www.hogwartsishere.com Open in urlscan Pro
2600:3c03:1::68ed:94d1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hogwartsishere.com/1639971/
Submission: On August 27 via manual (August 27th 2024, 1:17:27 pm UTC) from IN — Scanned from CA

Summary HTTP 223 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 62 IPs in 4 countries across 54 domains to perform 223 HTTP transactions. The main IP is 2600:3c03:1::68ed:94d1, located in Cedar Knolls, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.hogwartsishere.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 1st 2023. Valid for: a year.

This is the only time www.hogwartsishere.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2600:3c03:1::... 2600:3c03:1::68ed:94d1	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
23	45.79.154.113 45.79.154.113	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
4	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
6	104.18.20.206 104.18.20.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2008	15169 (GOOGLE) (GOOGLE)
13	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
2	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
9	34.160.152.31 34.160.152.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:21d... 2600:9000:21dd:c800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
15	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
2	34.111.152.239 34.111.152.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
9	142.250.65.238 142.250.65.238	15169 (GOOGLE) (GOOGLE)
2	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::ac43:4acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700:10:... 2606:4700:10::6816:4ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.80.100 142.250.80.100	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.81.230 142.250.81.230	15169 (GOOGLE) (GOOGLE)
3	108.138.115.149 108.138.115.149	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:246e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.25.174.97 52.25.174.97	16509 (AMAZON-02) (AMAZON-02)
1	34.120.111.33 34.120.111.33	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 5	35.244.193.51 35.244.193.51	15169 (GOOGLE) (GOOGLE)
2	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
2 4	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
4	74.119.117.17 74.119.117.17	19750 (AS-CRITEO) (AS-CRITEO)
5	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 13	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	34.107.165.188 34.107.165.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.193.40.21 34.193.40.21	14618 (AMAZON-AES) (AMAZON-AES)
1 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
2	35.89.160.156 35.89.160.156	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b150:c220:7fa2:182e:6e62	14618 (AMAZON-AES) (AMAZON-AES)
1	3.94.51.155 3.94.51.155	14618 (AMAZON-AES) (AMAZON-AES)
1	34.36.214.49 34.36.214.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.45.193.13 23.45.193.13	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.85.61.54 52.85.61.54	16509 (AMAZON-02) (AMAZON-02)
3	74.119.117.6 74.119.117.6	19750 (AS-CRITEO) (AS-CRITEO)
1	108.138.106.108 108.138.106.108	16509 (AMAZON-02) (AMAZON-02)
2	18.173.140.223 18.173.140.223	16509 (AMAZON-02) (AMAZON-02)
3	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	207.65.37.179 207.65.37.179	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.206.47.50 34.206.47.50	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.203.179.38 23.203.179.38	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.138.128.46 108.138.128.46	16509 (AMAZON-02) (AMAZON-02)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::6812:296a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.44.201.209 23.44.201.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2620:100:a00b::4 2620:100:a00b::4	() ()
1 1	3.227.196.50 3.227.196.50	() ()
1 1	34.111.113.62 34.111.113.62	() ()
1 1	207.65.37.181 207.65.37.181	() ()
1 1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:d	() ()
3 3	50.57.31.206 50.57.31.206	() ()
1 1	68.67.179.164 68.67.179.164	() ()
1 1	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
223	62

2 2600:3c03:1::68ed:94d1 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

www.hogwartsishere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 45.79.154.113 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1253-113.members.linode.com

burrow.hogwartsishere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.20.206 (None, )

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:c800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.251.40.226 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com

optimise.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.65.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4acf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freestar-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:4ad8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.115.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-149.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.25.174.97 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-174-97.us-west-2.compute.amazonaws.com

pb-rtd.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pb-ing.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com

cdn.edkt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.193.51 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a00b::12 (United States) 2 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 162.19.138.83 (Frankfurt am Main, Germany) 8 redirects

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.165.188 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.165.107.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.40.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-40-21.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)

7c1999e5523e795555b0392cc542401d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.89.160.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-89-160-156.us-west-2.compute.amazonaws.com

pb-ing.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:c220:7fa2:182e:6e62 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.94.51.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-51-155.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com

pa.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.193.13 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-193-13.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.61.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-54.ewr53.r.cloudfront.net

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.117.6 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-108.jfk50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.140.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-140-223.jfk52.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.37.179 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.47.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-47-50.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.179.38 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-179-38.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:296a (United States)

