willyoupressthebutton.com Open in urlscan Pro
158.69.124.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://willyoupressthebutton.com/
Effective URL:
https://willyoupressthebutton.com/
Submission Tags: falconsandbox
Submission: On August 09 via api (August 9th 2021, 12:25:30 pm UTC) from US

Summary HTTP 101 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 14 domains to perform 101 HTTP transactions. The main IP is 158.69.124.117, located in Montreal, Canada and belongs to OVH, FR. The main domain is willyoupressthebutton.com.
TLS certificate: Issued by R3 on July 14th 2021. Valid for: 3 months.

This is the only time willyoupressthebutton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	158.69.124.117 158.69.124.117	16276 (OVH) (OVH)
1	2600:9000:219... 2600:9000:2190:e600:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:219... 2600:9000:2190:f400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:2800:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
7	2600:9000:21a... 2600:9000:21a1:b000:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	52.29.0.64 52.29.0.64	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
101	24

18 158.69.124.117 (Montreal, Canada) 1 redirects

ASN16276 (OVH, FR)

willyoupressthebutton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.fobreg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api4.fobreg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fobreg.justey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:e600:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:f400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:2800:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:21a1:b000:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.0.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	584 KB
16	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	77 KB
12	unpkg.com unpkg.com	11 KB
10	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com platform-cdn.sharethis.com l.sharethis.com	49 KB
9	fobreg.com static.fobreg.com api4.fobreg.com	138 KB
8	willyoupressthebutton.com 1 redirects willyoupressthebutton.com	131 KB
7	google.com 3 redirects adservice.google.com www.google.com	1 KB
4	googletagservices.com www.googletagservices.com	140 KB
3	google.de adservice.google.de www.google.de	1 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com www.googletagmanager.com	91 KB
1	justey.com fobreg.justey.com	5 KB
1	googleadservices.com partner.googleadservices.com	667 B
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
101	14

	Domain	Requested by
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	unpkg.com	willyoupressthebutton.com unpkg.com
11	pagead2.googlesyndication.com	willyoupressthebutton.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
8	willyoupressthebutton.com	1 redirects willyoupressthebutton.com
7	platform-cdn.sharethis.com	willyoupressthebutton.com
5	www.google.com	3 redirects willyoupressthebutton.com tpc.googlesyndication.com
5	static.fobreg.com	willyoupressthebutton.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	api4.fobreg.com	static.fobreg.com willyoupressthebutton.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.googletagmanager.com	willyoupressthebutton.com www.googletagmanager.com
1	fobreg.justey.com	willyoupressthebutton.com
1	www.google.de	willyoupressthebutton.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	l.sharethis.com	platform-api.sharethis.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	platform-api.sharethis.com	willyoupressthebutton.com
101	22

This site contains no links.

Subject Issuer	Validity	Valid
willyoupressthebutton.com R3	`2021-07-14` - `2021-10-12`	3 months	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
fobreg.com R3	`2021-07-14` - `2021-10-12`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
admin.fobreg.com R3	`2021-07-14` - `2021-10-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
fobreg.justey.com R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://willyoupressthebutton.com/
Frame ID: 6A67E6FD8B9D57AE42BF65FA7EA05645
Requests: 58 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: D331E8984BC13FC4C721E297865731CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html
Frame ID: B479C6DD92315421CA516A3397269207
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=8344291091&adk=2346721274&adf=4083474988&pi=t.ma~as.8344291091&w=368&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908974&bpp=9&bdt=5009&idt=2705&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=5304497177021&frm=20&pv=2&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KncbaWBEqS&p=https%3A//willyoupressthebutton.com&dtd=2849
Frame ID: DD707636A037B8BD0A58DC3DC9189F20
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=5251223890&adk=3030527107&adf=3492069439&pi=t.ma~as.5251223890&w=800&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908983&bpp=2&bdt=5018&idt=2912&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=400&ady=802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IXUmk0KIVn&p=https%3A//willyoupressthebutton.com&dtd=2956
Frame ID: 987EB4FDD2CD674CC878AD76D57B382A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=2297757494&adk=1083418518&adf=4096012358&pi=t.ma~as.2297757494&w=368&fwrn=4&fwrnh=100&lmt=1628511912&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908985&bpp=2&bdt=5020&idt=3064&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280%2C800x280&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1232&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DfnDuQVkh5&p=https%3A//willyoupressthebutton.com&dtd=3074
Frame ID: B507E74F30BE2BABAED56A6D2DD3C652
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&adk=1812271804&adf=3025194257&lmt=1628511912&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511909007&bpp=2&bdt=5042&idt=3165&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280%2C800x280%2C368x280&nras=1&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=3217
Frame ID: C4813CB89C648FF671207004036BF3A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: DFB869DF6B6E9AC5A592E630EC735E7B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A170B39605E5F9645336028B9CA9F53D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B3D26DA122650F249FEE2137E83A9F6E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js
Frame ID: A4BC8A4940BDEE883502860982A4FB8C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js
Frame ID: 8B9B0E5EFFE6A43C6E8445E7786FEC36
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js
Frame ID: DD836440A99341DC43D386D946CA9FCD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 08CD39EFDF8EF801BA0BE3D767CCDB71
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 69A11EC9CF4D7689BD1593FA2634E67B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://willyoupressthebutton.com/ HTTP 301
https://willyoupressthebutton.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

101
Requests

100 %
HTTPS

87 %
IPv6

14
Domains

22
Subdomains

24
IPs

4
Countries

1250 kB
Transfer

2931 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://willyoupressthebutton.com/ HTTP 301
https://willyoupressthebutton.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 90

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

101 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
willyoupressthebutton.com/
Redirect Chain

http://willyoupressthebutton.com/
https://willyoupressthebutton.com/

11 KB
4 KB

454ms
176ms

Document
text/html

158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 / PHP/7.3.29
Resource Hash: ff48fb30a239cee2de7188f745f73448a213a7bc19ac52937ee277b4fd5b8872

Request headers

:method: GET
:authority: willyoupressthebutton.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.20.1
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.29
cache-control: no-cache, private
date: Mon, 09 Aug 2021 12:25:03 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IjluMnhrVkUrbzVxRno1bklkSGFnUlE9PSIsInZhbHVlIjoiSVBzSlFSbFFlTENQeWY0Y0ZJSUVubmZidzNabkp0ZnUrU3hDY29tamlHZGw0WC9zTktHbTNWcFJJZVRFTkFiMEdLY3ZRMUo0SXYyWk1PdE51U0hqT0czVU1La3ZGb1hVclBTYXhrQ3daZE85SEhOdjExdWI1My9hQXpKL0hvWjYiLCJtYWMiOiJhZmVlMzU0NzlhOTAwYTBlOWYxODIxMjhkZTA4YWZhMDEyNzczNzZiZGZlNTUxODc4MThmNzMxNzRhYjcxY2UyIn0%3D; expires=Mon, 09-Aug-2021 14:25:03 GMT; Max-Age=7200; path=/; samesite=lax willyoupressthebutton_session=eyJpdiI6IkZQcnhrMXArYlkwV2NwRjkzcVZ4UEE9PSIsInZhbHVlIjoiWnBJM2xkbVB3aU9ld3lsV09OL0tRZ3ZtTGFtMjZCWk9GWFBIcXU2dEFrR25EVlRmeis3dTB1OTdpaU5Fd3REMXZoRGIxeiswNzJQbllIV2NMSjdab0dYeEZLSUZsVDJkYmdneDF3ZUZNYStnZFdLU0tCTU9nOENzYmxPa2E1U0kiLCJtYWMiOiI0YjE1NDAxNDRlMWJlYWQ0YTRiMjY4NGI4ZmI4OWZmZTljMTM0Yzc2Y2FhODdlOWZjZTI1NWYwMjNlNjdlOThmIn0%3D; expires=Mon, 09-Aug-2021 14:25:03 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip

Redirect headers

Server: nginx/1.20.1
Date: Mon, 09 Aug 2021 12:24:58 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://willyoupressthebutton.com/

GET
H2 200 jquery-3.5.1.min.js Show response
willyoupressthebutton.com/ 87 KB
88 KB 249ms
239ms Script
application/javascript 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://willyoupressthebutton.com/jquery-3.5.1.min.js
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

:path: /jquery-3.5.1.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: willyoupressthebutton.com
referer: https://willyoupressthebutton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:04 GMT
last-modified: Wed, 21 Oct 2020 03:17:26 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "5f8fa846-15d84"
content-length: 89476
content-type: application/javascript

