.your-server.de
Software
nginx/1.17.10 / PHP/7.4.11
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:55 GMT
content-encoding
br
server
nginx/1.17.10
x-powered-by
PHP/7.4.11
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.pagalguy.com
cache-control
no-cache, private
4f6f81e3-b6a2-4a34-83e4-373c8182bcc6
app.playstream.media/api/getVideos/ 		309 B
376 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.playstream.media/api/getVideos/4f6f81e3-b6a2-4a34-83e4-373c8182bcc6
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.229.215.99.88.clients.your-server.de
Software
nginx/1.17.10 / PHP/7.4.11
Resource Hash
45f86c66866b749253fd5bc4d2411c08b213175260ea6dc88d7833659342b8ed

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 04 Aug 2021 20:17:55 GMT
cache-control
no-cache, private
server
nginx/1.17.10
content-encoding
br
x-powered-by
PHP/7.4.11
content-type
application/json
270p.m3u8
acdn.flickstree.com/pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://acdn.flickstree.com/pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp/270p.m3u8
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec7099b16862fff67fb4e9b309cf177608433c56980453e2ed896a7dcc72bbfd

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:34:20 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
vary
Origin
age
6216
x-cache
Hit from cloudfront
content-length
1313
last-modified
Wed, 21 Oct 2020 04:02:33 GMT
server
AmazonS3
etag
"dd685f9658a5b4b8e8c94c8e63958b5a"
access-control-max-age
0
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
oUh5EDqhIQzK94mOHsROyTZYr0AJvUWKn5x_mymomUXnP7GkNGO1pw==
collect
www.google-analytics.com/ 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.pagalguy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame 42C0 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pagalguy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pagalguy.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 29 Jul 2021 08:18:39 GMT
expires
Fri, 29 Jul 2022 08:18:39 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
561556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Wed, 04 Aug 2021 20:17:55 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.pagalguy.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 04 Aug 2021 20:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1E2C 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:10:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 04 Aug 2021 21:10:02 GMT
270p_000.ts
acdn.flickstree.com/pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp/ 		114 KB
114 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://acdn.flickstree.com/pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp/270p_000.ts
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ada418dd8632e380b13887eeb3d3b030a930721b04a3bd0aa571d7786397c72

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 19:12:03 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
vary
Origin
age
3953
x-cache
Hit from cloudfront
content-length
116372
last-modified
Wed, 21 Oct 2020 04:02:33 GMT
server
AmazonS3
etag
"68f521b586ef6ba22b5d12c4c59de65a"
access-control-max-age
0
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
wD9DQvVUWE78VhHW9Q5628MT8SmLY_IKrcXCC_rZtLwl89kGbz9TSw==
/
track.adform.net/serving/unload/ Frame 738C 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=2211889234918545357@@43161537,2477049693276268742,100|1025|0|0|0|0|0|0|0||40|1|||||1|0|0|Dovwm0hA2VBcPlakbYq96ZlSSFH4f8b5AfPW6FA1bULKOzC5FyNC0Ym3nyX34Xgm0|||11|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:55 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
c2a00be0-97d6-40b3-b60b-d75845b93dc7
https://www.pagalguy.com/ 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.pagalguy.com/c2a00be0-97d6-40b3-b60b-d75845b93dc7
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e635a151ae79f1f8a17aec79f96bddb164b751445fb93f80d0357390560e65b6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
62383
Content-Type
text/javascript
4f6f81e3-b6a2-4a34-83e4-373c8182bcc6
app.playstream.media/api/vmap/ Frame 42C0 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.playstream.media/api/vmap/4f6f81e3-b6a2-4a34-83e4-373c8182bcc6?height=300&width=584&url=https%3A%2F%2Fwww.pagalguy.com%2Fdiscussions%2Fnfl-streams-reddit-116062938591898
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.99.215.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.229.215.99.88.clients.your-server.de
Software
nginx/1.17.10 / PHP/7.4.11
Resource Hash
f1eeaa7f7457ebf13d9336901afb582e8ddd7c51e2c0cc9f602e353d5d1e9bc7

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Wed, 04 Aug 2021 20:17:55 GMT
cache-control
no-cache, private
access-control-allow-credentials
true
server
nginx/1.17.10
x-powered-by
PHP/7.4.11
content-type
text/xml; charset=UTF-8
270p_001.ts
acdn.flickstree.com/pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp/ 		230 KB
231 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://acdn.flickstree.com/pfPvWPdK-68Jr-s9Mu-s4Bq-FLRa0QQFLVCp/270p_001.ts
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42c2d83676a2ac2848ed3ca16930cc23a1d1af089dfa55ac39bcf21ebb9e2a1d

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 00:40:36 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
vary
Origin
age
70640
x-cache
Hit from cloudfront
content-length
235752
last-modified
Wed, 21 Oct 2020 04:02:35 GMT
server
AmazonS3
etag
"7f01e4bfefa7f05b95552a48e6b5f96e"
access-control-max-age
0
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
rDh5RCCaSYuznF1S1VyCqUAeZ36NHXV_jhm_Uh5PqaedxPLHmGNc3A==
ads