ASN13335 (CLOUDFLARENET, US)

ex.ingage.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.44.201.209 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-209.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::4 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.227.196.50 (None, ) 1 redirects

ASN- ()

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.113.62 (None, ) 1 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.37.181 (None, ) 1 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:d (None, ) 1 redirects

ASN- ()

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.57.31.206 (None, ) 3 redirects

ASN- ()

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.179.164 (None, ) 1 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.66 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	hogwartsishere.com www.hogwartsishere.com burrow.hogwartsishere.com	2 MB
18	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 ad.doubleclick.net — Cisco Umbrella Rank: 210 cm.g.doubleclick.net — Cisco Umbrella Rank: 363	266 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203 7c1999e5523e795555b0392cc542401d.safeframe.googlesyndication.com	326 KB
15	pub.network a.pub.network — Cisco Umbrella Rank: 7353 d.pub.network — Cisco Umbrella Rank: 7910 c.pub.network — Cisco Umbrella Rank: 7429	346 KB
14	id5-sync.com 8 redirects id5-sync.com — Cisco Umbrella Rank: 645 cdn.id5-sync.com — Cisco Umbrella Rank: 1233	43 KB
13	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662 www.google.com — Cisco Umbrella Rank: 10	76 KB
10	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 553 mug.criteo.com — Cisco Umbrella Rank: 2813 bidder.criteo.com — Cisco Umbrella Rank: 944	3 KB
6	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 2328 a.ad.gt — Cisco Umbrella Rank: 2521 p.ad.gt Failed ids.ad.gt Failed	60 KB
6	33across.com 2 redirects lexicon.33across.com — Cisco Umbrella Rank: 2352 cdn-ima.33across.com — Cisco Umbrella Rank: 1594	7 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 394 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 999 aax.amazon-adsystem.com — Cisco Umbrella Rank: 501 s.amazon-adsystem.com Failed	87 KB
6	btloader.com 1 redirects btloader.com — Cisco Umbrella Rank: 1573 api.btloader.com — Cisco Umbrella Rank: 1813	20 KB
5	ccgateway.net pb-rtd.ccgateway.net — Cisco Umbrella Rank: 12771 pb-ing.ccgateway.net — Cisco Umbrella Rank: 9011	1 KB
4	adsrvr.org 1 redirects match.adsrvr.org — Cisco Umbrella Rank: 505	1 KB
4	liadm.com 1 redirects idx.liadm.com — Cisco Umbrella Rank: 2445 rp.liadm.com — Cisco Umbrella Rank: 1645 rp4.liadm.com — Cisco Umbrella Rank: 4911	2 KB
4	adtrafficquality.google ep1.adtrafficquality.google ep2.adtrafficquality.google	32 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
3	semasio.net 3 redirects uipglob.semasio.net	2 KB
3	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1187	880 B
3	pubmatic.com 1 redirects ads.pubmatic.com — Cisco Umbrella Rank: 855 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 744 image2.pubmatic.com Failed image6.pubmatic.com	460 B
2	ingage.tech ex.ingage.tech — Cisco Umbrella Rank: 8414 Failed
2	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 3211	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 612	257 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1603	1 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 2804	122 KB
2	optimise.net optimise.net — Cisco Umbrella Rank: 8494	5 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2337 pixel.quantserve.com — Cisco Umbrella Rank: 1616	10 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	70 KB
1	sonobi.com 1 redirects sync.go.sonobi.com	644 B
1	gumgum.com 1 redirects rtb.gumgum.com	273 B
1	tapad.com pixel.tapad.com Failed	27 B
1	adnxs.com secure.adnxs.com Failed ib.adnxs.com	1 KB
1	criteo.net static.criteo.net	31 KB
1	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 3403	296 B
1	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1256 bcp.crwdcntrl.net Failed	13 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1622	17 KB
1	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 952 Failed	230 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 1534 Failed	828 B
1	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1853 Failed	270 B
1	openx.net pa.openx.net — Cisco Umbrella Rank: 5140 u.openx.net Failed
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1369	284 B
1	edkt.io cdn.edkt.io — Cisco Umbrella Rank: 9270	7 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2589	12 KB
1	videoplayerhub.com 1 redirects freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 11720	667 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 2075	642 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	93 KB
0	ampproject.org Failed cdn.ampproject.org Failed
0	turn.com Failed d.turn.com Failed
0	360yield.com Failed ad.360yield.com Failed
0	rubiconproject.com Failed token.rubiconproject.com Failed
0	3lift.com Failed tlx.3lift.com Failed
0	t13.io Failed s2s.t13.io Failed
223	54