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 186 KB
42 KB 96ms
16ms Script
text/javascript 2600:9000:2190:e600:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:e600:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 572cc391194c430b6c2d54711336747c61c26caca871bfe881ddb153dcc8c8f7

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:18:37 GMT
content-encoding: gzip
age: 387
etag: W/"2e72d-DBEWLnQDQyOeqYgRhmupyANAHZs"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: -z6k_VMmpskTdD7ILL1X-Uev5Xty4wX5I6UeDkWrvEwFBgoqJSw_lw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
49 KB 1032ms
49ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3518fe7d26d5247b173af463426cb2b3215abfa3848ca33d871055cc94b5be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49445
x-xss-protection: 0
server: cafe
etag: 12364812339251644168
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Aug 2021 12:25:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
41 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-41783386-1

Requested by

Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e23a470c651d1238ecd27546b6e85cfe0f1fae64a694baf9bf4ef1c09d7082c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:07 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41596
x-xss-protection: 0
expires: Mon, 09 Aug 2021 12:25:07 GMT

GET
H2 200 script.js Show response
willyoupressthebutton.com/ 9 KB
9 KB 362ms
353ms Script
application/javascript 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://willyoupressthebutton.com/script.js
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 55ea41e3a07a8c906d6de2fe91ecadc3e3c9f651b2058074d5f6fb6a70409ffa

Request headers

:path: /script.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: willyoupressthebutton.com
referer: https://willyoupressthebutton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:04 GMT
last-modified: Fri, 23 Oct 2020 01:34:04 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "5f92330c-2274"
content-length: 8820
content-type: application/javascript

GET
H2 200 style2.css
willyoupressthebutton.com/ 20 KB
4 KB 359ms
351ms Stylesheet
text/css 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://willyoupressthebutton.com/style2.css
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 49622fbe7651570ea1139ebe39d7302b1b580486548464dbfbfe7e07a05b8a6e

Request headers

:path: /style2.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: willyoupressthebutton.com
referer: https://willyoupressthebutton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:04 GMT
content-encoding: gzip
last-modified: Fri, 23 Oct 2020 02:32:14 GMT
server: nginx/1.20.1
etag: W/"5f9240ae-4fa6"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 smartbanner.min.css
willyoupressthebutton.com/smartbanner/ 3 KB
1 KB 361ms
353ms Stylesheet
text/css 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://willyoupressthebutton.com/smartbanner/smartbanner.min.css
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 111d5349381a9e8f6e2fb551a06de98feb7b7957ba1eff38443f9e696519683b

Request headers

:path: /smartbanner/smartbanner.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: willyoupressthebutton.com
referer: https://willyoupressthebutton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:04 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 01:58:54 GMT
server: nginx/1.20.1
etag: W/"5f8f95de-c5c"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 smartbanner.min.js Show response
willyoupressthebutton.com/smartbanner/ 13 KB
13 KB 361ms
353ms Script
application/javascript 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://willyoupressthebutton.com/smartbanner/smartbanner.min.js
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 682a17f0b5673976fc1af4c8c54b0941bb4b8f7c46745f56a33f8cc7ada4a2cc

Request headers

:path: /smartbanner/smartbanner.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: willyoupressthebutton.com
referer: https://willyoupressthebutton.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:04 GMT
last-modified: Wed, 21 Oct 2020 01:58:54 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "5f8f95de-34ef"
content-length: 13551
content-type: application/javascript

GET
H2 200 ionicons.js Show response
unpkg.com/ionicons@5.2.3/dist/ 962 B
517 B 39ms
31ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons.js

Requested by

Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

937e1da6a3f1f5f56d7c7f68d47217686d4d73881a6332607eb9769f9e50bc5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:04 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10517833
fly-request-id: 01F2VZCCN6FC03ZQXQBZVPQESX
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3c2-ekNqUptqD1AEc5D0dUT6kSacGE0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 67c0f70868be1f31-FRA

GET
H2 200 5f9045b6bd70ad0011e012b9.js Show response
buttons-config.sharethis.com/js/ 410 B
785 B 1139ms
26ms Script
text/javascript 2600:9000:2190:f400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5f9045b6bd70ad0011e012b9.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:f400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6df7c76383033d98f8787f082f4ae13fb0811a7fffab1bd8598ed017ac059805

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 09 Aug 2021 12:25:08 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 21 Oct 2020 14:29:11 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "d945faee4a026378a795d290e3499f34"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 410
x-amz-cf-id: Za5vNkv_ntgi7pAPAzS6t5aURxekxXQ3UJ_C7z9oVRGJIW28dk9fvQ==

GET
H2 200 get.php Show response
static.fobreg.com/latest/ 251 B
267 B 1238ms
133ms XHR
text/html 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fobreg.com/latest/get.php?w=[%22auth.js%22,%22comments.js%22,%22auth.css%22,%22comments.css%22]
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 / PHP/7.3.29
Resource Hash: b3e4f0a389483ebab929629e2e25a2acde6e2bc2410f6dd6b73b2a0c800006ae

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 09 Aug 2021 12:25:08 GMT
content-encoding: gzip
server: nginx/1.20.1
x-powered-by: PHP/7.3.29
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 ionicons.esm.js Show response
unpkg.com/ionicons@5.2.3/dist/ionicons/ 335 B
644 B 38ms
14ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.esm.js

Requested by

Host: unpkg.com
URL: https://unpkg.com/ionicons@5.2.3/dist/ionicons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9164e9e61772747c5cb442694612e0059544001673b79fb88d326b6fc0c008ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://willyoupressthebutton.com
Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12017038
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"14f-6q7cP/2WOxXfiij0/H6SoJ2icJE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: a13dce9ba8e371a2fd6423852fd5f1d6
cache-control: public, max-age=31536000
cf-ray: 67c0f71c3c114a68-FRA

GET
H2 200 1.png
willyoupressthebutton.com/assets/images/ 12 KB
12 KB 133ms
132ms Image
image/png 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://willyoupressthebutton.com/assets/images/1.png
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/style2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e1e638e79714506ef0563f9b2162a10fe0aeb18da857b12ac78b9a5b10b4c162

Request headers

:path: /assets/images/1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: willyoupressthebutton.com
referer: https://willyoupressthebutton.com/style2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://willyoupressthebutton.com/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:07 GMT
last-modified: Thu, 01 Oct 2020 00:17:22 GMT
server: nginx/1.20.1
accept-ranges: bytes
etag: "5f752012-2f60"
content-length: 12128
content-type: image/png

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame D331 2 KB
1 KB 13ms
12ms Document
text/html 2600:9000:2057:2800:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2800:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://willyoupressthebutton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://willyoupressthebutton.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Mon, 09 Aug 2021 12:03:25 GMT
cache-control: max-age=3600, public
etag: W/"865-g9QqzjbIJI1xmvSY3DM2A/8Cpl8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 7O-BGvNiqiCg-STuIRmVde5Ld2ivCQ3PbzDqQ5zbyRuQ8soUVYT2Ew==
age: 1303

GET
H2 200 p-6f4eae92.js Show response
unpkg.com/ionicons@5.2.3/dist/ionicons/ 8 KB
4 KB 26ms
24ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-6f4eae92.js

Requested by

Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

998017d8e261ff05c8beb90beacc69fd6c8071b1695ed87a9a6d33a3b3caa7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://willyoupressthebutton.com
Referer: https://unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.esm.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:08 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10548181
fly-request-id: 01F2V2ECFP6KAA10CNC1X72NFE
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1f7c-gfDDha4bujGL8M3AApXNE3RBbwQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 67c0f7221b7a4a68-FRA

GET
H2 200 p-4372c4bc.js Show response
unpkg.com/ionicons@5.2.3/dist/ionicons/ 1 KB
854 B 23ms
21ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-4372c4bc.js

Requested by

Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88432d4a953719ca1962f867cc4166caf9e6cdf2da51a540991256d63935fded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://willyoupressthebutton.com
Referer: https://unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.esm.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:08 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10184425
fly-request-id: 01F35XB9TEYRBKP59CN4MHV7D4
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"4a1-eLv8UEu9cOFw7ZcY76wJ+IRRvYI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 67c0f7221b7e4a68-FRA

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
50 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M9D29HCVWJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41783386-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b90eb81e18717c45d76d5394e96f4fa468059a2f911a7e0061a3478fa9061499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51211
x-xss-protection: 0
expires: Mon, 09 Aug 2021 12:25:08 GMT