googleads.g.doubleclick.net/pagead/ Frame 42C0 		156 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-6070398767421094&slotname=Adsolut_Pagalguy_PreRoll_1&ad_type=video&description_url=https%3A%2F%2Fwww.pagalguy.com%2F&max_ad_duration=33000&videoad_start_delay=0&vpmute=0&vpa=0&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.473.0&video_product_type=0&min_ad_duration=0&sz=584x300&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&sdki=44d&adk=1463422646&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.pagalguy.com%2Fb87be8a0-7516-4f53-9bc7-14e8f29e4f7a&eid=31061774&url=https%3A%2F%2Fwww.pagalguy.com%2Fdiscussions%2Fnfl-streams-reddit-116062938591898&dlt=1628108271757&idt=3592&dt=1628108275450&cookie=ID%3D5419017c46a5d768%3AT%3D1628108272%3AS%3DALNI_MZpIrIHiL5M8YoyJr8l3lZYTjZ6HQ&correlator=3011583095316736&ad_block=1&ged=ve4_td3_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16488
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 04 Aug 2021 20:17:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://imasdk.googleapis.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/instream/instream.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77114a79d52a211183732f50785ae7e5754649b2f8b556ca6e9412ec400eda57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"949 / 279 of 1000 / last-modified: 1628077064"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24823
x-xss-protection
0
expires
Wed, 04 Aug 2021 20:17:55 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2521257354806272&correlator=2597547456118135&output=ldjh&impl=fifs&eid=31060438%2C44742768%2C20211866&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210804&iu_parts=22059416475%2CInRead_Passback_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie=ID%3D5419017c46a5d768%3AT%3D1628108272%3AS%3DALNI_MZpIrIHiL5M8YoyJr8l3lZYTjZ6HQ&bc=31&abxe=1&lmt=1628108275&dt=1628108275712&dlt=1628108271757&idt=1046&frm=20&biw=1600&bih=1200&oid=3&adxs=508&adys=1031&adks=1612113158&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.pagalguy.com%2Fdiscussions%2Fnfl-streams-reddit-116062938591898&vis=1&dmc=8&scr_x=0&scr_y=0&psz=584x0&msz=584x0&ga_vid=1018949766.1628108273&ga_sid=1628108273&ga_hid=1843710945&ga_fc=false&fws=4&ohw=584&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
d701a7e5ef293a8e6870fc1a460c17955d3f96cc6152265f7f5de09b8c2841f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pagalguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7313
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.pagalguy.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5DFA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pagalguy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.pagalguy.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 04 Aug 2021 20:17:52 GMT
expires
Thu, 04 Aug 2022 20:17:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9AF7 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLuAtAIQ-v65Ahi9q6GrATAB&v=APEucNXJEx7FRYrVBpi9-tfcQTEdbddxh8ZROQvNG4WWgzRvZlGgEdOV9V5zxLZ7d1s4i8SE4YjExENeLfroIlEV9kv_IfRmuA
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLuAtAIQ-v65Ahi9q6GrATAB&v=APEucNXJEx7FRYrVBpi9-tfcQTEdbddxh8ZROQvNG4WWgzRvZlGgEdOV9V5zxLZ7d1s4i8SE4YjExENeLfroIlEV9kv_IfRmuA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkqI2GVhsRNVWdH1ekjRsy9kyWKvzmGuB5CQf8gOL_b5paYDGL-2p4E7QnCgjg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 04 Aug 2021 20:17:56 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 5DFA 		45 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxHm8paXVrRk4OF0O4oBBYtL7LIV7b01SgY5ECcIE9msnh7GIyV8v3AQZTzVzW0Impi8gX4Xb1w1iMJVDfHd8oxNaQ0mI3wDaen7Ls684tZOBnyRAG7Pn5O7EE3dX1Tw0Pg9Gmwscljs9WEdkHIjS70A3FJw&dbm_d=AKAmf-CYhgBjyVqiUnhpP5yLr8iHJvcMzfxF-gGJ9swaT7oEkoCWCXMtZn7fEOTpELnnShTdJkrOsRxNuWv3LEF7OGlA04_Fem1qnYXWTI6S5CsEU3-Zsa3NH94vRKzT5xBjlhN7TlndEXvO0MGnMnc343AY0RD6IBwYRoTaAvSSnr7e3WqRc_TKo1CkTPmHGA8kee5dC3tVTQxM4tE7uMx9gXK8jIOgsqgEe8JEjf3U4gTuXlfdXtNoqJdlgAomcOkVHd62iXQRntIayE3khAv7T2HuhwkJJkisfNn9n1xW0Hc9TtiEiQa_jIce1YZJdx6RKpXevCI2jPWLjnNT8jrhWoFFlzQu8-IWhr1B_RwMKXxPh5VFtSTE5v1dgr-ZNezmpi7al1eeIIaneIxn-i7N1EFsmHSppQDA1KMI2vB_nuAo7NrTfw6-WjskkrwcoxUdXf1UHz1DWBTowjLKWZSFymiCRcaBqpNsQ41Yh-KSRArowDAn4qm7eoZ9lDgw3kW6bjMqLVOeSx0h8rbEa24WtBWElKjs8-JsE2pw42OCm9iBmr_EerdEc3BpxLhHc6IOvkYs7il4D4hSeGBQfUZLxvp0yrCSfHezUegsglqJ17zn9WUALYSvgg702Gftie7A5qaVjt3u4jQY4QohmHV-4UnV2MRdhLXWHAtfsE9NkkjrgTE7WkiL5CYwmsuOzei41WjULKx3MPdCff7SFWvUuUbuQ6vkraGvB57k2t2jwCtJpTCyQmqv4yEP52VtejWzWy1Y_rD6z-qo2Jjo91Vui3iwzVQwbD8XYmRODir9HrgFcyiIYuA2LTIPekoA_KWaq45_wOT4S_xyZY4jTrE20KLdopx-RBEt9Whmu0xEI1ftq1HfBDxHszrD96bUHWP4ekN17hXf-z7pRfw2jMyeIuiH-nlvknrK0RC6eXg6KtbCa-7SNn446MUsAC5dkLiactmUpADHEhf9xPBjxP1y_dQxZ13FAmBLaTpJB-RxYGyU1lzBDdXOhqYjcAVl3qlQZXCjfkwK0kss9r76eCwvbygdQNxskHdyGzkDJFs1ipLfPbvOO-j7Dpe-divajN9DbVUmXNLgnhSuDbTKhB2rAcktuLTf6EpAbjTL9nEpJzQT6_Y95T_-vVHi61-xZsTEyVjhmw8Rt5TjyLNVo0O1kIJDoP6AIJshxGWNnyWYe8VEa9qKmZWXczitVM5YwdeC1k4G2JcqvswrPqb5PXReyly4vocmJZ5J_ZCURmP7KEFfAPHkFbDDGRXVbbGhkBw8GfDGFK7fHXaYCgbbwS8VgXvP65vORnvPxajRDq52D0hcAq3s08e3kEMfOBW1T_ziG4f10BBe7hQCgTupCdyEQLww9TldJW9w_HxHh8-8Yx9Diu1RZ66V3SLrTu-tV_fk0zIn7NEmJJOST9-rkeuL5kkj5vJip0qLXr_Mr5lJhbst16YDfBPdjwOcEffcDwvdVqK8LtrbNSgYNqEIDNncdPJpu8hw7u5vrWAF5jnG8lV_72vPcVvzE6Pw-JUdWagr_GsyPggxQ1VHz0g0SEgRstZgFBkGYO5WIFRHOIWx7xlyYyt_Kg-P0pnoCnwHA4TXnQ-7ykSxI1ROQdv6Zut33bfLY4h9-TucebDw13Plig4DCkXrN1tXD0s5FkKOJmymmMrewutgmmuGTsno5cbCcweyXuI3iQNszg16O3hGBuOv7iccg8ZUgsMRcDbFmhnR6ssGctWMKHCRJouO77iLCFud0SGMJJb-g9PluY4KOaL1YfhLsQARpb_72D_xvbMI4woyxHC9XZdobZWqnYGlJuOJe0vuv_FkXlpCPus8vnwdNczmZ8AqbFOXcl1Pojct-eLIQo3rfKEGiKsMPPh2hB6SR4kXLkL7syqmctwPDjtCGzBlvvNQwR4EfBEpMFKUUW_-cg1IQJdP4Fr4U4DpRmt5r6eTsSWfo3eWpsAlwRt_ZgV6NZghk9eegiklaOgcC1-kKdSSqXOTlW0zWn2kPYKveG0FP5M-5CDUfkfDGC5NDr-kYITQy1bV_XoyNmY_IM7873m7ifuQ-HOoMJ-GMD9vnOemp_PfWTonYSUlsq26o5OxIoapQj7Vvh7v7oP0wAunjhEPJVpXLXkkGPLm9PChqKFxZeh9IPapALfO8Ih1L3XvQ1BNs07UIYWDv-DC29t2ZhuSPN9vPvNBUtC26nz-5Z7r8qzp2b3MYCEPFbae0bDzn4PoKKHt_k5FCX6A-E2La9wXIvN9Rpyk9nvIfI3Wvf-iOCnDIaiG85A0saku40CX7WpZNpB7zQopTD9C1OXisW9siFQQ0Pl8FGaS_o9s0h2QNYr85f3T-joCKnSoadChZ1Yizf9Wx5y6_22uPSu9nvPM1yCY0KHvPYrwCV-0JoxDTfsI0BnmhYuxUXjIxdfIw-ojsdEUhuBzH-43mMOhBCd5ZhLOow3gzWBpuhaQbj3ypEqzEKlUpOBk9CVKDucd8ovdxEwjum4C0ke9avKcOD_Qd34g_JMXpYvTQ-yUYIrNcNqIuPTEqOCtEzqmaXrEDMeZwlS6ts7mPRTQ2WXnHwx9BZu8ixa9r1i_yJfcW8lezQ80nJA8SFtPFYgese7ip2wOrFvDL_IFAN35r6V5Dpux6X4leB_huGSFZGkq71Q08P4TSX_xwazNc-86HARKowYndpC4WGVj00ZW3GmET6RmV9pgGvmAK0fg_weJSD7BH6L225rULyk4wxLJ4IqvIHbEVz8UL0uKDUU_X25BI4HfB_yK993qC5q07wK8ediVvw4UrK7VB2oyPmNJISIvwyPRWnTckhU0-GD0rv7xEtAVlJe6S5oyp2i70G1iFkxNzO0rhaQFOiqO7vwHJiQnnWAIZCCxc3yxOQm1TN6nTYWS10TcHLn44ww3fyToMMp1GV77CvxNkZSO74GODWS330eWohXDQldy8ULLAJIHE-7JZtCsre-AzynfJSBsz9v36hgARp53MTEEzyNsXpurK1fNKuMJhkEvDAn7-MIP5LDFqxs45s8J5jq6smaEeEYyNzQ9qay68oe55TwCla-QV3CDR9TkJY4gIl2rH5_AMtdac-D1sKnPmo1bWABHTz-ReFbSo8CV-Pw4oIZ0X4_FTeT8fynqN024o3DuXzUknuBtAhldyTdz1HToXCeZRO6zx0dcRMBpx6SnpFHjdmI2lIsUjxf_ISruxwXTGVPSLkDenzpEMbWqxY4qS7GOPiaoQSZ58CebI44hI8mx-q1_6UQ&cid=CAASPeRoPmHrgLqWswByzaYnFa1ST7uLc8wpWyax_4DA_TwkLoppFDm2q7QbR0yvUkAnxn__3e3PLpuOGAi5ePw&rfl=1%2Chttps%253A%252F%252Fwww.pagalguy.com%252F%240