	Domain	Requested by
23	burrow.hogwartsishere.com	www.hogwartsishere.com burrow.hogwartsishere.com
13	id5-sync.com	8 redirects a.pub.network cdn.id5-sync.com
13	pagead2.googlesyndication.com	www.hogwartsishere.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	securepubads.g.doubleclick.net	a.pub.network securepubads.g.doubleclick.net www.hogwartsishere.com pagead2.googlesyndication.com
8	c.pub.network	a.pub.network
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	a.pub.network	www.hogwartsishere.com a.pub.network
5	id.hadron.ad.gt	a.pub.network cdn.hadronid.net
5	lexicon.33across.com	2 redirects cdn-ima.33across.com
4	pb-ing.ccgateway.net	a.pub.network
4	match.adsrvr.org	1 redirects a.pub.network
4	mug.criteo.com
4	gum.criteo.com	2 redirects
4	fonts.googleapis.com	www.hogwartsishere.com burrow.hogwartsishere.com securepubads.g.doubleclick.net
3	uipglob.semasio.net	3 redirects
3	lb.eu-1-id5-sync.com	a.pub.network cdn.id5-sync.com
3	api.btloader.com	freestar-io.videoplayerhub.com
3	c.amazon-adsystem.com	a.pub.network c.amazon-adsystem.com
3	tpc.googlesyndication.com	ep2.adtrafficquality.google www.hogwartsishere.com securepubads.g.doubleclick.net
3	btloader.com	1 redirects freestar-io.videoplayerhub.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	bidder.criteo.com	a.pub.network
2	ex.ingage.tech	a.pub.network
2	hb.yellowblue.io	a.pub.network
2	7c1999e5523e795555b0392cc542401d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	idx.liadm.com	a.pub.network
2	ups.analytics.yahoo.com	a.pub.network
2	ad-delivery.net
2	www.google.com	ep2.adtrafficquality.google www.hogwartsishere.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com
2	cdn.confiant-integrations.net	a.pub.network cdn.confiant-integrations.net
2	ep1.adtrafficquality.google	pagead2.googlesyndication.com
2	optimise.net	a.pub.network
2	www.facebook.com	www.hogwartsishere.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	www.hogwartsishere.com connect.facebook.net
2	www.hogwartsishere.com	burrow.hogwartsishere.com
1	cm.g.doubleclick.net	1 redirects
1	ib.adnxs.com	1 redirects
1	sync.go.sonobi.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	rtb.gumgum.com	1 redirects
1	pixel.tapad.com
1	static.criteo.net	a.pub.network
1	qsearch-a.akamaihd.net
1	cdn.id5-sync.com	www.hogwartsishere.com
1	cdn-ima.33across.com	www.hogwartsishere.com
1	tags.crwdcntrl.net	www.hogwartsishere.com
1	secure.cdn.fastclick.net	www.hogwartsishere.com
1	a.ad.gt	cdn.hadronid.net
1	hbopenbid.pubmatic.com	a.pub.network
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	ads.yieldmo.com	a.pub.network
1	prebid.media.net	a.pub.network
1	grid.bidswitch.net	a.pub.network
1	ads.pubmatic.com	a.pub.network
1	pa.openx.net	a.pub.network
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	api.rlcdn.com	a.pub.network
1	cdn.edkt.io	a.pub.network
1	pb-rtd.ccgateway.net	a.pub.network
1	cdn.hadronid.net	a.pub.network
1	ad.doubleclick.net	www.hogwartsishere.com
1	freestar-io.videoplayerhub.com	1 redirects
1	pixel.quantserve.com	www.hogwartsishere.com
1	www.google-analytics.com	www.googletagmanager.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	www.hogwartsishere.com
1	d.pub.network	www.hogwartsishere.com
1	www.googletagmanager.com	www.hogwartsishere.com
0	cdn.ampproject.org Failed	securepubads.g.doubleclick.net
0	bcp.crwdcntrl.net Failed	tags.crwdcntrl.net
0	d.turn.com Failed
0	u.openx.net Failed
0	ad.360yield.com Failed
0	token.rubiconproject.com Failed
0	image2.pubmatic.com Failed
0	secure.adnxs.com Failed
0	ids.ad.gt Failed
0	p.ad.gt Failed	a.ad.gt
0	s.amazon-adsystem.com Failed	c.amazon-adsystem.com
0	tlx.3lift.com Failed	a.pub.network
0	s2s.t13.io Failed	a.pub.network
223	85

This site contains links to these domains. Also see Links.