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
679 B 1342ms
15ms Image
image/svg+xml 2600:9000:21a1:b000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook.svg
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a1:b000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 30 Jul 2021 07:55:04 GMT
via: 1.1 a9aeb6a2d302af49e6afb35d62b60576.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 880207
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: MUC51-C1
accept-ranges: bytes
content-length: 301
x-amz-cf-id: eNEogV3yJetFaL6LjGP-drHWxMwWrtKqa_v3vbaaK_M8PmQrP0V1Yw==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 1340ms
15ms Image
image/svg+xml 2600:9000:21a1:b000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter.svg
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a1:b000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 03 Aug 2021 12:03:15 GMT
via: 1.1 a9aeb6a2d302af49e6afb35d62b60576.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 519716
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: MUC51-C1
accept-ranges: bytes
content-length: 731
x-amz-cf-id: qKL6Fg09kjUKc_Vvheh4p0CcBqoRToYaW7RoBnfaVhUDthgLF9i7kg==

GET
H2 200 reddit.svg
platform-cdn.sharethis.com/img/ 910 B
1 KB 1323ms
16ms Image
image/svg+xml 2600:9000:21a1:b000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/reddit.svg
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a1:b000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Jul 2021 19:38:10 GMT
via: 1.1 a9aeb6a2d302af49e6afb35d62b60576.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2393221
etag: "78d796ca648d8a5e665b48ed0217c56a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: MUC51-C1
accept-ranges: bytes
content-length: 910
x-amz-cf-id: fOPqYiVKIPLW6-TeTtZObAxThtTPC2NUfARjecsfhm9aRoA5ohoGYA==

GET
H2 200 tumblr.svg
platform-cdn.sharethis.com/img/ 527 B
905 B 1323ms
16ms Image
image/svg+xml 2600:9000:21a1:b000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/tumblr.svg
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a1:b000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b69c145ec5f533d842c8b9fec881aefef9446624ebcb3af4f658e44e34c0eba

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 27 Jul 2021 02:17:57 GMT
via: 1.1 a9aeb6a2d302af49e6afb35d62b60576.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1159634
etag: "a282542db980548117439e679138aa6f"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: MUC51-C1
accept-ranges: bytes
content-length: 527
x-amz-cf-id: mMZ_W9b4946_RZA6Uawfhf9EKih9Q_tFGw4zeepX62WAj_2EUYOi2w==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 1323ms
16ms Image
image/svg+xml 2600:9000:21a1:b000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a1:b000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 13 Jul 2021 19:28:44 GMT
via: 1.1 a9aeb6a2d302af49e6afb35d62b60576.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2307387
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: MUC51-C1
accept-ranges: bytes
content-length: 771
x-amz-cf-id: J7I4YZ2pDmqBUmdpCv6eH5JF_2i3ex8yWL-HIZrgy1iCb6CW-jrQPQ==

GET
H2 200 digg.svg
platform-cdn.sharethis.com/img/ 454 B
833 B 1302ms
17ms Image
image/svg+xml 2600:9000:21a1:b000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/digg.svg
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a1:b000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d3b65668a48c9a2000b8643c2826450fce6dd9a2d452a23637542161dd3c69a

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 21 Jul 2021 00:58:06 GMT
via: 1.1 a9aeb6a2d302af49e6afb35d62b60576.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1682825
etag: "b18c239b4e95e30fb0cee6f2f6a3a584"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: MUC51-C1
accept-ranges: bytes
content-length: 454
x-amz-cf-id: -n3CVdPt0FBS38yZc7LpDIA_L42Vuvn8SMB_IOQETfHOwQEG3v9grw==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
893 B 1297ms
14ms Image
image/svg+xml 2600:9000:21a1:b000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a1:b000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 17 Jul 2021 20:01:02 GMT
via: 1.1 a9aeb6a2d302af49e6afb35d62b60576.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1959849
etag: "deecdaa377907db5cc1722fc831670a1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: MUC51-C1
accept-ranges: bytes
content-length: 514
x-amz-cf-id: wDCsAmswmKoa06zIf2eF2DVGwPGzVZsgfqpHHqT3_xTfhJqw7nP5Cw==

GET
H2 200 auth.js Show response
static.fobreg.com/latest/ 180 KB
55 KB 525ms
259ms Script
application/javascript 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fobreg.com/latest/auth.js?v=1601490734
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 1b68e053b0500ba6873ea2b4bfffca6789dc090cf7a82d5817aa211e7b682042

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:09 GMT
content-encoding: gzip
last-modified: Wed, 30 Sep 2020 18:32:14 GMT
server: nginx/1.20.1
etag: W/"5f74cf2e-2cfb9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Tue, 10 Aug 2021 12:25:09 GMT

GET
H2 200 comments.js Show response
static.fobreg.com/latest/ 143 KB
50 KB 524ms
259ms Script
application/javascript 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fobreg.com/latest/comments.js?v=1603397973
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: ad22883d445c017dee3f2498a845024b394a276fc050bb07da89d2b17f5d5b76

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:09 GMT
content-encoding: gzip
last-modified: Thu, 22 Oct 2020 20:19:33 GMT
server: nginx/1.20.1
etag: W/"5f91e955-23d16"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Tue, 10 Aug 2021 12:25:09 GMT

GET
H2 200 auth.css
static.fobreg.com/latest/ 261 KB
30 KB 504ms
241ms Stylesheet
text/css 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fobreg.com/latest/auth.css?v=1601490734
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 0a5c038eacffbe09d559984b66686533013461e4f967205cbe0c5728579e9cc4

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:09 GMT
content-encoding: gzip
last-modified: Wed, 30 Sep 2020 18:32:14 GMT
server: nginx/1.20.1
etag: W/"5f74cf2e-41586"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
expires: Tue, 10 Aug 2021 12:25:09 GMT

GET
H2 200 comments.css
static.fobreg.com/latest/ 4 KB
1 KB 516ms
258ms Stylesheet
text/css 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fobreg.com/latest/comments.css?v=1600953112
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: d57670416d610c5a66113a336f00333d52cd1d528f6eddbefc855ace5ec89fe1

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:09 GMT
content-encoding: gzip
last-modified: Thu, 24 Sep 2020 13:11:52 GMT
server: nginx/1.20.1
etag: W/"5f6c9b18-10d1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
expires: Tue, 10 Aug 2021 12:25:09 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/ 250 KB
93 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1062562322853475&plah=willyoupressthebutton.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c5303654cc8d7ed7a303810a0b1b509e38592eec7411fcfef8e847e8140dca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95446
x-xss-protection: 0
server: cafe
etag: 390643862346785813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Aug 2021 12:25:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/ Frame B479 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210803/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://willyoupressthebutton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://willyoupressthebutton.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 08 Aug 2021 19:31:05 GMT
expires: Sun, 22 Aug 2021 19:31:05 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 60845
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 collect
www.google-analytics.com/g/ 0
79 B 13ms
13ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-M9D29HCVWJ&gtm=2oe840&_p=60081892&sr=1600x1200&ul=en-us&cid=220861106.1628511909&_s=1&dl=https%3A%2F%2Fwillyoupressthebutton.com%2F&dt=Will%20You%20Press%20The%20Button%3F%20-%20You%20learn%20all%20the%20secrets%20in%20this%20world%20-%20institutions%2C%20organisations%2C%20governments%20etc.%20have%20nothing%20to%20hide%20from%20you.&sid=1628511908&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M9D29HCVWJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 12:25:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://willyoupressthebutton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41783386-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4288
date: Mon, 09 Aug 2021 11:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 09 Aug 2021 13:13:41 GMT

GET
H2 200 p-206e6cb0.entry.js Show response
unpkg.com/ionicons@5.2.3/dist/ionicons/ 4 KB
2 KB 26ms
26ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-206e6cb0.entry.js

Requested by

Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4399d8f8b61e387f5d56bc09d72fb0e9d9305872c0cee23afdb6919c794e492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://willyoupressthebutton.com
Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12017038
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"ef8-IG5ssIjkth4wJEAeMNfsmTJdBJI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: d285f03f724625521010cb320975952c
cache-control: public, max-age=31536000
cf-ray: 67c0f727ea214a68-FRA

GET
H2 200 0 Show response
api4.fobreg.com/api/comments/get/WYPTB/76345/ 473 B
656 B 457ms
143ms XHR
text/html 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api4.fobreg.com/api/comments/get/WYPTB/76345/0?take=1
Requested by: Host: static.fobreg.com
URL: https://static.fobreg.com/latest/comments.js?v=1603397973
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 / PHP/7.3.29
Resource Hash: 35b385cffe90e8688993031450a7cfdf91adb08f3c21103317b2bbdb3b6f41b6