Requested by
Host: www.pagalguy.com
URL: https://www.pagalguy.com/discussions/nfl-streams-reddit-116062938591898
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f75ed05654fa2ce00a8797311c857412741cd29799220058468db371f84849a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22481
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5DFA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AGJjfVtWlBE7p799V5pwecgdg75U8WYosVf4b0g1gZ56RcankhojrTGrgfQt_R0LLfz9bbcRJcsTEFmZ2PaNYGdf1ZnHe-Mo3QmXHR3JAK4vfdVXk
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/ Frame 5DFA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/window_focus_fy2019.js
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
917
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Aug 2021 20:02:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5DFA 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:17:56 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627903459924584"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38134
x-xss-protection
0
expires
Wed, 04 Aug 2021 20:17:56 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/ Frame 5DFA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210802/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
11055049251678278959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Aug 2021 20:16:15 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210802/r20110914/ Frame 5DFA 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210802/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxHm8paXVrRk4OF0O4oBBYtL7LIV7b01SgY5ECcIE9msnh7GIyV8v3AQZTzVzW0Impi8gX4Xb1w1iMJVDfHd8oxNaQ0mI3wDaen7Ls684tZOBnyRAG7Pn5O7EE3dX1Tw0Pg9Gmwscljs9WEdkHIjS70A3FJw&dbm_d=AKAmf-CYhgBjyVqiUnhpP5yLr8iHJvcMzfxF-gGJ9swaT7oEkoCWCXMtZn7fEOTpELnnShTdJkrOsRxNuWv3LEF7OGlA04_Fem1qnYXWTI6S5CsEU3-Zsa3NH94vRKzT5xBjlhN7TlndEXvO0MGnMnc343AY0RD6IBwYRoTaAvSSnr7e3WqRc_TKo1CkTPmHGA8kee5dC3tVTQxM4tE7uMx9gXK8jIOgsqgEe8JEjf3U4gTuXlfdXtNoqJdlgAomcOkVHd62iXQRntIayE3khAv7T2HuhwkJJkisfNn9n1xW0Hc9TtiEiQa_jIce1YZJdx6RKpXevCI2jPWLjnNT8jrhWoFFlzQu8-IWhr1B_RwMKXxPh5VFtSTE5v1dgr-ZNezmpi7al1eeIIaneIxn-i7N1EFsmHSppQDA1KMI2vB_nuAo7NrTfw6-WjskkrwcoxUdXf1UHz1DWBTowjLKWZSFymiCRcaBqpNsQ41Yh-KSRArowDAn4qm7eoZ9lDgw3kW6bjMqLVOeSx0h8rbEa24WtBWElKjs8-JsE2pw42OCm9iBmr_EerdEc3BpxLhHc6IOvkYs7il4D4hSeGBQfUZLxvp0yrCSfHezUegsglqJ17zn9WUALYSvgg702Gftie7A5qaVjt3u4jQY4QohmHV-4UnV2MRdhLXWHAtfsE9NkkjrgTE7WkiL5CYwmsuOzei41WjULKx3MPdCff7SFWvUuUbuQ6vkraGvB57k2t2jwCtJpTCyQmqv4yEP52VtejWzWy1Y_rD6z-qo2Jjo91Vui3iwzVQwbD8XYmRODir9HrgFcyiIYuA2LTIPekoA_KWaq45_wOT4S_xyZY4jTrE20KLdopx-RBEt9Whmu0xEI1ftq1HfBDxHszrD96bUHWP4ekN17hXf-z7pRfw2jMyeIuiH-nlvknrK0RC6eXg6KtbCa-7SNn446MUsAC5dkLiactmUpADHEhf9xPBjxP1y_dQxZ13FAmBLaTpJB-RxYGyU1lzBDdXOhqYjcAVl3qlQZXCjfkwK0kss9r76eCwvbygdQNxskHdyGzkDJFs1ipLfPbvOO-j7Dpe-divajN9DbVUmXNLgnhSuDbTKhB2rAcktuLTf6EpAbjTL9nEpJzQT6_Y95T_-vVHi61-xZsTEyVjhmw8Rt5TjyLNVo0O1kIJDoP6AIJshxGWNnyWYe8VEa9qKmZWXczitVM5YwdeC1k4G2JcqvswrPqb5PXReyly4vocmJZ5J_ZCURmP7KEFfAPHkFbDDGRXVbbGhkBw8GfDGFK7fHXaYCgbbwS8VgXvP65vORnvPxajRDq52D0hcAq3s08e3kEMfOBW1T_ziG4f10BBe7hQCgTupCdyEQLww9TldJW9w_HxHh8-8Yx9Diu1RZ66V3SLrTu-tV_fk0zIn7NEmJJOST9-rkeuL5kkj5vJip0qLXr_Mr5lJhbst16YDfBPdjwOcEffcDwvdVqK8LtrbNSgYNqEIDNncdPJpu8hw7u5vrWAF5jnG8lV_72vPcVvzE6Pw-JUdWagr_GsyPggxQ1VHz0g0SEgRstZgFBkGYO5WIFRHOIWx7xlyYyt_Kg-P0pnoCnwHA4TXnQ-7ykSxI1ROQdv6Zut33bfLY4h9-TucebDw13Plig4DCkXrN1tXD0s5FkKOJmymmMrewutgmmuGTsno5cbCcweyXuI3iQNszg16O3hGBuOv7iccg8ZUgsMRcDbFmhnR6ssGctWMKHCRJouO77iLCFud0SGMJJb-g9PluY4KOaL1YfhLsQARpb_72D_xvbMI4woyxHC9XZdobZWqnYGlJuOJe0vuv_FkXlpCPus8vnwdNczmZ8AqbFOXcl1Pojct-eLIQo3rfKEGiKsMPPh2hB6SR4kXLkL7syqmctwPDjtCGzBlvvNQwR4EfBEpMFKUUW_-cg1IQJdP4Fr4U4DpRmt5r6eTsSWfo3eWpsAlwRt_ZgV6NZghk9eegiklaOgcC1-kKdSSqXOTlW0zWn2kPYKveG0FP5M-5CDUfkfDGC5NDr-kYITQy1bV_XoyNmY_IM7873m7ifuQ-HOoMJ-GMD9vnOemp_PfWTonYSUlsq26o5OxIoapQj7Vvh7v7oP0wAunjhEPJVpXLXkkGPLm9PChqKFxZeh9IPapALfO8Ih1L3XvQ1BNs07UIYWDv-DC29t2ZhuSPN9vPvNBUtC26nz-5Z7r8qzp2b3MYCEPFbae0bDzn4PoKKHt_k5FCX6A-E2La9wXIvN9Rpyk9nvIfI3Wvf-iOCnDIaiG85A0saku40CX7WpZNpB7zQopTD9C1OXisW9siFQQ0Pl8FGaS_o9s0h2QNYr85f3T-joCKnSoadChZ1Yizf9Wx5y6_22uPSu9nvPM1yCY0KHvPYrwCV-0JoxDTfsI0BnmhYuxUXjIxdfIw-ojsdEUhuBzH-43mMOhBCd5ZhLOow3gzWBpuhaQbj3ypEqzEKlUpOBk9CVKDucd8ovdxEwjum4C0ke9avKcOD_Qd34g_JMXpYvTQ-yUYIrNcNqIuPTEqOCtEzqmaXrEDMeZwlS6ts7mPRTQ2WXnHwx9BZu8ixa9r1i_yJfcW8lezQ80nJA8SFtPFYgese7ip2wOrFvDL_IFAN35r6V5Dpux6X4leB_huGSFZGkq71Q08P4TSX_xwazNc-86HARKowYndpC4WGVj00ZW3GmET6RmV9pgGvmAK0fg_weJSD7BH6L225rULyk4wxLJ4IqvIHbEVz8UL0uKDUU_X25BI4HfB_yK993qC5q07wK8ediVvw4UrK7VB2oyPmNJISIvwyPRWnTckhU0-GD0rv7xEtAVlJe6S5oyp2i70G1iFkxNzO0rhaQFOiqO7vwHJiQnnWAIZCCxc3yxOQm1TN6nTYWS10TcHLn44ww3fyToMMp1GV77CvxNkZSO74GODWS330eWohXDQldy8ULLAJIHE-7JZtCsre-AzynfJSBsz9v36hgARp53MTEEzyNsXpurK1fNKuMJhkEvDAn7-MIP5LDFqxs45s8J5jq6smaEeEYyNzQ9qay68oe55TwCla-QV3CDR9TkJY4gIl2rH5_AMtdac-D1sKnPmo1bWABHTz-ReFbSo8CV-Pw4oIZ0X4_FTeT8fynqN024o3DuXzUknuBtAhldyTdz1HToXCeZRO6zx0dcRMBpx6SnpFHjdmI2lIsUjxf_ISruxwXTGVPSLkDenzpEMbWqxY4qS7GOPiaoQSZ58CebI44hI8mx-q1_6UQ&cid=CAASPeRoPmHrgLqWswByzaYnFa1ST7uLc8wpWyax_4DA_TwkLoppFDm2q7QbR0yvUkAnxn__3e3PLpuOGAi5ePw&rfl=1%2Chttps%253A%252F%252Fwww.pagalguy.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44b9a9d2c3baadad3ce45a7368c567c905db6d1473139b93b50123e3197e20c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:13:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9339
x-xss-protection
0
server
cafe
etag
8973662780436066029