Domain
fynix.io
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com
www.fb.com
www.twitter.com
ads.freestar.com

Subject Issuer	Validity	Valid
hogwartsishere.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-01` - `2024-10-20`	a year	crt.sh
burrow.hogwartsishere.com R11	`2024-08-11` - `2024-11-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
pub.network WE1	`2024-07-21` - `2024-10-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-05` - `2024-09-03`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
d.pub.network WR3	`2024-07-17` - `2024-10-15`	3 months	crt.sh
quantserve.com R11	`2024-08-23` - `2024-11-21`	3 months	crt.sh
optimise.net WR3	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
adtrafficquality.google WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
confiant-integrations.net WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
btloader.com WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
ad-delivery.net WE1	`2024-07-15` - `2024-10-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
c.pub.network WR3	`2024-07-14` - `2024-10-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
hadronid.net WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
ccgateway.net E5	`2024-08-07` - `2024-11-05`	3 months	crt.sh
edkt.io WR3	`2024-08-03` - `2024-11-01`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-30` - `2025-01-22`	6 months	crt.sh
id.hadron.ad.gt WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
*.id5-sync.com E6	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2024-07-31` - `2025-08-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
api.btloader.com WR3	`2024-08-02` - `2024-10-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-26` - `2024-11-20`	3 months	crt.sh
pa.openx.net WR3	`2024-07-22` - `2024-10-20`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.yellowblue.io Amazon RSA 2048 M03	`2024-03-18` - `2025-04-16`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.eu-1-id5-sync.com R10	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-16` - `2024-10-16`	3 months	crt.sh
prebid.media.net WR3	`2024-08-09` - `2024-11-07`	3 months	crt.sh
*.yieldmo.com Amazon RSA 2048 M03	`2024-07-15` - `2025-08-14`	a year	crt.sh
a.ad.gt WE1	`2024-08-07` - `2024-11-05`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-07` - `2025-08-07`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
id5-sync.com WE1	`2024-08-02` - `2024-10-31`	3 months	crt.sh
*.ingage.tech Sectigo RSA Organization Validation Secure Server CA	`2024-08-01` - `2025-08-11`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2024-04-18` - `2025-04-19`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-27` - `2024-09-24`	3 months	crt.sh
lexicon.33across.com WR3	`2024-07-11` - `2024-10-09`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://www.hogwartsishere.com/1639971/
Frame ID: 22FD5096119FE0984782C63C237C81A4
Requests: 172 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240822/r20110914/zrt_lookup_fy2021.html
Frame ID: 4951DA5666CBB29CC13DB96DD92C6178
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2131671202406978&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1724764630&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C128x1080_r&format=0x0&url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_7~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724764629713&bpp=20&bdt=3203&idt=1222&shv=r20240822&mjsv=m202408210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3930869338816&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95332924%2C95334830%2C95338228&oid=2&pvsid=3068643160611746&tmod=468884502&uas=0&nvt=1&fsapi=1&fc=1920&brdim=340%2C340%2C340%2C340%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1287
Frame ID: 5723CB0814615415ECAD10D67812E528
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240822/r20110914/zrt_lookup_fy2021.html
Frame ID: E37844FBE608EB6C9287EC15D500D6C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240822/r20110914/zrt_lookup_fy2021.html
Frame ID: 17551189932B5E4A0BB7262AF17CE9F4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 945851D05A575013FD11E7B6D6ABC755
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1FE02375F3FCEE035E70907D3748C8F6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: F1EEA90CEEFD51340587697E09029253
Requests: 1 HTTP requests in this frame

Frame: https://7c1999e5523e795555b0392cc542401d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9D90D9694DA6C68FDFB8756773F7CD49
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 76BCB2E7E407EFFDF568499612513A80
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: FC469D2C0EE56777428ABE6C2A5422DE
Requests: 1 HTTP requests in this frame