Request headers

Accept: application/json, text/plain, */*
Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:11 GMT
content-encoding: gzip
server: nginx/1.20.1
x-powered-by: PHP/7.3.29
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-ratelimit-remaining: 59
cache-control: no-cache, private
x-ratelimit-limit: 60
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
347 B 215ms
50ms XHR
text/plain 52.29.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=willyoupressthebutton.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Will%20You%20Press%20The%20Button%3F%20-%20You%20learn%20all%20the%20secrets%20in%20this%20world%20-%20institutions%2C%20organisations%2C%20governments%20etc.%20have%20nothing%20to%20hide%20from%20you.&cms=unknown&publisher=5f9045b6bd70ad0011e012b9&sop=true&bsamesite=true&consent_cookie_duration=4337&consent_duration=4337&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 12:25:11 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://willyoupressthebutton.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
31 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=60081892&t=pageview&_s=1&dl=https%3A%2F%2Fwillyoupressthebutton.com%2F&ul=en-us&de=UTF-8&dt=Will%20You%20Press%20The%20Button%3F%20-%20You%20learn%20all%20the%20secrets%20in%20this%20world%20-%20institutions%2C%20organisations%2C%20governments%20etc.%20have%20nothing%20to%20hide%20from%20you.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1879558215&gjid=1490930546&cid=220861106.1628511909&tid=UA-41783386-1&_gid=432683611.1628511912&_r=1&gtm=2ou840&z=1379743577

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 12:25:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://willyoupressthebutton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p-27972752.js Show response
unpkg.com/ionicons@5.2.3/dist/ionicons/ 807 B
634 B 18ms
18ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-27972752.js

Requested by

Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5d3af5437719d1184f672cae7c042ef5d9206a4213fe5de7dddbb8e9a3f42b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://willyoupressthebutton.com
Referer: https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-206e6cb0.entry.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12017039
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"327-iDnGRj+fHRf0JjqFvGGPeB+3JIg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 4677374a9d9398b31e7ff9b112b285fe
cache-control: public, max-age=31536000
cf-ray: 67c0f737b8d04a68-FRA

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
667 B 202ms
74ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=willyoupressthebutton.com&callback=_gfp_s_&client=ca-pub-1062562322853475

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1062562322853475&plah=willyoupressthebutton.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

11ae1e0fe59d696bfcd21001b17c913c444e57aa51dd7eac3b20762faea110e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 61ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=willyoupressthebutton.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 12:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 62ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=willyoupressthebutton.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 12:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DD70 57 KB
22 KB 439ms
431ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=8344291091&adk=2346721274&adf=4083474988&pi=t.ma~as.8344291091&w=368&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908974&bpp=9&bdt=5009&idt=2705&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=5304497177021&frm=20&pv=2&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KncbaWBEqS&p=https%3A//willyoupressthebutton.com&dtd=2849

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35c0655d336a187353b1f53ab94b264887689d3506aed8ea4cf937f0e20939b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=8344291091&adk=2346721274&adf=4083474988&pi=t.ma~as.8344291091&w=368&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908974&bpp=9&bdt=5009&idt=2705&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=5304497177021&frm=20&pv=2&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KncbaWBEqS&p=https%3A//willyoupressthebutton.com&dtd=2849
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://willyoupressthebutton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://willyoupressthebutton.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 09 Aug 2021 12:25:12 GMT
server: cafe
content-length: 22558
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Aug-2021 12:40:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 12:25:12 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 119ms
75ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:11 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249289658065"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28112
x-xss-protection: 0
expires: Mon, 09 Aug 2021 12:25:11 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
95 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-41783386-1&cid=220861106.1628511909&jid=1879558215&gjid=1490930546&_gid=432683611.1628511912&_u=YADAAUAAAAAAAC~&z=1161638875

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 09 Aug 2021 12:25:11 GMT
content-type: text/plain
access-control-allow-origin: https://willyoupressthebutton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 987E 61 KB
22 KB 524ms
519ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=5251223890&adk=3030527107&adf=3492069439&pi=t.ma~as.5251223890&w=800&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908983&bpp=2&bdt=5018&idt=2912&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=400&ady=802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IXUmk0KIVn&p=https%3A//willyoupressthebutton.com&dtd=2956

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f860bf6493966347089c83e3c65e7e83d5dd074062453bc99f7c14fbf7b8627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=5251223890&adk=3030527107&adf=3492069439&pi=t.ma~as.5251223890&w=800&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908983&bpp=2&bdt=5018&idt=2912&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=400&ady=802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IXUmk0KIVn&p=https%3A//willyoupressthebutton.com&dtd=2956
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://willyoupressthebutton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://willyoupressthebutton.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 09 Aug 2021 12:25:12 GMT
server: cafe
content-length: 22923
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Aug-2021 12:40:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 12:25:12 GMT
cache-control: private

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-41783386-1&cid=220861106.1628511909&jid=1879558215&_u=YADAAUAAAAAAAC~&z=1484618635

Requested by

Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 12:25:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-41783386-1&cid=220861106.1628511909&jid=1879558215&_u=YADAAUAAAAAAAC~&z=1484618635

Requested by

Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 12:25:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B507 62 KB
23 KB 342ms
341ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=2297757494&adk=1083418518&adf=4096012358&pi=t.ma~as.2297757494&w=368&fwrn=4&fwrnh=100&lmt=1628511912&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908985&bpp=2&bdt=5020&idt=3064&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280%2C800x280&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1232&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DfnDuQVkh5&p=https%3A//willyoupressthebutton.com&dtd=3074

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93839ec44b9a843b61b077c2aa38c1d98ed56aba0b901ebf45b6f100248ae3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=2297757494&adk=1083418518&adf=4096012358&pi=t.ma~as.2297757494&w=368&fwrn=4&fwrnh=100&lmt=1628511912&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908985&bpp=2&bdt=5020&idt=3064&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280%2C800x280&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1232&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DfnDuQVkh5&p=https%3A//willyoupressthebutton.com&dtd=3074
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://willyoupressthebutton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://willyoupressthebutton.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 09 Aug 2021 12:25:12 GMT
server: cafe
content-length: 23200
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Aug-2021 12:40:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 12:25:12 GMT
cache-control: private

GET
H2 200 123965.jpg
fobreg.justey.com/avatars/ 5 KB
5 KB 479ms
135ms Image
image/jpeg 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fobreg.justey.com/avatars/123965.jpg
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6844d30dfe5c754805dec6124965a17122927d5125800692b4227e007415c74b

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:12 GMT
last-modified: Mon, 02 May 2016 15:34:48 GMT
server: nginx/1.20.1
etag: "57277398-1233"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4659

GET
H2 200 flag.png
api4.fobreg.com/icons/ 195 B
372 B 400ms
132ms Image
image/png 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api4.fobreg.com/icons/flag.png
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 54c4b840e51b29c36b128e484045d766799e6d644b7211873f95199e421959fb

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:12 GMT
last-modified: Sat, 12 Nov 2016 13:50:04 GMT
server: nginx/1.20.1
etag: "58271e0c-c3"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 195
expires: Mon, 16 Aug 2021 12:25:12 GMT

GET
H2 200 like.png
api4.fobreg.com/icons/ 257 B
434 B 400ms
133ms Image
image/png 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api4.fobreg.com/icons/like.png
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 71e5f922f731f4d8c22e808c3136f2e3a214f3c5fc90654c6eccc06ce1453868

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:12 GMT
last-modified: Sat, 12 Nov 2016 13:49:48 GMT
server: nginx/1.20.1
etag: "58271dfc-101"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 257
expires: Mon, 16 Aug 2021 12:25:12 GMT

GET
H2 200 dislike.png
api4.fobreg.com/icons/ 340 B
518 B 399ms
133ms Image
image/png 158.69.124.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api4.fobreg.com/icons/dislike.png
Requested by: Host: willyoupressthebutton.com
URL: https://willyoupressthebutton.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.124.117 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: eff1b8e2725a1a1601c9f5e56ffb81fe41b2187afb7d5635181c60701ff14a6d

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:12 GMT
last-modified: Mon, 24 Jul 2017 17:18:46 GMT
server: nginx/1.20.1
etag: "59762bf6-154"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 340
expires: Mon, 16 Aug 2021 12:25:12 GMT

GET
H2 200 list.svg Show response
unpkg.com/ionicons@5.2.3/dist/ionicons/svg/ 623 B
365 B 24ms
24ms Fetch
image/svg+xml 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons/svg/list.svg