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Aug 2021 20:13:30 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210802/r20110914/elements/html/ Frame 5DFA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210802/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxHm8paXVrRk4OF0O4oBBYtL7LIV7b01SgY5ECcIE9msnh7GIyV8v3AQZTzVzW0Impi8gX4Xb1w1iMJVDfHd8oxNaQ0mI3wDaen7Ls684tZOBnyRAG7Pn5O7EE3dX1Tw0Pg9Gmwscljs9WEdkHIjS70A3FJw&dbm_d=AKAmf-CYhgBjyVqiUnhpP5yLr8iHJvcMzfxF-gGJ9swaT7oEkoCWCXMtZn7fEOTpELnnShTdJkrOsRxNuWv3LEF7OGlA04_Fem1qnYXWTI6S5CsEU3-Zsa3NH94vRKzT5xBjlhN7TlndEXvO0MGnMnc343AY0RD6IBwYRoTaAvSSnr7e3WqRc_TKo1CkTPmHGA8kee5dC3tVTQxM4tE7uMx9gXK8jIOgsqgEe8JEjf3U4gTuXlfdXtNoqJdlgAomcOkVHd62iXQRntIayE3khAv7T2HuhwkJJkisfNn9n1xW0Hc9TtiEiQa_jIce1YZJdx6RKpXevCI2jPWLjnNT8jrhWoFFlzQu8-IWhr1B_RwMKXxPh5VFtSTE5v1dgr-ZNezmpi7al1eeIIaneIxn-i7N1EFsmHSppQDA1KMI2vB_nuAo7NrTfw6-WjskkrwcoxUdXf1UHz1DWBTowjLKWZSFymiCRcaBqpNsQ41Yh-KSRArowDAn4qm7eoZ9lDgw3kW6bjMqLVOeSx0h8rbEa24WtBWElKjs8-JsE2pw42OCm9iBmr_EerdEc3BpxLhHc6IOvkYs7il4D4hSeGBQfUZLxvp0yrCSfHezUegsglqJ17zn9WUALYSvgg702Gftie7A5qaVjt3u4jQY4QohmHV-4UnV2MRdhLXWHAtfsE9NkkjrgTE7WkiL5CYwmsuOzei41WjULKx3MPdCff7SFWvUuUbuQ6vkraGvB57k2t2jwCtJpTCyQmqv4yEP52VtejWzWy1Y_rD6z-qo2Jjo91Vui3iwzVQwbD8XYmRODir9HrgFcyiIYuA2LTIPekoA_KWaq45_wOT4S_xyZY4jTrE20KLdopx-RBEt9Whmu0xEI1ftq1HfBDxHszrD96bUHWP4ekN17hXf-z7pRfw2jMyeIuiH-nlvknrK0RC6eXg6KtbCa-7SNn446MUsAC5dkLiactmUpADHEhf9xPBjxP1y_dQxZ13FAmBLaTpJB-RxYGyU1lzBDdXOhqYjcAVl3qlQZXCjfkwK0kss9r76eCwvbygdQNxskHdyGzkDJFs1ipLfPbvOO-j7Dpe-divajN9DbVUmXNLgnhSuDbTKhB2rAcktuLTf6EpAbjTL9nEpJzQT6_Y95T_-vVHi61-xZsTEyVjhmw8Rt5TjyLNVo0O1kIJDoP6AIJshxGWNnyWYe8VEa9qKmZWXczitVM5YwdeC1k4G2JcqvswrPqb5PXReyly4vocmJZ5J_ZCURmP7KEFfAPHkFbDDGRXVbbGhkBw8GfDGFK7fHXaYCgbbwS8VgXvP65vORnvPxajRDq52D0hcAq3s08e3kEMfOBW1T_ziG4f10BBe7hQCgTupCdyEQLww9TldJW9w_HxHh8-8Yx9Diu1RZ66V3SLrTu-tV_fk0zIn7NEmJJOST9-rkeuL5kkj5vJip0qLXr_Mr5lJhbst16YDfBPdjwOcEffcDwvdVqK8LtrbNSgYNqEIDNncdPJpu8hw7u5vrWAF5jnG8lV_72vPcVvzE6Pw-JUdWagr_GsyPggxQ1VHz0g0SEgRstZgFBkGYO5WIFRHOIWx7xlyYyt_Kg-P0pnoCnwHA4TXnQ-7ykSxI1ROQdv6Zut33bfLY4h9-TucebDw13Plig4DCkXrN1tXD0s5FkKOJmymmMrewutgmmuGTsno5cbCcweyXuI3iQNszg16O3hGBuOv7iccg8ZUgsMRcDbFmhnR6ssGctWMKHCRJouO77iLCFud0SGMJJb-g9PluY4KOaL1YfhLsQARpb_72D_xvbMI4woyxHC9XZdobZWqnYGlJuOJe0vuv_FkXlpCPus8vnwdNczmZ8AqbFOXcl1Pojct-eLIQo3rfKEGiKsMPPh2hB6SR4kXLkL7syqmctwPDjtCGzBlvvNQwR4EfBEpMFKUUW_-cg1IQJdP4Fr4U4DpRmt5r6eTsSWfo3eWpsAlwRt_ZgV6NZghk9eegiklaOgcC1-kKdSSqXOTlW0zWn2kPYKveG0FP5M-5CDUfkfDGC5NDr-kYITQy1bV_XoyNmY_IM7873m7ifuQ-HOoMJ-GMD9vnOemp_PfWTonYSUlsq26o5OxIoapQj7Vvh7v7oP0wAunjhEPJVpXLXkkGPLm9PChqKFxZeh9IPapALfO8Ih1L3XvQ1BNs07UIYWDv-DC29t2ZhuSPN9vPvNBUtC26nz-5Z7r8qzp2b3MYCEPFbae0bDzn4PoKKHt_k5FCX6A-E2La9wXIvN9Rpyk9nvIfI3Wvf-iOCnDIaiG85A0saku40CX7WpZNpB7zQopTD9C1OXisW9siFQQ0Pl8FGaS_o9s0h2QNYr85f3T-joCKnSoadChZ1Yizf9Wx5y6_22uPSu9nvPM1yCY0KHvPYrwCV-0JoxDTfsI0BnmhYuxUXjIxdfIw-ojsdEUhuBzH-43mMOhBCd5ZhLOow3gzWBpuhaQbj3ypEqzEKlUpOBk9CVKDucd8ovdxEwjum4C0ke9avKcOD_Qd34g_JMXpYvTQ-yUYIrNcNqIuPTEqOCtEzqmaXrEDMeZwlS6ts7mPRTQ2WXnHwx9BZu8ixa9r1i_yJfcW8lezQ80nJA8SFtPFYgese7ip2wOrFvDL_IFAN35r6V5Dpux6X4leB_huGSFZGkq71Q08P4TSX_xwazNc-86HARKowYndpC4WGVj00ZW3GmET6RmV9pgGvmAK0fg_weJSD7BH6L225rULyk4wxLJ4IqvIHbEVz8UL0uKDUU_X25BI4HfB_yK993qC5q07wK8ediVvw4UrK7VB2oyPmNJISIvwyPRWnTckhU0-GD0rv7xEtAVlJe6S5oyp2i70G1iFkxNzO0rhaQFOiqO7vwHJiQnnWAIZCCxc3yxOQm1TN6nTYWS10TcHLn44ww3fyToMMp1GV77CvxNkZSO74GODWS330eWohXDQldy8ULLAJIHE-7JZtCsre-AzynfJSBsz9v36hgARp53MTEEzyNsXpurK1fNKuMJhkEvDAn7-MIP5LDFqxs45s8J5jq6smaEeEYyNzQ9qay68oe55TwCla-QV3CDR9TkJY4gIl2rH5_AMtdac-D1sKnPmo1bWABHTz-ReFbSo8CV-Pw4oIZ0X4_FTeT8fynqN024o3DuXzUknuBtAhldyTdz1HToXCeZRO6zx0dcRMBpx6SnpFHjdmI2lIsUjxf_ISruxwXTGVPSLkDenzpEMbWqxY4qS7GOPiaoQSZ58CebI44hI8mx-q1_6UQ&cid=CAASPeRoPmHrgLqWswByzaYnFa1ST7uLc8wpWyax_4DA_TwkLoppFDm2q7QbR0yvUkAnxn__3e3PLpuOGAi5ePw&rfl=1%2Chttps%253A%252F%252Fwww.pagalguy.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 20:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Aug 2021 20:16:38 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5DFA 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstU7Dg53mUUZhQfkdeA3u5RQq2hil_nSsAJEK_ZTN4gRepeNBU376MAIte3-trB6eIZC-S-MWZMThNyzQb2vhAkuZFPOByjtVb1UOzhhhXPnOX8xuPRMovIe2Gw-6_V_lrkK9vJFoske8dtEetDDu9JBnjtZYp8VCvRPDgZIbfsBHmDso2eQcQBzvKvfBl45ng5WuUUAFP19s2Mq8Izf65hBg70yHcmnoI7tTfEPmszez25aWByZI1YQ37S3q25xiCiGh2r84RHIFyIi22gf-9J16A0UHLWeTVvScsciMkAKiGqLI9Bo87e3bPfoUDP5NwAf5U5mEIQuaCuv1YjmpDWJ2_maEuu3ZBjf57tA6ayixnKYuvRITFio3WJk0XJ6zoFhdN9IoLLwpFrDhNouLbANZw1KC-SRjFcwIeEj_3Q5_bV2eg4t8WREDGjasOURA0fgDdYTIObY98M3vm77YZWrKQ4FjbSdmoW1849O3Y4F-EJsaQgHFqNwTsAVzYE29x2i2h0ASrCOEWec8SSfU6fKdQEmktUoQKTehNjueDxt-x3uq8u76j03fbrJ1KrcB0JlQXDFDA4XEs5VfPOwrHlttJrzbQ1N61s-g9nxVOcp9dZzaO6JcNLNPhBR7UqlQpVcs8rlQn1Lc5RQyXKuArqZWU86L1LYoxFsqtu6RGi2gUgo-nZoMELmBHbhQtlww0APiUWlUoxiIeVPi8ZRIC7lKAwwWd4E0YaGi1kEHJ5Y5YX6qDmgB-oed4EFNtMD2p7Dc4LlsyR1sF9AVZfLNaeKU5QziZI9WCN2IapinKh0Wo2d6gFI0adIkPdzLQvDo8hfzGcz1wdTDyo7R9MbFdqYGiMOOddow8l3QPRE0tpDSmYAJP-hBqLCB1wGwy6SfrSeUWAkcOFAUyvI8pyoiHVRzt0syu_gHvu9hlXa0iykdY4LaY2fvaXzu9j1Cs8P6ejWAJrrjAzmicMd8yKzUaBm9RLwzNAKmHkeFJrtepWNcw2CUaQjh5E-n6oBgQIuZ1awcjDA7ZnNnBrfnXQGzQb4XK4MCX4jQ1HLaoty2UlnyWIusQecmtfeGVmiFiQYiD9ojN9wk_IpS7oIkX3fEwxF5UakqHpqyGHS_Wt2qbM3ykqE9m_LV-em2o0AmmPMgEhi3BPqfR-TPrED_MXN5YR4E8FjAUxzfSr3eqRgZBC54ALtqGaNAF6uRJ0lBC39g6CyATTHw2tQuIylIU&sai=AMfl-YR_x_f6XxR1zdtPVZI-bGk5c4hhHM4VPbnB3fpDac78b5XdmHC8Q4oYfU8yJbi_5vhHT55CBYOtYnirpRp4M7e6cT2hJDwYWPXBQCR_lXpLcxxN_iJGX68wv20n4_x5FkiYaLwi0P0vfbUySbaR8hSrNo5VHtir81T53Oe5UiCa6sLA4Jxa4lzjhHtU8w8eCb9pEj4xXjXa6U_ck0cN2fKQzKX_giwOK0hgWy0yGA&sig=Cg0ArKJSzPfMpeeJ0mJwEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210802.08158&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxHm8paXVrRk4OF0O4oBBYtL7LIV7b01SgY5ECcIE9msnh7GIyV8v3AQZTzVzW0Impi8gX4Xb1w1iMJVDfHd8oxNaQ0mI3wDaen7Ls684tZOBnyRAG7Pn5O7EE3dX1Tw0Pg9Gmwscljs9WEdkHIjS70A3FJw&dbm_d=AKAmf-CYhgBjyVqiUnhpP5yLr8iHJvcMzfxF-gGJ9swaT7oEkoCWCXMtZn7fEOTpELnnShTdJkrOsRxNuWv3LEF7OGlA04_Fem1qnYXWTI6S5CsEU3-Zsa3NH94vRKzT5xBjlhN7TlndEXvO0MGnMnc343AY0RD6IBwYRoTaAvSSnr7e3WqRc_TKo1CkTPmHGA8kee5dC3tVTQxM4tE7uMx9gXK8jIOgsqgEe8JEjf3U4gTuXlfdXtNoqJdlgAomcOkVHd62iXQRntIayE3khAv7T2HuhwkJJkisfNn9n1xW0Hc9TtiEiQa_jIce1YZJdx6RKpXevCI2jPWLjnNT8jrhWoFFlzQu8-IWhr1B_RwMKXxPh5VFtSTE5v1dgr-ZNezmpi7al1eeIIaneIxn-i7N1EFsmHSppQDA1KMI2vB_nuAo7NrTfw6-WjskkrwcoxUdXf1UHz1DWBTowjLKWZSFymiCRcaBqpNsQ41Yh-KSRArowDAn4qm7eoZ9lDgw3kW6bjMqLVOeSx0h8rbEa24WtBWElKjs8-JsE2pw42OCm9iBmr_EerdEc3BpxLhHc6IOvkYs7il4D4hSeGBQfUZLxvp0yrCSfHezUegsglqJ17zn9WUALYSvgg702Gftie7A5qaVjt3u4jQY4QohmHV-4UnV2MRdhLXWHAtfsE9NkkjrgTE7WkiL5CYwmsuOzei41WjULKx3MPdCff7SFWvUuUbuQ6vkraGvB57k2t2jwCtJpTCyQmqv4yEP52VtejWzWy1Y_rD6z-qo2Jjo91Vui3iwzVQwbD8XYmRODir9HrgFcyiIYuA2LTIPekoA_KWaq45_wOT4S_xyZY4jTrE20KLdopx-RBEt9Whmu0xEI1ftq1HfBDxHszrD96bUHWP4ekN17hXf-z7pRfw2jMyeIuiH-nlvknrK0RC6eXg6KtbCa-7SNn446MUsAC5dkLiactmUpADHEhf9xPBjxP1y_dQxZ13FAmBLaTpJB-RxYGyU1lzBDdXOhqYjcAVl3qlQZXCjfkwK0kss9r76eCwvbygdQNxskHdyGzkDJFs1ipLfPbvOO-j7Dpe-divajN9DbVUmXNLgnhSuDbTKhB2rAcktuLTf6EpAbjTL9nEpJzQT6_Y95T_-vVHi61-xZsTEyVjhmw8Rt5TjyLNVo0O1kIJDoP6AIJshxGWNnyWYe8VEa9qKmZWXczitVM5YwdeC1k4G2JcqvswrPqb5PXReyly4vocmJZ5J_ZCURmP7KEFfAPHkFbDDGRXVbbGhkBw8GfDGFK7fHXaYCgbbwS8VgXvP65vORnvPxajRDq52D0hcAq3s08e3kEMfOBW1T_ziG4f10BBe7hQCgTupCdyEQLww9TldJW9w_HxHh8-8Yx9Diu1RZ66V3SLrTu-tV_fk0zIn7NEmJJOST9-rkeuL5kkj5vJip0qLXr_Mr5lJhbst16YDfBPdjwOcEffcDwvdVqK8LtrbNSgYNqEIDNncdPJpu8hw7u5vrWAF5jnG8lV_72vPcVvzE6Pw-JUdWagr_GsyPggxQ1VHz0g0SEgRstZgFBkGYO5WIFRHOIWx7xlyYyt_Kg-P0pnoCnwHA4TXnQ-7ykSxI1ROQdv6Zut33bfLY4h9-TucebDw13Plig4DCkXrN1tXD0s5FkKOJmymmMrewutgmmuGTsno5cbCcweyXuI3iQNszg16O3hGBuOv7iccg8ZUgsMRcDbFmhnR6ssGctWMKHCRJouO77iLCFud0SGMJJb-g9PluY4KOaL1YfhLsQARpb_72D_xvbMI4woyxHC9XZdobZWqnYGlJuOJe0vuv_FkXlpCPus8vnwdNczmZ8AqbFOXcl1Pojct-eLIQo3rfKEGiKsMPPh2hB6SR4kXLkL7syqmctwPDjtCGzBlvvNQwR4EfBEpMFKUUW_-cg1IQJdP4Fr4U4DpRmt5r6eTsSWfo3eWpsAlwRt_ZgV6NZghk9eegiklaOgcC1-kKdSSqXOTlW0zWn2kPYKveG0FP5M-5CDUfkfDGC5NDr-kYITQy1bV_XoyNmY_IM7873m7ifuQ-HOoMJ-GMD9vnOemp_PfWTonYSUlsq26o5OxIoapQj7Vvh7v7oP0wAunjhEPJVpXLXkkGPLm9PChqKFxZeh9IPapALfO8Ih1L3XvQ1BNs07UIYWDv-DC29t2ZhuSPN9vPvNBUtC26nz-5Z7r8qzp2b3MYCEPFbae0bDzn4PoKKHt_k5FCX6A-E2La9wXIvN9Rpyk9nvIfI3Wvf-iOCnDIaiG85A0saku40CX7WpZNpB7zQopTD9C1OXisW9siFQQ0Pl8FGaS_o9s0h2QNYr85f3T-joCKnSoadChZ1Yizf9Wx5y6_22uPSu9nvPM1yCY0KHvPYrwCV-0JoxDTfsI0BnmhYuxUXjIxdfIw-ojsdEUhuBzH-43mMOhBCd5ZhLOow3gzWBpuhaQbj3ypEqzEKlUpOBk9CVKDucd8ovdxEwjum4C0ke9avKcOD_Qd34g_JMXpYvTQ-yUYIrNcNqIuPTEqOCtEzqmaXrEDMeZwlS6ts7mPRTQ2WXnHwx9BZu8ixa9r1i_yJfcW8lezQ80nJA8SFtPFYgese7ip2wOrFvDL_IFAN35r6V5Dpux6X4leB_huGSFZGkq71Q08P4TSX_xwazNc-86HARKowYndpC4WGVj00ZW3GmET6RmV9pgGvmAK0fg_weJSD7BH6L225rULyk4wxLJ4IqvIHbEVz8UL0uKDUU_X25BI4HfB_yK993qC5q07wK8ediVvw4UrK7VB2oyPmNJISIvwyPRWnTckhU0-GD0rv7xEtAVlJe6S5oyp2i70G1iFkxNzO0rhaQFOiqO7vwHJiQnnWAIZCCxc3yxOQm1TN6nTYWS10TcHLn44ww3fyToMMp1GV77CvxNkZSO74GODWS330eWohXDQldy8ULLAJIHE-7JZtCsre-AzynfJSBsz9v36hgARp53MTEEzyNsXpurK1fNKuMJhkEvDAn7-MIP5LDFqxs45s8J5jq6smaEeEYyNzQ9qay68oe55TwCla-QV3CDR9TkJY4gIl2rH5_AMtdac-D1sKnPmo1bWABHTz-ReFbSo8CV-Pw4oIZ0X4_FTeT8fynqN024o3DuXzUknuBtAhldyTdz1HToXCeZRO6zx0dcRMBpx6SnpFHjdmI2lIsUjxf_ISruxwXTGVPSLkDenzpEMbWqxY4qS7GOPiaoQSZ58CebI44hI8mx-q1_6UQ&cid=CAASPeRoPmHrgLqWswByzaYnFa1ST7uLc8wpWyax_4DA_TwkLoppFDm2q7QbR0yvUkAnxn__3e3PLpuOGAi5ePw&rfl=1%2Chttps%253A%252F%252Fwww.pagalguy.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 04 Aug 2021 20:17:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5DFA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxHm8paXVrRk4OF0O4oBBYtL7LIV7b01SgY5ECcIE9msnh7GIyV8v3AQZTzVzW0Impi8gX4Xb1w1iMJVDfHd8oxNaQ0mI3wDaen7Ls684tZOBnyRAG7Pn5O7EE3dX1Tw0Pg9Gmwscljs9WEdkHIjS70A3FJw&dbm_d=AKAmf-CYhgBjyVqiUnhpP5yLr8iHJvcMzfxF-gGJ9swaT7oEkoCWCXMtZn7fEOTpELnnShTdJkrOsRxNuWv3LEF7OGlA04_Fem1qnYXWTI6S5CsEU3-Zsa3NH94vRKzT5xBjlhN7TlndEXvO0MGnMnc343AY0RD6IBwYRoTaAvSSnr7e3WqRc_TKo1CkTPmHGA8kee5dC3tVTQxM4tE7uMx9gXK8jIOgsqgEe8JEjf3U4gTuXlfdXtNoqJdlgAomcOkVHd62iXQRntIayE3khAv7T2HuhwkJJkisfNn9n1xW0Hc9TtiEiQa_jIce1YZJdx6RKpXevCI2jPWLjnNT8jrhWoFFlzQu8-IWhr1B_RwMKXxPh5VFtSTE5v1dgr-ZNezmpi7al1eeIIaneIxn-i7N1EFsmHSppQDA1KMI2vB_nuAo7NrTfw6-WjskkrwcoxUdXf1UHz1DWBTowjLKWZSFymiCRcaBqpNsQ41Yh-KSRArowDAn4qm7eoZ9lDgw3kW6bjMqLVOeSx0h8rbEa24WtBWElKjs8-JsE2pw42OCm9iBmr_EerdEc3BpxLhHc6IOvkYs7il4D4hSeGBQfUZLxvp0yrCSfHezUegsglqJ17zn9WUALYSvgg702Gftie7A5qaVjt3u4jQY4QohmHV-4UnV2MRdhLXWHAtfsE9NkkjrgTE7WkiL5CYwmsuOzei41WjULKx3MPdCff7SFWvUuUbuQ6vkraGvB57k2t2jwCtJpTCyQmqv4yEP52VtejWzWy1Y_rD6z-qo2Jjo91Vui3iwzVQwbD8XYmRODir9HrgFcyiIYuA2LTIPekoA_KWaq45_wOT4S_xyZY4jTrE20KLdopx-RBEt9Whmu0xEI1ftq1HfBDxHszrD96bUHWP4ekN17hXf-z7pRfw2jMyeIuiH-nlvknrK0RC6eXg6KtbCa-7SNn446MUsAC5dkLiactmUpADHEhf9xPBjxP1y_dQxZ13FAmBLaTpJB-RxYGyU1lzBDdXOhqYjcAVl3qlQZXCjfkwK0kss9r76eCwvbygdQNxskHdyGzkDJFs1ipLfPbvOO-j7Dpe-divajN9DbVUmXNLgnhSuDbTKhB2rAcktuLTf6EpAbjTL9nEpJzQT6_Y95T_-vVHi61-xZsTEyVjhmw8Rt5TjyLNVo0O1kIJDoP6AIJshxGWNnyWYe8VEa9qKmZWXczitVM5YwdeC1k4G2JcqvswrPqb5PXReyly4vocmJZ5J_ZCURmP7KEFfAPHkFbDDGRXVbbGhkBw8GfDGFK7fHXaYCgbbwS8VgXvP65vORnvPxajRDq52D0hcAq3s08e3kEMfOBW1T_ziG4f10BBe7hQCgTupCdyEQLww9TldJW9w_HxHh8-8Yx9Diu1RZ66V3SLrTu-tV_fk0zIn7NEmJJOST9-rkeuL5kkj5vJip0qLXr_Mr5lJhbst16YDfBPdjwOcEffcDwvdVqK8LtrbNSgYNqEIDNncdPJpu8hw7u5vrWAF5jnG8lV_72vPcVvzE6Pw-JUdWagr_GsyPggxQ1VHz0g0SEgRstZgFBkGYO5WIFRHOIWx7xlyYyt_Kg-P0pnoCnwHA4TXnQ-7ykSxI1ROQdv6Zut33bfLY4h9-TucebDw13Plig4DCkXrN1tXD0s5FkKOJmymmMrewutgmmuGTsno5cbCcweyXuI3iQNszg16O3hGBuOv7iccg8ZUgsMRcDbFmhnR6ssGctWMKHCRJouO77iLCFud0SGMJJb-g9PluY4KOaL1YfhLsQARpb_72D_xvbMI4woyxHC9XZdobZWqnYGlJuOJe0vuv_FkXlpCPus8vnwdNczmZ8AqbFOXcl1Pojct-eLIQo3rfKEGiKsMPPh2hB6SR4kXLkL7syqmctwPDjtCGzBlvvNQwR4EfBEpMFKUUW_-cg1IQJdP4Fr4U4DpRmt5r6eTsSWfo3eWpsAlwRt_ZgV6NZghk9eegiklaOgcC1-kKdSSqXOTlW0zWn2kPYKveG0FP5M-5CDUfkfDGC5NDr-kYITQy1bV_XoyNmY_IM7873m7ifuQ-HOoMJ-GMD9vnOemp_PfWTonYSUlsq26o5OxIoapQj7Vvh7v7oP0wAunjhEPJVpXLXkkGPLm9PChqKFxZeh9IPapALfO8Ih1L3XvQ1BNs07UIYWDv-DC29t2ZhuSPN9vPvNBUtC26nz-5Z7r8qzp2b3MYCEPFbae0bDzn4PoKKHt_k5FCX6A-E2La9wXIvN9Rpyk9nvIfI3Wvf-iOCnDIaiG85A0saku40CX7WpZNpB7zQopTD9C1OXisW9siFQQ0Pl8FGaS_o9s0h2QNYr85f3T-joCKnSoadChZ1Yizf9Wx5y6_22uPSu9nvPM1yCY0KHvPYrwCV-0JoxDTfsI0BnmhYuxUXjIxdfIw-ojsdEUhuBzH-43mMOhBCd5ZhLOow3gzWBpuhaQbj3ypEqzEKlUpOBk9CVKDucd8ovdxEwjum4C0ke9avKcOD_Qd34g_JMXpYvTQ-yUYIrNcNqIuPTEqOCtEzqmaXrEDMeZwlS6ts7mPRTQ2WXnHwx9BZu8ixa9r1i_yJfcW8lezQ80nJA8SFtPFYgese7ip2wOrFvDL_IFAN35r6V5Dpux6X4leB_huGSFZGkq71Q08P4TSX_xwazNc-86HARKowYndpC4WGVj00ZW3GmET6RmV9pgGvmAK0fg_weJSD7BH6L225rULyk4wxLJ4IqvIHbEVz8UL0uKDUU_X25BI4HfB_yK993qC5q07wK8ediVvw4UrK7VB2oyPmNJISIvwyPRWnTckhU0-GD0rv7xEtAVlJe6S5oyp2i70G1iFkxNzO0rhaQFOiqO7vwHJiQnnWAIZCCxc3yxOQm1TN6nTYWS10TcHLn44ww3fyToMMp1GV77CvxNkZSO74GODWS330eWohXDQldy8ULLAJIHE-7JZtCsre-AzynfJSBsz9v36hgARp53MTEEzyNsXpurK1fNKuMJhkEvDAn7-MIP5LDFqxs45s8J5jq6smaEeEYyNzQ9qay68oe55TwCla-QV3CDR9TkJY4gIl2rH5_AMtdac-D1sKnPmo1bWABHTz-ReFbSo8CV-Pw4oIZ0X4_FTeT8fynqN024o3DuXzUknuBtAhldyTdz1HToXCeZRO6zx0dcRMBpx6SnpFHjdmI2lIsUjxf_ISruxwXTGVPSLkDenzpEMbWqxY4qS7GOPiaoQSZ58CebI44hI8mx-q1_6UQ&cid=CAASPeRoPmHrgLqWswByzaYnFa1ST7uLc8wpWyax_4DA_TwkLoppFDm2q7QbR0yvUkAnxn__3e3PLpuOGAi5ePw&rfl=1%2Chttps%253A%252F%252Fwww.pagalguy.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 15:53:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:53:48 GMT
13461524531177594271
s0.2mdn.net/simgad/ Frame 5DFA 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13461524531177594271?sqp=-oaymwEOCKwCEPoBIAFIZFABWAE&rs=AOga4qmO3aqocm03xFE2byfqfvoyb6pCag
Requested by
Host: 29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
URL: https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fdb8ba90a7835a833efe142779522171c1eaa05247b91f20bbb22d52cdafbd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 14:14:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 25 May 2021 00:32:09 GMT
server
sffe
age
108187
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101224
x-xss-protection
0
expires
Wed, 03 Aug 2022 14:14:49 GMT
truncated
/ Frame 5DFA 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bbfdfaf5359d605324c8bad35f629721c2ae24d6f3a90a3986200bb202f5c90

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 5DFA 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstU7Dg53mUUZhQfkdeA3u5RQq2hil_nSsAJEK_ZTN4gRepeNBU376MAIte3-trB6eIZC-S-MWZMThNyzQb2vhAkuZFPOByjtVb1UOzhhhXPnOX8xuPRMovIe2Gw-6_V_lrkK9vJFoske8dtEetDDu9JBnjtZYp8VCvRPDgZIbfsBHmDso2eQcQBzvKvfBl45ng5WuUUAFP19s2Mq8Izf65hBg70yHcmnoI7tTfEPmszez25aWByZI1YQ37S3q25xiCiGh2r84RHIFyIi22gf-9J16A0UHLWeTVvScsciMkAKiGqLI9Bo87e3bPfoUDP5NwAf5U5mEIQuaCuv1YjmpDWJ2_maEuu3ZBjf57tA6ayixnKYuvRITFio3WJk0XJ6zoFhdN9IoLLwpFrDhNouLbANZw1KC-SRjFcwIeEj_3Q5_bV2eg4t8WREDGjasOURA0fgDdYTIObY98M3vm77YZWrKQ4FjbSdmoW1849O3Y4F-EJsaQgHFqNwTsAVzYE29x2i2h0ASrCOEWec8SSfU6fKdQEmktUoQKTehNjueDxt-x3uq8u76j03fbrJ1KrcB0JlQXDFDA4XEs5VfPOwrHlttJrzbQ1N61s-g9nxVOcp9dZzaO6JcNLNPhBR7UqlQpVcs8rlQn1Lc5RQyXKuArqZWU86L1LYoxFsqtu6RGi2gUgo-nZoMELmBHbhQtlww0APiUWlUoxiIeVPi8ZRIC7lKAwwWd4E0YaGi1kEHJ5Y5YX6qDmgB-oed4EFNtMD2p7Dc4LlsyR1sF9AVZfLNaeKU5QziZI9WCN2IapinKh0Wo2d6gFI0adIkPdzLQvDo8hfzGcz1wdTDyo7R9MbFdqYGiMOOddow8l3QPRE0tpDSmYAJP-hBqLCB1wGwy6SfrSeUWAkcOFAUyvI8pyoiHVRzt0syu_gHvu9hlXa0iykdY4LaY2fvaXzu9j1Cs8P6ejWAJrrjAzmicMd8yKzUaBm9RLwzNAKmHkeFJrtepWNcw2CUaQjh5E-n6oBgQIuZ1awcjDA7ZnNnBrfnXQGzQb4XK4MCX4jQ1HLaoty2UlnyWIusQecmtfeGVmiFiQYiD9ojN9wk_IpS7oIkX3fEwxF5UakqHpqyGHS_Wt2qbM3ykqE9m_LV-em2o0AmmPMgEhi3BPqfR-TPrED_MXN5YR4E8FjAUxzfSr3eqRgZBC54ALtqGaNAF6uRJ0lBC39g6CyATTHw2tQuIylIU&sai=AMfl-YR_x_f6XxR1zdtPVZI-bGk5c4hhHM4VPbnB3fpDac78b5XdmHC8Q4oYfU8yJbi_5vhHT55CBYOtYnirpRp4M7e6cT2hJDwYWPXBQCR_lXpLcxxN_iJGX68wv20n4_x5FkiYaLwi0P0vfbUySbaR8hSrNo5VHtir81T53Oe5UiCa6sLA4Jxa4lzjhHtU8w8eCb9pEj4xXjXa6U_ck0cN2fKQzKX_giwOK0hgWy0yGA&sig=Cg0ArKJSzPfMpeeJ0mJwEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=51&vt=11&dtpt=50&dett=2&cstd=0&cisv=r20210802.08158&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxHm8paXVrRk4OF0O4oBBYtL7LIV7b01SgY5ECcIE9msnh7GIyV8v3AQZTzVzW0Impi8gX4Xb1w1iMJVDfHd8oxNaQ0mI3wDaen7Ls684tZOBnyRAG7Pn5O7EE3dX1Tw0Pg9Gmwscljs9WEdkHIjS70A3FJw&dbm_d=AKAmf-CYhgBjyVqiUnhpP5yLr8iHJvcMzfxF-gGJ9swaT7oEkoCWCXMtZn7fEOTpELnnShTdJkrOsRxNuWv3LEF7OGlA04_Fem1qnYXWTI6S5CsEU3-Zsa3NH94vRKzT5xBjlhN7TlndEXvO0MGnMnc343AY0RD6IBwYRoTaAvSSnr7e3WqRc_TKo1CkTPmHGA8kee5dC3tVTQxM4tE7uMx9gXK8jIOgsqgEe8JEjf3U4gTuXlfdXtNoqJdlgAomcOkVHd62iXQRntIayE3khAv7T2HuhwkJJkisfNn9n1xW0Hc9TtiEiQa_jIce1YZJdx6RKpXevCI2jPWLjnNT8jrhWoFFlzQu8-IWhr1B_RwMKXxPh5VFtSTE5v1dgr-ZNezmpi7al1eeIIaneIxn-i7N1EFsmHSppQDA1KMI2vB_nuAo7NrTfw6-WjskkrwcoxUdXf1UHz1DWBTowjLKWZSFymiCRcaBqpNsQ41Yh-KSRArowDAn4qm7eoZ9lDgw3kW6bjMqLVOeSx0h8rbEa24WtBWElKjs8-JsE2pw42OCm9iBmr_EerdEc3BpxLhHc6IOvkYs7il4D4hSeGBQfUZLxvp0yrCSfHezUegsglqJ17zn9WUALYSvgg702Gftie7A5qaVjt3u4jQY4QohmHV-4UnV2MRdhLXWHAtfsE9NkkjrgTE7WkiL5CYwmsuOzei41WjULKx3MPdCff7SFWvUuUbuQ6vkraGvB57k2t2jwCtJpTCyQmqv4yEP52VtejWzWy1Y_rD6z-qo2Jjo91Vui3iwzVQwbD8XYmRODir9HrgFcyiIYuA2LTIPekoA_KWaq45_wOT4S_xyZY4jTrE20KLdopx-RBEt9Whmu0xEI1ftq1HfBDxHszrD96bUHWP4ekN17hXf-z7pRfw2jMyeIuiH-nlvknrK0RC6eXg6KtbCa-7SNn446MUsAC5dkLiactmUpADHEhf9xPBjxP1y_dQxZ13FAmBLaTpJB-RxYGyU1lzBDdXOhqYjcAVl3qlQZXCjfkwK0kss9r76eCwvbygdQNxskHdyGzkDJFs1ipLfPbvOO-j7Dpe-divajN9DbVUmXNLgnhSuDbTKhB2rAcktuLTf6EpAbjTL9nEpJzQT6_Y95T_-vVHi61-xZsTEyVjhmw8Rt5TjyLNVo0O1kIJDoP6AIJshxGWNnyWYe8VEa9qKmZWXczitVM5YwdeC1k4G2JcqvswrPqb5PXReyly4vocmJZ5J_ZCURmP7KEFfAPHkFbDDGRXVbbGhkBw8GfDGFK7fHXaYCgbbwS8VgXvP65vORnvPxajRDq52D0hcAq3s08e3kEMfOBW1T_ziG4f10BBe7hQCgTupCdyEQLww9TldJW9w_HxHh8-8Yx9Diu1RZ66V3SLrTu-tV_fk0zIn7NEmJJOST9-rkeuL5kkj5vJip0qLXr_Mr5lJhbst16YDfBPdjwOcEffcDwvdVqK8LtrbNSgYNqEIDNncdPJpu8hw7u5vrWAF5jnG8lV_72vPcVvzE6Pw-JUdWagr_GsyPggxQ1VHz0g0SEgRstZgFBkGYO5WIFRHOIWx7xlyYyt_Kg-P0pnoCnwHA4TXnQ-7ykSxI1ROQdv6Zut33bfLY4h9-TucebDw13Plig4DCkXrN1tXD0s5FkKOJmymmMrewutgmmuGTsno5cbCcweyXuI3iQNszg16O3hGBuOv7iccg8ZUgsMRcDbFmhnR6ssGctWMKHCRJouO77iLCFud0SGMJJb-g9PluY4KOaL1YfhLsQARpb_72D_xvbMI4woyxHC9XZdobZWqnYGlJuOJe0vuv_FkXlpCPus8vnwdNczmZ8AqbFOXcl1Pojct-eLIQo3rfKEGiKsMPPh2hB6SR4kXLkL7syqmctwPDjtCGzBlvvNQwR4EfBEpMFKUUW_-cg1IQJdP4Fr4U4DpRmt5r6eTsSWfo3eWpsAlwRt_ZgV6NZghk9eegiklaOgcC1-kKdSSqXOTlW0zWn2kPYKveG0FP5M-5CDUfkfDGC5NDr-kYITQy1bV_XoyNmY_IM7873m7ifuQ-HOoMJ-GMD9vnOemp_PfWTonYSUlsq26o5OxIoapQj7Vvh7v7oP0wAunjhEPJVpXLXkkGPLm9PChqKFxZeh9IPapALfO8Ih1L3XvQ1BNs07UIYWDv-DC29t2ZhuSPN9vPvNBUtC26nz-5Z7r8qzp2b3MYCEPFbae0bDzn4PoKKHt_