Frame: https://7c1999e5523e795555b0392cc542401d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D31ED0C88AFA2622DEC02423316FBCA0
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_n-LoopMe_rx_n-MediaNet_ox-db5_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-Vidazoo_n-nativo_gg_n-adMediaV1_n-Beeswax_smrt_n-inmobi_cnv_n-sharethrough_rbd_ppt_an-db5_n-Rise_3lift
Frame ID: B88CC34C6AE408FF3974F412F206AEE8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022406241625000/amp4ads-v0.mjs
Frame ID: 4DB17A4C9B5B6229AB295E4D58DE771A
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYjhQupHOogMctAaqGg2WFN4zkYTQkEFF2uEqr8pNhAc22A9HhVoidEvEircPWSTW71QBuCR3BCuj3_gIzDnSoihmWwGNZq2WJxEWrdxtIvJXzXQaNgVXApDN52Xv-d57xBOmYRc_xSXSpH6MO3YfqWCYy53gBHFziSL8p-O9b7mZXpVMBXnThtzcFLVlhFg7DUBN2Y0zvJCaOKGaOnaW95oX7AqHqNd7fbHNu6uF6I1O7Wnff9L6VJasnTNWPZQAnihbiulYuBggBZB9KZ0ZUSV2qRo-rgQFHIafE0aG9aBoBptCuH3c7SNBKkReujQrDaoA-6Kw0t-IG2axKSbmZ2dS1EnBY0z8qaDZMEuyzPmH2KtFoSHnnsphh4a1O5jltZIg_I6A42w&sai=AMfl-YRCcCnCUGVfkwJoE0vfd8droGu856rBvWTbycANlT7HHf7copcPREnSjOt1HmC5pk3B7FDxaPcI9Qyin_u8xkVfjcgfDx_9Zi_80J9aXP_2vLITFLSqvkvpSeI4hBU&sig=Cg0ArKJSzIYZXzd3qRmmEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 290D97BAFEECE0A41F0ACD91AFEDC14D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2131671202406978&output=html&h=100&slotname=4019111808&adk=900731310&adf=735837974&pi=t.ma~as.4019111808&w=320&abgtt=1&lmt=1724764638&format=320x100&url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724764638537&bpp=4&bdt=530&idt=127&shv=r20240822&mjsv=m202408210101&ptt=9&saldr=aa&cookie=ID%3Dbbbd727a14fbe6b5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MYxgvIjv8OczAJAY9H13FEuQAzmcQ&gpic=UID%3D00000ed5f1efa5f7%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MbY_u-0Sr29zISQMueaTRZlhET85Q&eo_id_str=ID%3Da0046d26b19c07d5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DAA-Afja0HB8wgrjqqhLjeYxu0cu7&correlator=3930869338816&frm=23&ife=4&pv=1&nhd=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=621&ady=1100&biw=1600&bih=1200&isw=320&ish=100&ifk=2880384866&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C44795921%2C95334829%2C95338227%2C21065724&oid=2&pvsid=1964767672560092&tmod=468884502&uas=0&nvt=1&fc=896&brdim=340%2C340%2C340%2C340%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.mxtryox0cp5j&fsb=1&dtd=254
Frame ID: 252AB9B99C88EC7410B9F208BB087471
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2131671202406978&output=html&adk=1812271804&adf=2751417939&abgtt=1&lmt=1724764638&plat=1%3A16777216%2C2%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C128x945_r&format=0x0&url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_18~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724764638537&bpp=6&bdt=531&idt=147&shv=r20240822&mjsv=m202408210101&ptt=9&saldr=aa&cookie=ID%3Dbbbd727a14fbe6b5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MYxgvIjv8OczAJAY9H13FEuQAzmcQ&gpic=UID%3D00000ed5f1efa5f7%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MbY_u-0Sr29zISQMueaTRZlhET85Q&eo_id_str=ID%3Da0046d26b19c07d5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DAA-Afja0HB8wgrjqqhLjeYxu0cu7&prev_fmts=320x100&nras=1&correlator=3930869338816&frm=23&ife=4&pv=1&nhd=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=320&ish=100&ifk=2880384866&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C44795921%2C95334829%2C95338227%2C21065724&oid=2&pvsid=1964767672560092&tmod=468884502&uas=0&nvt=1&fsapi=1&fc=896&brdim=340%2C340%2C340%2C340%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.71v1z44u4g2x&fsb=1&dtd=260
Frame ID: 7DD4A726A94E064566DB479A17F54479
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A7B61B0DDE761F27A60E1F54DE063482
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4072E0B1D9D0E98188B29CB48B9750E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fynix.io (Gryffindor) | Hogwarts is Here

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

223
Requests

78 %
HTTPS

34 %
IPv6

54
Domains

85
Subdomains

62
IPs

4
Countries

3740 kB
Transfer

7918 kB
Size

43
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://fynix.io/
Title: https://fynix.io/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fynixio/
Title: https://www.facebook.com/fynixio/