Requested by

Host: unpkg.com
URL: https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-206e6cb0.entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c0b79e5c3341674253f96b329c5e6c59471c2bc894130f32581333e60c680d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:12 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9652792
fly-request-id: 01F3NRBHHZ74CKX3Q3TQXB2N7Z
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"26f-5x36Pc9CT+mWZoEN8VLzxZD/xEo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 67c0f73ac82b4a68-FRA

GET
H2 200 log-in.svg Show response
unpkg.com/ionicons@5.2.3/dist/ionicons/svg/ 377 B
347 B 24ms
23ms Fetch
image/svg+xml 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons/svg/log-in.svg

Requested by

Host: unpkg.com
URL: https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-206e6cb0.entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38b4b6f6bc5642b59f59f00a3ea19d6f85d6c7b72e9402f761c321d65f18f8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:12 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9652792
fly-request-id: 01F3NRBJQ8XHTQ64XN0ZZANBYT
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"179-lTZMnCF+sqWPovGCZQ1zY1MBvU8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 67c0f73ad83c4a68-FRA

GET
H2 200 home.svg Show response
unpkg.com/ionicons@5.2.3/dist/ionicons/svg/ 631 B
474 B 23ms
22ms Fetch
image/svg+xml 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons/svg/home.svg

Requested by

Host: unpkg.com
URL: https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-206e6cb0.entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffd04f91beee43786c800f444660b661c9b587fbac59b462edca26bc03a6b0d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:12 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9652792
fly-request-id: 01F3NRBHJC7N738W41WNT4A9HM
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"277-40Q1Zl1JvN/QS2kUXiju/zGnquk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 67c0f73ad83d4a68-FRA

GET
H2 200 stats-chart.svg Show response
unpkg.com/ionicons@5.2.3/dist/ionicons/svg/ 480 B
304 B 22ms
20ms Fetch
image/svg+xml 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons/svg/stats-chart.svg

Requested by

Host: unpkg.com
URL: https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-206e6cb0.entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

092384b9306eefab1c66180102acaf835fcfc4af16d4700844defa0e9d611819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:12 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9652792
fly-request-id: 01F3NRBHHH2D1P2GTCYJRPNW71
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1e0-ypaZw4QgpKh6aOdqSIA3XgX+Wr0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 67c0f73ad8404a68-FRA

GET
H2 200 star.svg Show response
unpkg.com/ionicons@5.2.3/dist/ionicons/svg/ 336 B
335 B 27ms
17ms Fetch
image/svg+xml 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons/svg/star.svg

Requested by

Host: unpkg.com
URL: https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-206e6cb0.entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

146bcf70d84252f1ffde4864da35cf10a0abacb999a8d234ea8616d2cf4cd2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:12 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9652792
fly-request-id: 01F3NRBHJCH7JNJFWAJ7A64CE7
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"150-72tFSMuQUUVNoWVHpJKnqGxk9I0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 67c0f73ae8604a68-FRA

GET
H2 200 person-add.svg Show response
unpkg.com/ionicons@5.2.3/dist/ionicons/svg/ 670 B
515 B 40ms
31ms Fetch
image/svg+xml 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.2.3/dist/ionicons/svg/person-add.svg

Requested by

Host: unpkg.com
URL: https://unpkg.com/ionicons@5.2.3/dist/ionicons/p-206e6cb0.entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

329c2f16d7a0c55aac548cccea6d9e50225f9ec29e1072df93eb4e8bac4ee970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:12 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9356074
fly-request-id: 01F3YKANG3RJBWJY56F926JHFN
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"29e-mkclkKuqC2GXN5r2UFTOf3QxAYw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 67c0f73ae8624a68-FRA

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 38ms
22ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=willyoupressthebutton.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 12:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 38ms
20ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=willyoupressthebutton.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 12:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C481 11 KB
4 KB 167ms
165ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&adk=1812271804&adf=3025194257&lmt=1628511912&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511909007&bpp=2&bdt=5042&idt=3165&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280%2C800x280%2C368x280&nras=1&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=3217

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52cabbca628b4dc6a1fd34eb1e55f447cbe5359f76fe65d883187f47f9574ddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1062562322853475&output=html&adk=1812271804&adf=3025194257&lmt=1628511912&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511909007&bpp=2&bdt=5042&idt=3165&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280%2C800x280%2C368x280&nras=1&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=3217
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://willyoupressthebutton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://willyoupressthebutton.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 09 Aug 2021 12:25:12 GMT
server: cafe
content-length: 4556
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Aug-2021 12:40:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 12:25:12 GMT
cache-control: private

GET
H2 200 16333276828750381711
tpc.googlesyndication.com/simgad/ Frame DD70 109 KB
110 KB 53ms
14ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16333276828750381711?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmASS64qjoru4s-Nkw2pzNi1yaDWA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=8344291091&adk=2346721274&adf=4083474988&pi=t.ma~as.8344291091&w=368&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908974&bpp=9&bdt=5009&idt=2705&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=5304497177021&frm=20&pv=2&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KncbaWBEqS&p=https%3A//willyoupressthebutton.com&dtd=2849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04867538e42499112de206a98cbcafdf576b026db477163ec61de254356cf2bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 22:05:38 GMT
x-content-type-options: nosniff
last-modified: Fri, 04 Jun 2021 12:31:07 GMT
server: sffe
age: 569974
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111951
x-xss-protection: 0
expires: Tue, 02 Aug 2022 22:05:38 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame DD70 18 KB
8 KB 46ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:23:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 12:23:10 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame DD70 2 KB
1 KB 50ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 12:24:34 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD70 125 KB
37 KB 145ms
118ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:12 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Mon, 09 Aug 2021 12:25:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame DD70 14 KB
6 KB 47ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 12:23:00 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame DD70 26 KB
11 KB 51ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 10:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10762
x-xss-protection: 0
server: cafe
etag: 3065724439939497134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 10:16:58 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame DD70 0
0 53ms
38ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C58wDpx4RYdqBNaOCx_AP6oGS4AeJr7T4Y7nLoeX7Defaz-mkIxABIIzI4A5glQKgAeTdgf8CyAECqQICwJGh7rmzPqgDAcgDyQSqBMwBT9AZfutN5hNNdj1solCiKLTiRtV6Oxn-XP7crgvQ2nfT8Od-_jojxAZi1iER1vbtOw6QWuYSmgOr8Ir1DV8cgZfUQAWYHE0sJx88X0eRnBeMQmPMkFotTlYiqPczyJnUI1IcLDAJVuP6r3SV_bG7kj_sLGtfril5TBFjz6YvjoLipIod-rz-GkWIJvx-8piCM4KNrC3of7fncfaGSDrl5UfWH9L86IYtWk9M4vBWmOAxV09wc_oFerQS4pTzHvRjOtaPgTYk3hb8Y8T4wASQk6jpwAOgBgKAB4Si_oABqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEL-bE9IICQiA4YAQEAEYH4AKAcgLAdgTA9AVAYAXAbIXGgoYCAASFHB1Yi0xMDYyNTYyMzIyODUzNDc1&sigh=GI_bMgut-js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=8344291091&adk=2346721274&adf=4083474988&pi=t.ma~as.8344291091&w=368&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908974&bpp=9&bdt=5009&idt=2705&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=5304497177021&frm=20&pv=2&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KncbaWBEqS&p=https%3A//willyoupressthebutton.com&dtd=2849
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 09 Aug 2021 12:25:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 09 Aug 2021 12:25:12 GMT

GET
H3-29 200 5029147372741561989
tpc.googlesyndication.com/simgad/ Frame B507 126 KB
126 KB 32ms
14ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5029147372741561989?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkqnbN0bXgfP7npmYcusGtpcidzCw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=2297757494&adk=1083418518&adf=4096012358&pi=t.ma~as.2297757494&w=368&fwrn=4&fwrnh=100&lmt=1628511912&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908985&bpp=2&bdt=5020&idt=3064&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280%2C800x280&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1232&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DfnDuQVkh5&p=https%3A//willyoupressthebutton.com&dtd=3074