k5FCX6A-E2La9wXIvN9Rpyk9nvIfI3Wvf-iOCnDIaiG85A0saku40CX7WpZNpB7zQopTD9C1OXisW9siFQQ0Pl8FGaS_o9s0h2QNYr85f3T-joCKnSoadChZ1Yizf9Wx5y6_22uPSu9nvPM1yCY0KHvPYrwCV-0JoxDTfsI0BnmhYuxUXjIxdfIw-ojsdEUhuBzH-43mMOhBCd5ZhLOow3gzWBpuhaQbj3ypEqzEKlUpOBk9CVKDucd8ovdxEwjum4C0ke9avKcOD_Qd34g_JMXpYvTQ-yUYIrNcNqIuPTEqOCtEzqmaXrEDMeZwlS6ts7mPRTQ2WXnHwx9BZu8ixa9r1i_yJfcW8lezQ80nJA8SFtPFYgese7ip2wOrFvDL_IFAN35r6V5Dpux6X4leB_huGSFZGkq71Q08P4TSX_xwazNc-86HARKowYndpC4WGVj00ZW3GmET6RmV9pgGvmAK0fg_weJSD7BH6L225rULyk4wxLJ4IqvIHbEVz8UL0uKDUU_X25BI4HfB_yK993qC5q07wK8ediVvw4UrK7VB2oyPmNJISIvwyPRWnTckhU0-GD0rv7xEtAVlJe6S5oyp2i70G1iFkxNzO0rhaQFOiqO7vwHJiQnnWAIZCCxc3yxOQm1TN6nTYWS10TcHLn44ww3fyToMMp1GV77CvxNkZSO74GODWS330eWohXDQldy8ULLAJIHE-7JZtCsre-AzynfJSBsz9v36hgARp53MTEEzyNsXpurK1fNKuMJhkEvDAn7-MIP5LDFqxs45s8J5jq6smaEeEYyNzQ9qay68oe55TwCla-QV3CDR9TkJY4gIl2rH5_AMtdac-D1sKnPmo1bWABHTz-ReFbSo8CV-Pw4oIZ0X4_FTeT8fynqN024o3DuXzUknuBtAhldyTdz1HToXCeZRO6zx0dcRMBpx6SnpFHjdmI2lIsUjxf_ISruxwXTGVPSLkDenzpEMbWqxY4qS7GOPiaoQSZ58CebI44hI8mx-q1_6UQ&cid=CAASPeRoPmHrgLqWswByzaYnFa1ST7uLc8wpWyax_4DA_TwkLoppFDm2q7QbR0yvUkAnxn__3e3PLpuOGAi5ePw&rfl=1%2Chttps%253A%252F%252Fwww.pagalguy.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 04 Aug 2021 20:17:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A70A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 03 Aug 2021 15:54:04 GMT
expires
Wed, 03 Aug 2022 15:54:04 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
102232
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js
pagead2.googlesyndication.com/bg/ Frame A70A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/cTVw2q3qifWF7-hfKGcY5S3uNwMbqeWNUaRSYif7uFo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 15:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
18681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13202
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Aug 2022 15:06:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A70A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRp1-9PUKYZHUEKGZrAS5op7wDAAAAAA4AeAEAg&bg=!0dKl0pbNAAals0SOpbM7ACkAdvg8WuxUjcHTw7Eywx6d0zn_n1FNTODEpB777Bncvbte_GgehGR58AIAAACHUgAAAA1oAQcKAI6L0yFSBnvGLaUQ2HTGNjujPxls5qa5ErlMYaLsd75JlQ2LZZfQERgOfDegj655e3F7SvKggp1uDLubpyTklhVEWujGRokFnvl4usQfB8OvGRMT0QKKjb3YdtpZGT32aMLGNeEUwDT4yRT08xI5sht9LE2BIpYRWliKDfUZ-OtSV9vh8US3xTO5m7voinShmQLMEJXY9dHzYdnw6xM5wFz789VONjOhO7uvvksVhnHdYZ04DQbDZboHCLKey0uXl00R3JBNH3QV0P7a_lOWMIu7nQ6GYlMSuRu_54D1cmHf5X3o19ptn9OcJH8dFOFI-GqXvjvgbdkm87Dq_eK706tYFbKJ7a5zXqpiUvy7FgbGoUv4SVD_d0fpmuhH1S_3H8Ot7FqM2wpa7q7bSF50GASlzRShtNIRCOKIDJ6Ur-OOMD9ImwbroDj6Zr_qQ-d3tolnbr-P72McjMMwQ9WbDv8i0r3Ii30E96hfepSCc4Bbr4xWCVr4BFV8OvaNwBMKOAY-gOqkXCL2s-jvZDaf2rCr2uhkyIQGMT3Yd-gS6xv59VdhHnJzjnxW-nIW6UDr74dw_zvAcsVWINyptsU73PCS7fceSUEKs2ZftjvLLPirML70ubfhz1ZotMTsMgTat6e0eTfD0OXZMYs0LbnSvCMDVm1q2eRg_oQThyOsyzN3yFxlLDccykEo2jka1-VzOpWtkR0OZ5MObLHm9dzNo4IwJfLAMC1lexalDf-BFw8G1izbLxQpn-taC-WA-m2__n-51h6xsdnPUpfI88DUGQYOqbpT-303ldAMZlM-sO4GCjlA_WzgUppTa3ayY2sZzaisa_IxBqsh4PJ770DUOepZv1zIRo0Q-Y1SPvUMRm06SZ6a1P6Bzz8fl3MVABLnB6md0reNChfz45kYzUpN57Bn7AjvU8T1DSqwJ4_qTivCXs_nYrMUmN_gC8YLAeak41ULTOY5ePOT3LJqEPHgRThZV95l0105CcyP7QrfZ-Hy12UpHHG2XAJ7lpgCXXPF6NukDvcbm12ocWCwTPyCk9V6apl0l4qAu7LKTNBowMDOSZTWbjfCuiA_QP20JtOO5w-FQM00wUqFv7SMcieGeqJZlXNVzsEKqY-8C7hxsHX2z_mU_6MMGogTa8Y_GVY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5DFA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuboWgungMcDqd6YKQbxMGRI274wt9rFZ0rAHd_wt-bOSKxaeSwfF8sL508nwq4d6GikRLQ0y4Jr4SYsrbcyoTzOU2QqILMstEmBPQLDcMyCUobh40u-DU9D8sfNw&sai=AMfl-YQRwoQySWbG1W3gQ2A3UYEHkqqIvmW335Kr90nWGh6TuRR7XNUcsF-cA_ds4TFqCBxOO_qmcMqkTT-zpUt3QpB2zrxnaCqtcdkuNHGQPgeyCdkkqmuZqFJkJfE&sig=Cg0ArKJSzAQUPgAwL2cTEAE&cid=CAASPeRoPmHrgLqWswByzaYnFa1ST7uLc8wpWyax_4DA_TwkLoppFDm2q7QbR0yvUkAnxn__3e3PLpuOGAi5ePw&id=lidar2&mcvt=1000&p=1031,650,1285,950&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210802&bin=7&avms=nio&bs=0,0&mc=0.66&if=1&app=0&itpl=20&adk=1612113158&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628108276243&dlt=8&rpt=1&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame 738C 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=2211889234918545357@@43161537,2477049693276268742,100|4500|0|0|0|0|0|0|0||176|1|||||1|0|0|Dovwm0hA2VBcPlakbYq96ZlSSFH4f8b5AfPW6FA1bULKOzC5FyNC0Ym3nyX34Xgm0|||01|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 20:17:58 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| loadStyleSheet object| googletag function| snaptr object| r object| google_tag_manager object| google_tag_data function| fbq function| _fbq boolean| triedToSendCookieToNative object| WebJSBridge object| __INITIAL_STATE__ boolean| DOM_CONTENT_LOADED object| core object| firebase object| ggeac object| google_js_reporting_queue function| webpackJsonp object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| Pusher object| __algolia object| IntlPolyfill function| _ object| __consolidated_events_handlers__ object| FB object| observer function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| udm_ object| _comscore object| COMSCORE object| ns_p number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| ps_instream object| PlayStream function| ga object| gaplugins object| gaData object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_91239 function| processGoogleToken object| googleToken object| googleIMState object| closure_lm_663659

6 Cookies

Domain/Path Name / Value
.pagalguy.com/ Name: _gat
Value: 1
.pagalguy.com/ Name: _ga
Value: GA1.2.1018949766.1628108273
.pagalguy.com/ Name: _gid
Value: GA1.2.31682174.1628108273
.pagalguy.com/ Name: _scid
Value: e2fc79d8-30e5-469a-8c0b-9660a3ddf68c
.pagalguy.com/ Name: _fbp
Value: fb.1.1628108272240.1291967903
.pagalguy.com/ Name: _gcl_au
Value: 1.1.1291037719.1628108272

61 Console Messages

Source Level URL
Text
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 189)
Message:
[2021-08-04T20:17:52.434Z] @firebase/app: Warning: Firebase is already defined in the global scope. Please make sure Firebase library is only loaded once.