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbf55de2ed9c6e6a41b99e5541e00d0627dbd8149e46e28a63b6e67b3a978b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 21:41:40 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Jul 2021 23:00:32 GMT
server: sffe
age: 571412
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129347
x-xss-protection: 0
expires: Tue, 02 Aug 2022 21:41:40 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame B507 18 KB
7 KB 36ms
18ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:23:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 12:23:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame B507 2 KB
1 KB 49ms
44ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 12:24:34 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B507 125 KB
37 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:12 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Mon, 09 Aug 2021 12:25:12 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame B507 14 KB
6 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 12:23:00 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame B507 26 KB
11 KB 66ms
61ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 10:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10762
x-xss-protection: 0
server: cafe
etag: 3065724439939497134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 10:16:58 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B507 0
0 50ms
47ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtJDYqB4RYfqsBdqK7gP7iJygCNCVpqdk4vuywcEOhIjezdQoEAEgjMjgDmCVAqABofzU2gPIAQKoAwHIA8kEqgTGAU_QW_fxIIzoc-ekcGVpuoo4QhTaSnF4R-r1HmtS8c-D-TN_Kw_m02nt9mAf9qC5qsZLsUK3HhfH44slwDr7SZnNuBN25clkeDOpBI1-uWukF_kU2XwUFAm9mQ8mhmOSSbpSEcjJQYLKRErJA-8jWGPKJ2D-sMVCJ_7kjCZlIchPVZXdFyU1lqTlzk7cYf9XC5ldHiJyShrH8qzWPzqmUNZYJDa75lPz9zlwyan6blzFICT6WjY2BLz4F-IlyqcHKq1woMyTC8AE9ebCxdMDkgUECAQYAZIFBAgFGASgBgKAB8eDqyWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQs5oY0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshcaChgIABIUcHViLTEwNjI1NjIzMjI4NTM0NzU&sigh=eCNUiXL9VNw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=2297757494&adk=1083418518&adf=4096012358&pi=t.ma~as.2297757494&w=368&fwrn=4&fwrnh=100&lmt=1628511912&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908985&bpp=2&bdt=5020&idt=3064&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280%2C800x280&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1232&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DfnDuQVkh5&p=https%3A//willyoupressthebutton.com&dtd=3074
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 09 Aug 2021 12:25:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 13153308041597284616
tpc.googlesyndication.com/daca_images/simgad/ Frame 987E 57 KB
57 KB 75ms
54ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13153308041597284616

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=5251223890&adk=3030527107&adf=3492069439&pi=t.ma~as.5251223890&w=800&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908983&bpp=2&bdt=5018&idt=2912&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=400&ady=802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IXUmk0KIVn&p=https%3A//willyoupressthebutton.com&dtd=2956

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7503413db338d8b211a316d17e2a68f34366a98965e169d0af152e49fbda1fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 16:39:19 GMT
x-content-type-options: nosniff
age: 157553
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58561
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 15:15:17 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 16:39:19 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 987E 18 KB
7 KB 40ms
27ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:23:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 12:23:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 987E 2 KB
1 KB 68ms
48ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 12:24:34 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 987E 125 KB
38 KB 62ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:12 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Mon, 09 Aug 2021 12:25:12 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 987E 14 KB
6 KB 43ms
24ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 12:23:00 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 987E 26 KB
11 KB 109ms
90ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 10:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10762
x-xss-protection: 0
server: cafe
etag: 3065724439939497134
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 10:16:58 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 987E 0
0 78ms
33ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtYIepx4RYZTXO9iBx_APxeSJyAWY9bDgY9y22O3yDb_hHhABIIzI4A5glQKgAZuI0Z8DyAECqQKnULDIJrizPqgDAcgDyQSqBMYBT9AGIoZVS0Itia2jvk-RAyI-HkDmtC5bRgKay6C3omMs6TeYGnOJD739fWwvKgQnjr-ovrCi-zm4ABqv5yLBSAZxDaFLbyJNNwTlWwjwKOwwPkTzEKN7-jN5ljsqgxDinjx4uKWBWphcWdAM-3x4Zj0bJITtTsjG8SfxcuqsgNcLdtWfDAzNMOwGim5GWRMUJRL0NiO20v9g8CwCMHAXOdf09EglSA58rWF9vf5VxsXIK-MJCMbo1u7y-2N_WTw3brcLDmsrwATfm8z_rQOSBQQIBBgBkgUECAUYBKAGAoAHzfeuYKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD-hwTSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxoKGAgAEhRwdWItMTA2MjU2MjMyMjg1MzQ3NQ&sigh=AGtQI2hsK10

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=5251223890&adk=3030527107&adf=3492069439&pi=t.ma~as.5251223890&w=800&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908983&bpp=2&bdt=5018&idt=2912&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=400&ady=802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IXUmk0KIVn&p=https%3A//willyoupressthebutton.com&dtd=2956
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 09 Aug 2021 12:25:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DFB8 143 B
163 B 62ms
8ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=8344291091&adk=2346721274&adf=4083474988&pi=t.ma~as.8344291091&w=368&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908974&bpp=9&bdt=5009&idt=2705&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=5304497177021&frm=20&pv=2&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KncbaWBEqS&p=https%3A//willyoupressthebutton.com&dtd=2849
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmQ2J4Mm9FQC18mbMvymDV6lr0xCqVHhb_5nW_A9_ZSMQL5T22kN6qSGoSsldk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=8344291091&adk=2346721274&adf=4083474988&pi=t.ma~as.8344291091&w=368&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908974&bpp=9&bdt=5009&idt=2705&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=5304497177021&frm=20&pv=2&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KncbaWBEqS&p=https%3A//willyoupressthebutton.com&dtd=2849

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 09 Aug 2021 11:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2535
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A170 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=2297757494&adk=1083418518&adf=4096012358&pi=t.ma~as.2297757494&w=368&fwrn=4&fwrnh=100&lmt=1628511912&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908985&bpp=2&bdt=5020&idt=3064&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280%2C800x280&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1232&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DfnDuQVkh5&p=https%3A//willyoupressthebutton.com&dtd=3074
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmQ2J4Mm9FQC18mbMvymDV6lr0xCqVHhb_5nW_A9_ZSMQL5T22kN6qSGoSsldk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=2297757494&adk=1083418518&adf=4096012358&pi=t.ma~as.2297757494&w=368&fwrn=4&fwrnh=100&lmt=1628511912&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908985&bpp=2&bdt=5020&idt=3064&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280%2C800x280&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1232&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DfnDuQVkh5&p=https%3A//willyoupressthebutton.com&dtd=3074

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 09 Aug 2021 11:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2535
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B3D2 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=5251223890&adk=3030527107&adf=3492069439&pi=t.ma~as.5251223890&w=800&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908983&bpp=2&bdt=5018&idt=2912&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=400&ady=802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IXUmk0KIVn&p=https%3A//willyoupressthebutton.com&dtd=2956
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmQ2J4Mm9FQC18mbMvymDV6lr0xCqVHhb_5nW_A9_ZSMQL5T22kN6qSGoSsldk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=5251223890&adk=3030527107&adf=3492069439&pi=t.ma~as.5251223890&w=800&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908983&bpp=2&bdt=5018&idt=2912&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=368x280&correlator=5304497177021&frm=20&pv=1&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=400&ady=802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IXUmk0KIVn&p=https%3A//willyoupressthebutton.com&dtd=2956

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 09 Aug 2021 11:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2535
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B507 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbda7f2a9916cc43fe2a9d0f8563ea687687b59b08e4c712db7e4573d2a6c442

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DD70 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1968435a97515079f13cb6edf758aa24b1026154777342c27f46d4abdd6da5c4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 987E 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: daed8ad9afcdcff8ebc8620ae5b91110c32fdc418308120399a1be5cec73a284

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 39ms
24ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210803&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c794e9bc9bf79d6f271fe25ec323718f99b7d340333ec157830e1f183b58195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 12:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DFB8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

40ms
19ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmQ2J4Mm9FQC18mbMvymDV6lr0xCqVHhb_5nW_A9_ZSMQL5T22kN6qSGoSsldk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 09 Aug 2021 12:25:13 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 09-Aug-2021 13:25:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 12:25:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 09 Aug 2021 12:25:13 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js Show response
pagead2.googlesyndication.com/bg/ Frame A4BC 35 KB
13 KB 30ms
11ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13261
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 12:21:52 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A170
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

51ms
34ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmQ2J4Mm9FQC18mbMvymDV6lr0xCqVHhb_5nW_A9_ZSMQL5T22kN6qSGoSsldk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 09 Aug 2021 12:25:13 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 09-Aug-2021 13:25:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 12:25:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 09 Aug 2021 12:25:13 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B3D2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

67ms
50ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmQ2J4Mm9FQC18mbMvymDV6lr0xCqVHhb_5nW_A9_ZSMQL5T22kN6qSGoSsldk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 09 Aug 2021 12:25:13 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 09-Aug-2021 13:25:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 12:25:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 09 Aug 2021 12:25:13 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B9B 35 KB
13 KB 59ms
51ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13261
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 12:21:52 GMT

GET
H3-29 200 z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js Show response
pagead2.googlesyndication.com/bg/ Frame DD83 35 KB
13 KB 70ms
13ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13261
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 12:21:52 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
20ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 09 Aug 2021 12:25:13 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B507 42 B
64 B 30ms
29ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKTwSAJs9_ng75Gi0OmjqGwfQf1Xj3ixK2p1xoQidVlQPzKaorMmVPzlFz96HkCyYhGuQbslXovXrvALjvRE97DL0od9YW8do00YFwH0kg10JmPKHSu521B9KfHg&sai=AMfl-YQhyK2e0R-2W-UZHW2NpMrYFmzFJa1-68ZnoIm3cJnK5D33XMUeEUICIeASjQZMHnCBL0v-WMWLRml0&sig=Cg0ArKJSzKCGqwE9LnzNEAE&id=lidar2&mcvt=1195&p=76,1248,356,1584&mtos=1195,1195,1195,1195,1195&tos=1195,0,0,0,0&v=20210806&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1083418518&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628511912067&dlt=494&rpt=436&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 12:25:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame DD70 0
0 34ms
29ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAkLepx4RYdqBNaOCx_AP6oGS4AeJr7T4Y7nLoeX7Defaz-mkIxABIIzI4A5glQKgAeTdgf8CyAECqQICwJGh7rmzPqgDAaoEzAFP0Bl-603mE012PWyiUKIotOJG1Xo7Gf5c_tyuC9Dad9Pw537-OiPEBmLWIRHW9u07DpBa5hKaA6vwivUNXxyBl9RABZgcTSwnHzxfR5GcF4xCY8yQWi1OViKo9zPImdQjUhwsMAlW4_qvdJX9sbuSP-wsa1-uKXlMEWPPpi-OguKkih36vP4aRYgm_H7ymIIzgo2sLeh_t-dx9oZIOuXlR9Yf0vzohi1aT0zi8FaY4DFXT3Bz-gV6tBLilPMe9GM61o-BNiTeFvxjxPjABJCTqOnAA6AGAoAHhKL-gAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQv5sT0ggJCIDhgBAQARgfgAoByAsB2BMD0BUBgBcBshcaChgIABIUcHViLTEwNjI1NjIzMjI4NTM0NzU&sigh=vWreQp4Lf14&vt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1062562322853475&output=html&h=280&slotname=8344291091&adk=2346721274&adf=4083474988&pi=t.ma~as.8344291091&w=368&fwrn=4&fwrnh=100&lmt=1628511911&rafmt=1&psa=0&format=368x280&url=https%3A%2F%2Fwillyoupressthebutton.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628511908974&bpp=9&bdt=5009&idt=2705&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=5304497177021&frm=20&pv=2&ga_vid=220861106.1628511909&ga_sid=1628511912&ga_hid=60081892&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=76&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C20211866%2C31062064&oid=3&pvsid=2937637282783557&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=KncbaWBEqS&p=https%3A//willyoupressthebutton.com&dtd=2849
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 09 Aug 2021 12:25:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DD70 42 B
64 B 30ms
29ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunE66X30RqPGBnwofKxuctubmlntY3wcg5RPYEBHze08xPCmMKa0RPpVv0LihWT7buyPW_gzIP8qOlK6gXcY5Rwwhmc5kkhgc6gx4QgcIRxfMf-6AFdSOabSaazA&sai=AMfl-YQXrmKkKSW7hDfKH8UfZYj58kaOiYAoQvv-cZtlH9aQuIVkCdkzvafIKgnSi-vCG8ehSJWuxSLqXzQJ&sig=Cg0ArKJSzFP8zOsaRhLFEAE&id=lidar2&mcvt=1097&p=76,0,330,368&mtos=1097,1097,1097,1097,1097&tos=1097,0,0,0,0&v=20210806&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2346721274&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628511911857&dlt=491&rpt=1611&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 12:25:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 08CD 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://willyoupressthebutton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://willyoupressthebutton.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 09 Aug 2021 12:21:52 GMT
expires: Tue, 09 Aug 2022 12:21:52 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 69A1 783 B
535 B 19ms
19ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ef7515ed1d462a3ffc7c0836cf37c4ac82a8c14b738209cdf9d618ac24e33e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1xCMUE7x9Hkn2N4zj1R6EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://willyoupressthebutton.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://willyoupressthebutton.com/