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api log URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 127)
Message:
AD LAYERS: [object Object]
console-api log URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 127)
Message:
AD SLOTS! false
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api log URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 127)
Message:
NO AD SLOTS!
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api warning URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 561)
Message:
Lockr could not load the item with key self_v9
console-api log URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 11)
Message:
[GA QUEUES] [object Object]
console-api log URL: https://www.pagalguy.com/assets/bundle-main-5256774f614593bad890.js(Line 127)
Message:
AdV2 processAds 13 1
console-api log URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 176)
Message:
[ 0.000s] [studio.sdk]
console-api log URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 176)
Message:
[ 0.013s] [studio.sdk] Using default ad parameters in test environment. Simulating local events.
console-api log URL: https://app.playstream.media/js/instream/instream.js(Line 2)
Message:
%cPlayStream - %cInitializing PlayStream color:red; color:red
console-api log URL: https://app.playstream.media/js/instream/instream.js(Line 2)
Message:
%cPlayStream - %cScroll Event Started color:red; color:red
console-api log URL: https://app.playstream.media/js/instream/instream.js(Line 2)
Message:
%cPlayStream - %cThe response does not contain any valid ads. color:red; color:red
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js(Line 6)
Message:
The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

29c4366d664636cc684d05f0dbed224b.safeframe.googlesyndication.com
acdn.flickstree.com
adservice.google.com
app.playstream.media
as.ge.pgstatic.net
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
res.cloudinary.com
s0.2mdn.net
s1.adform.net
sb.scorecardresearch.com
sc-static.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.snapchat.com
track.adform.net
visitanalytics.userreport.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.pagalguy.com
13.224.193.34
13.224.96.37
13.224.96.66
13.224.96.91
142.250.184.226
142.250.186.66
185.33.221.14
2.18.234.21
2600:9000:20eb:200:8:3ed5:e880:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::393
35.186.226.184
35.201.114.91
37.157.3.28
37.157.5.72
88.99.215.229
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10138f4262249a503e434cad06f7b6cf2ad5fcb144652fbbb0f1cc935c82fead
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15fbe313cb854871f6c509625836d2c357a045f6547cc7b7703effddbfce7b47
1ada418dd8632e380b13887eeb3d3b030a930721b04a3bd0aa571d7786397c72
1b2e12c075cbb646404f424d5683e8070b81c6ea9d6b07161a7057a86645ed30
1bba3dae0c5bc59ddbdfa88c3f1d32d24193a9bf23d3cc91669100cb6be36f11
200bab94b898cd8f4a89b2ab0ba5f4e820b946d1892ea35149e666586da42f2c
229a12c725a0736633d5d89235901d78c391b11c4c59665e338f9c292c985604
25dc940b7795073e79da33da04b3bec9ff7577711a4eaa3fbc5f4d96169a5210
2b50c0e51cf09f44ec138dc7e40e8bce5caa109ed66490bb1dd460ddb667cc9b
2b9e1f4a7913eb5b29d8b1fbe6b64992fb7462abc3d0b523a82c0b3a69cca2a1
2cb385380d613ae4968b465fc7ac539348c5194f3e9cc941f5150e076e5f407a
323518ae3240858cdf8377f5fa14a0edb141adfeae38f432801267340389447d
3391e827aae64d0b6b12715ca02a96496b97a38c8b8b2e835971876aeeb41367
33a5cbdc9f176f43bd994e3c3fb812097e358e79488e0251f213b623f8a3356d
3a134a4f4968b6d1236867542326458915854a8f1c52d4235b8e952ead82dffd
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3d5c86c9f0e808bbcc5428a28aec61b7aad82b49b8d178c9f8df2cbae3bd9ac7
414bf79e6c636ecf1482fd75e212b6dd43412fae7cc945921fa33ccf29f1b11b
42c2d83676a2ac2848ed3ca16930cc23a1d1af089dfa55ac39bcf21ebb9e2a1d
44b9a9d2c3baadad3ce45a7368c567c905db6d1473139b93b50123e3197e20c5
4507b4e3cc99e263174feacfb82ee385d28f874ca44677cef09da95f709668d2
45f86c66866b749253fd5bc4d2411c08b213175260ea6dc88d7833659342b8ed
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
519272ded2722b716ff2639d808492b3f7a1f2eb1c311ec75dca3e3ec1838797
58a360f78aef78229dbb8fa213ed96186c858ad096b5fe32d6e4733dc4e82c98
58ee36480aa68e791322f58872f412e74002d6ed20de2bb8ea2b69d95487b903
5acd9bae126b09d1760eee11a877082036df997111036c2cbfe97ead1423e462
5f75ed05654fa2ce00a8797311c857412741cd29799220058468db371f84849a
5fdb8ba90a7835a833efe142779522171c1eaa05247b91f20bbb22d52cdafbd1
60723cbbee76bb826441202f0f8bac320431190f81f696a0a6c069003c406f19
613dca4e10c21b87aaeb1a8b43582fa057543d58d3389d4ddce2af1ca4d2b167
67b451a89cd17c8f60d588b35b793ae8c9fe77b120232ccb2774e31d9d2e027e
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
6bd9364a0bff9ccf87d633b5c5197205f4e9fd0c7f035fd7888ac428aed0bf80
6c1ab4354d01407c129a5879dcd04c2bb7a289d6e915f09e02f1a96c79e253e9
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
713570daadea89f585efe85f286718e52dee37031ba9e58d51a4526227fbb85a
72d001ee2e11a41861ca143d3e3175953525e83a46d6a96e23e6a56aa8a05c53
77114a79d52a211183732f50785ae7e5754649b2f8b556ca6e9412ec400eda57
7b0437453acc527dd58c4e62621cb400633e84a72d44c32e08c4dcbdffa55f8e
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84cb24d1a9681228aa3ffe6871878174b9514540b29ecc286efe81959a3b8d93
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87012dcbe31d4f5924907b3446e82f05946023c5283328016d1996ad8003ba96
8936d879b73d7d194213cd710ed803d3d836b856725fb392e919ccef96306adb
8bbfdfaf5359d605324c8bad35f629721c2ae24d6f3a90a3986200bb202f5c90
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d29bb2dd9583f3cb68787a92bd217c953ce3198a5a1421a1abeab24422931bc
8e7fdb4d9f444a44d1c1dfe1ade065b7c16e61b8bea231a616b347effa35359c
90061186c50213da184641262f6d5360a908c7249b19a3e4b415804bec804b48
911c4927660adbc441504c59932f940ae550bda3f745257cffbed228ce5f75f9
92d9d0b79b806f07e777d7cfe8e5fa6a7ab8739837f8be1f540a4ec2ae6737bd
93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9680c8a4ea6c755d45a980c0d1579eaa9aaab4843126fd473726c9fac4886353
96f2fadca9ec95155d380c6ab6caf05b4f11a270e3dad15338946135d576b6fc
976267e46c8c1c02520c90555d198d5710876504391edd18e29ff0f4f4ec86d9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197
a99bf1063c70f0aa80ae036a6c1be4e7f9e6a04f9f9cd5ddc61a4c07cc4c9b0e
aa6952857ab4d540c5c1160e47d09e90ebaa6b4274415ba17d086acc489e3cea
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d21745be03e1c6e39143306529a3d28942784569e2d19afa845cbc430b1c73
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8d5564f5798a3e45b52bb3380965e4f66faad847d51e54d4d2d5a899f266e36
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf69ec0f66506711f59d97a86384aa123f8af2ab81c437c25311ad2139ad81a6
c0a586663709d67024b54bab734a2f730e2819d8351faaf1a9eb3f475c367666
c13e2ba2aa8d423a9a5d0a846214aaf2b8ee5070f75eafc8534fa056ff7d3f26
c14b77ce1e567c1dd83550ce992c6283be83c910547b37cc2a725bd8f82e498e
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a
c441bbf89d0d9390e8b0148ea04b49e3ceeaee39fe451b6cbef7b3ed39ef25b6
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c8e096e7196964fbfe05d1422b5f55f27e43052f9709d00919ac648d23f6cca6
c96de0e8b35eaf5e6dfac6d067309fa76d6ad998854bcfc87035c21d081bdc0e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d701a7e5ef293a8e6870fc1a460c17955d3f96cc6152265f7f5de09b8c2841f3
dad3d994075f0626204fcf0029d7e0118c557a57699194490a16d766ef59e2ee
dc56f87b67d1c293ec96a34e0a46a0879962ad792fd7334e4c8b24337037dcdd
e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d07f572f1816074ec4047f74e047c837977e7d24746de785ffa89a416478f1
e4c9e5c11cf6430570dca3f6979b72b66e1dd5c21c013ee4ec2ae98d8bd8ceb2
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e635a151ae79f1f8a17aec79f96bddb164b751445fb93f80d0357390560e65b6
e8ad80b5d483ea82dec9afa543dc1f73c68318ea3066f2f2cd35418807cc6374
ea5c413e9ef1d052c546e3249c2f7b7dbcbddf2300f86c480d66fd20215e3ef8
ec2d58d9bbf982e9470b0cc01e6425ab7e1037f4754cccf741f76af0c72e076d
ec7099b16862fff67fb4e9b309cf177608433c56980453e2ed896a7dcc72bbfd
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1eeaa7f7457ebf13d9336901afb582e8ddd7c51e2c0cc9f602e353d5d1e9bc7
f223ffc5d3bd6cd805b0d9e8f9fa1d7933e5e4e25750e1e4253ae8e17efd089c
f24b5e099d8662fee8a536ca50a633c9c8f4586e492812d46df238a1edecbcf8
f9acc78ac92794ae9e1095830e0abfa582fcfac544dba4940293e37b6cca9c9f
fc6b424bfb99ad902889a0dd1614ddc78808c8544ef8eb8f4b213cd6d74c12f6
fd11294e1f6694dd7401880736deb6bbdf6429724fcdfd868f6238c0d5b2d2dd