Response headers

expires: Mon, 09 Aug 2021 12:25:15 GMT
date: Mon, 09 Aug 2021 12:25:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1xCMUE7x9Hkn2N4zj1R6EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 516
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 987E 42 B
64 B 44ms
39ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzA0j5fIyZUPXDScgHsfPuJB4DH6iIQiHg-M-hRud4WI7fymfb21fSpiOS2ALtgPykHX7DRfMHA29JBDCRqpASfTyMznUYt9SuXuwzY9SOhNhJcZJWsKXLGUR8aQ&sai=AMfl-YQnqrHverKiXItJ8Czi5l-WIIAeFWSgqQErOtr9rl5hDEhZ6qXySd1JakVV2i3x-JeTTXfXgMStDCmC&sig=Cg0ArKJSzBYnXbzqLRIVEAE&id=lidar2&mcvt=1572&p=802,400,1008,1200&mtos=1572,1572,1572,1572,1572&tos=1572,0,0,0,0&v=20210806&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3030527107&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628511911946&dlt=641&rpt=1404&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 12:25:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js Show response
pagead2.googlesyndication.com/bg/ Frame 08CD 35 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13261
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 12:21:52 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
30ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210803&jk=2937637282783557&bg=!b2ylbCjNAAals0SOpbM7ACkAdvg8WprXoeXBvr9bCxJSwTgbDTUVPx96newTtHtOxCqx7bBchuoAZAIAAAD1UgAAAAhoAQeZAoo2eQAABgFU4q6WWW00IVOwmIUSgejkhPm3Eup2GGy6UCdxu53jNzy6VvEo2FhpMebnmL7krDjgeOwt0hwpNl1UzKaimVciJAlrTZsqzz0zzjY18c8oGdSF7AGYmIvQ6myNTPasxBsn_suT2HdakT_3aqhDTvcMQiCPsIPQ86rnXmy4tzObeaabXD2jJWpk3H29efXo4AGp2cjD8LsOKtYN-_UBetl10upMxo7KZ0NM-CVfx1z6NES4KsuazFyAqsqDOWsDVftdVlJewm4NXrIdlQIq8Me7NoVxWf2dLQWkfnc4t5fLnwQYFZv03m944Ih8a-j8wAlSwHvyQD7jMc6h8LOReu6ks2DCc8vTHLoNc06F3cd_v9pTw8speKHSo4Y5QB9NRmpcSz7VLMprp0IevK4q_NPcFkiAw1sEzFENP0WomElFEeu1eEud4hc_NO8zBx6ATHzVhXImZudGWzwpxBq98WwjUfqKMACsLpSztdc5qbJn-_7jOMtRuxSC3a8a8T6R6EoVTQbnn08lnNL57GBdP2CgnuEd56ruz_ZnG8pdodO3nNJCQyrww-cpZcWHIY_BnhxMhahS22WhPjrD21zTTHGP4-fGyr4KWnIJ3zjA7visLtI7ikUvJxHtd4dn-yiuHD6vfWG-sjMNREdJM-XZT1xEWc-fE-uMzHDb4dP_36zmY6gFLrIbEd6kJvfE9Q9i0zUhiv6DL-dibHnYxW_8id47KQqO_vI_bhWM8fNEmIRqgH9eUWdhZvSTnpEYgCgCrwZnejuXFB-2KCSY7qmJlMoI2iSOiB7iz_2yb9ItV3Y6oGL5q3koMFQOQoxJbugbPkYxOTw7WZ3cCbPGu_OLkQhl_QPExg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://willyoupressthebutton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 12:25:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 05:43:27	Name: IDE Value: AHWqTUmQ2J4Mm9FQC18mbMvymDV6lr0xCqVHhb_5nW_A9_ZSMQL5T22kN6qSGoSsldk
.willyoupressthebutton.com/	1970-01-20 05:43:27	Name: __gads Value: ID=fcb9ff0e6d697427-2217f3c89ac900f1:T=1628511911:RT=1628511911:S=ALNI_MYUYzpy0-rgzpDqmfM2GinrtmDGAw
.willyoupressthebutton.com/	1970-01-19 20:21:51	Name: _gat_gtag_UA_41783386_1 Value: 1
.willyoupressthebutton.com/	1970-01-20 13:53:03	Name: _ga Value: GA1.2.220861106.1628511909
.willyoupressthebutton.com/	1970-01-19 20:23:18	Name: _gid Value: GA1.2.432683611.1628511912
.willyoupressthebutton.com/	1970-01-20 13:53:03	Name: _ga_M9D29HCVWJ Value: GS1.1.1628511908.1.0.1628511908.0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://unpkg.com/ionicons@5.2.3/dist/ionicons.js(Line 28) Message: [ionicons] Deprecated script, please remove: <script src="https://unpkg.com/ionicons@5.2.3/dist/ionicons.js"></script> To improve performance it is recommended to set the differential scripts in the head as follows: <script type="module" src="https://unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.esm.js"></script> <script nomodule="" src="https://unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.js"></script>
console-api	log	URL: https://static.fobreg.com/latest/comments.js?v=1603397973(Line 13) Message: load comms: [object Object]
console-api	log	URL: https://static.fobreg.com/latest/comments.js?v=1603397973(Line 13) Message: REGISTERING SCROLL HANBDLER function(){arguments.length>0&&void 0!==arguments[0]&&arguments[0],arguments.length>1&&void 0!==arguments[1]&&arguments[1];if(this.loading)return!1;var t=this.vue.$children[0].getNoMoreComms();if(!t)return!1;var e=t.getBoundingClientRect(),n=e.top-150<(window.innerHeight\|\|document.documentElement.clientHeight);n&&this.loadMoreComments()}
console-api	log	URL: https://static.fobreg.com/latest/comments.js?v=1603397973(Line 13) Message: COMMENT LOAD response: [object Object]
console-api	log	URL: https://static.fobreg.com/latest/comments.js?v=1603397973(Line 13) Message: COMMENT LOAD opts: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api4.fobreg.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
fobreg.justey.com
googleads.g.doubleclick.net
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform-api.sharethis.com
platform-cdn.sharethis.com
static.fobreg.com
stats.g.doubleclick.net
tpc.googlesyndication.com
unpkg.com
willyoupressthebutton.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
158.69.124.117
216.58.212.162
2600:9000:2057:2800:c:a9b7:ddc0:93a1
2600:9000:2190:e600:1c:8a07:5e80:93a1
2600:9000:2190:f400:c:abe:f440:93a1
2600:9000:21a1:b000:1d:85c3:6640:93a1
2606:4700::6810:7aaf
2606:4700::6810:7baf
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2008
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c09::9b
52.29.0.64
01ef7515ed1d462a3ffc7c0836cf37c4ac82a8c14b738209cdf9d618ac24e33e
04867538e42499112de206a98cbcafdf576b026db477163ec61de254356cf2bb
092384b9306eefab1c66180102acaf835fcfc4af16d4700844defa0e9d611819
0a5c038eacffbe09d559984b66686533013461e4f967205cbe0c5728579e9cc4
111d5349381a9e8f6e2fb551a06de98feb7b7957ba1eff38443f9e696519683b
11ae1e0fe59d696bfcd21001b17c913c444e57aa51dd7eac3b20762faea110e9
146bcf70d84252f1ffde4864da35cf10a0abacb999a8d234ea8616d2cf4cd2b0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1968435a97515079f13cb6edf758aa24b1026154777342c27f46d4abdd6da5c4
1b68e053b0500ba6873ea2b4bfffca6789dc090cf7a82d5817aa211e7b682042
2b69c145ec5f533d842c8b9fec881aefef9446624ebcb3af4f658e44e34c0eba
2f860bf6493966347089c83e3c65e7e83d5dd074062453bc99f7c14fbf7b8627
31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90
329c2f16d7a0c55aac548cccea6d9e50225f9ec29e1072df93eb4e8bac4ee970
35b385cffe90e8688993031450a7cfdf91adb08f3c21103317b2bbdb3b6f41b6
35c0655d336a187353b1f53ab94b264887689d3506aed8ea4cf937f0e20939b5
38b4b6f6bc5642b59f59f00a3ea19d6f85d6c7b72e9402f761c321d65f18f8c9
3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3c5303654cc8d7ed7a303810a0b1b509e38592eec7411fcfef8e847e8140dca7
49622fbe7651570ea1139ebe39d7302b1b580486548464dbfbfe7e07a05b8a6e
4c794e9bc9bf79d6f271fe25ec323718f99b7d340333ec157830e1f183b58195
4e23a470c651d1238ecd27546b6e85cfe0f1fae64a694baf9bf4ef1c09d7082c
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52cabbca628b4dc6a1fd34eb1e55f447cbe5359f76fe65d883187f47f9574ddf
54c4b840e51b29c36b128e484045d766799e6d644b7211873f95199e421959fb
55ea41e3a07a8c906d6de2fe91ecadc3e3c9f651b2058074d5f6fb6a70409ffa
572cc391194c430b6c2d54711336747c61c26caca871bfe881ddb153dcc8c8f7
682a17f0b5673976fc1af4c8c54b0941bb4b8f7c46745f56a33f8cc7ada4a2cc
6844d30dfe5c754805dec6124965a17122927d5125800692b4227e007415c74b
6c0b79e5c3341674253f96b329c5e6c59471c2bc894130f32581333e60c680d6
6d3b65668a48c9a2000b8643c2826450fce6dd9a2d452a23637542161dd3c69a
6df7c76383033d98f8787f082f4ae13fb0811a7fffab1bd8598ed017ac059805
71e5f922f731f4d8c22e808c3136f2e3a214f3c5fc90654c6eccc06ce1453868
7503413db338d8b211a316d17e2a68f34366a98965e169d0af152e49fbda1fa9
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88432d4a953719ca1962f867cc4166caf9e6cdf2da51a540991256d63935fded
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6
9164e9e61772747c5cb442694612e0059544001673b79fb88d326b6fc0c008ef
937e1da6a3f1f5f56d7c7f68d47217686d4d73881a6332607eb9769f9e50bc5e
93839ec44b9a843b61b077c2aa38c1d98ed56aba0b901ebf45b6f100248ae3a1
998017d8e261ff05c8beb90beacc69fd6c8071b1695ed87a9a6d33a3b3caa7f5
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
a4399d8f8b61e387f5d56bc09d72fb0e9d9305872c0cee23afdb6919c794e492
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ad22883d445c017dee3f2498a845024b394a276fc050bb07da89d2b17f5d5b76
b3e4f0a389483ebab929629e2e25a2acde6e2bc2410f6dd6b73b2a0c800006ae
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b90eb81e18717c45d76d5394e96f4fa468059a2f911a7e0061a3478fa9061499
bbda7f2a9916cc43fe2a9d0f8563ea687687b59b08e4c712db7e4573d2a6c442
c3518fe7d26d5247b173af463426cb2b3215abfa3848ca33d871055cc94b5be4
cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2
d57670416d610c5a66113a336f00333d52cd1d528f6eddbefc855ace5ec89fe1
d5d3af5437719d1184f672cae7c042ef5d9206a4213fe5de7dddbb8e9a3f42b2
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
daed8ad9afcdcff8ebc8620ae5b91110c32fdc418308120399a1be5cec73a284
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1e638e79714506ef0563f9b2162a10fe0aeb18da857b12ac78b9a5b10b4c162
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
eff1b8e2725a1a1601c9f5e56ffb81fe41b2187afb7d5635181c60701ff14a6d
f71190efb3401bbbe347d7fbde655e7c4f40a43b52682f1fe816a5cfa836d3c3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fcbf55de2ed9c6e6a41b99e5541e00d0627dbd8149e46e28a63b6e67b3a978b4
ff48fb30a239cee2de7188f745f73448a213a7bc19ac52937ee277b4fd5b8872
ffd04f91beee43786c800f444660b661c9b587fbac59b462edca26bc03a6b0d5

willyoupressthebutton.com Open in urlscan Pro 158.69.124.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

100 %HTTPS

87 %IPv6

14 Domains

22 Subdomains

24 IPs

4 Countries

1250 kBTransfer

2931 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

willyoupressthebutton.com Open in urlscan Pro
158.69.124.117 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

100 %
HTTPS

87 %
IPv6

14
Domains

22
Subdomains

24
IPs

4
Countries

1250 kB
Transfer

2931 kB
Size

6
Cookies

101 HTTP transactions
3 data transactions