Search URL Search Domain Scan URL

URL: https://twitter.com/fynixio
Title: https://twitter.com/fynixio

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@Fynixio
Title: https://www.youtube.com/@Fynixio

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fynixio
Title: https://www.linkedin.com/company/fynixio

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fynixio/
Title: https://www.instagram.com/fynixio/

Search URL Search Domain Scan URL

URL: http://www.fb.com/hogwartsisherefb

Search URL Search Domain Scan URL

URL: http://www.twitter.com/hogwartsishere

Search URL Search Domain Scan URL

URL: https://ads.freestar.com/?utm_campaign=branding&utm_medium=${product}&utm_source=${window.freestar.fsdata.domain}&utm_content=${this.placement.name}
Title: Freestar.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=freestar-io&upapi=true HTTP 302
https://btloader.com/tag?v=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&h=freestar-io&upapi=true

Request Chain 87

https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.7&coppa=0 HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.7&coppa=0&b=1&tp=zWs0ZJheqGyXlErzFmKhJiqNOarIJPrzjAZKx3Dh3%2F0%3D

Request Chain 89

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hogwartsishere.com%2F&domain=www.hogwartsishere.com&cw=1&lsw=1&gdpr=0 HTTP 302
https://mug.criteo.com/sid?cpp=yBzmqXxpRmtNQXU0Qjhia0VLYTMxUzdoRFhoK3Z6RmI2ZTBQeHVYNUJ1YnZLOThUSXRXWEx0dEFqdm9ObkYrOHhiSVBIZkVQU3E5ZC9CRTJyQ3Z4SzJrbE5vUEJCT0p4VmQ4Q2ZPYS9LVnM5SDlwa1hZOFphN1Q4VnhvTlpubXdJQjdBcWhoUnl1U1pXUE5DTFNqMVRoeEh1QTdESVBhRVh5OXBBMjhOZVFLanJMSDFBVEVhak40UDZPNkk0NHNrVUpHZkE3VlBURVNJbDU4MGZqTVk1Uk1JcVRsa0VmMlJ3dW82TldRWFNkZ051Yklvc1JlTzhDNGZXMU1FQ1FoRmkxNnFZb1pJSmpoWTYzMTQ5ZmdrZW5IbEtoZz09fA&cppv=2

Request Chain 95

https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.7&coppa=0 HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.7&coppa=0&b=1&tp=BbBYM9sxCX3%2BEgvgagCzDlHAPCAe0jVrcGXnBaxbtyA%3D

Request Chain 97

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hogwartsishere.com%2F&domain=www.hogwartsishere.com&cw=1&lsw=1&gdpr=0 HTTP 302
https://mug.criteo.com/sid?cpp=ynPQvnx4ZzJ3VjN5a0RTODBGWXhSTEViY2l2aFRXUkhSa2VRV2JhUkRSVmlsMndKMEMvUVd2K0NYK2Q1MGs1d05WQUd4cHU3dUZHbFM4bVlFQ2huK1hMOWFzY1h1MGEycFVFYVlNS0R5QzZZN2syazdUdGZxcVNleDBQS1k2RGZZdlNWOFRQU0NjOVhZZUVsc2RSY1licDF3RkRaYUdocXJRc1dIcnViWGpwOEpGQTk2VlR0d1FrdytVMnlrd3E0WnFvVERSQzJ4ZjlWWEl5ZEpUSnVNaFVYYmtZRnVPTEF5Yk8wbmZRVmsyYUJvS0o1UkF1SElEbGpWbnZ3dFZMUFllTXJKMkt2YTBlMmxLMlExTlBMNTZwSVNCUT09fA&cppv=2

Request Chain 113

https://rp.liadm.com/j?dtstmp=1724764634835&did=did-0047&se=e30&duid=bda1e59b84f8--01j69zqf2rnjb70ybbh9g89y51&tv=8.49.7&pu=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&wpn=prebid&gdpr=0&cd=.hogwartsishere.com HTTP 302
https://rp4.liadm.com/j?dtstmp=1724764634835&did=did-0047&se=e30&duid=bda1e59b84f8--01j69zqf2rnjb70ybbh9g89y51&tv=8.49.7&pu=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&wpn=prebid&gdpr=0&cd=.hogwartsishere.com&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjY%3D

Request Chain 164

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001724764636-7HM2ATSK-MZ6V&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V%26adnxs_id%3D%24UID%26gdpr%3D0

Request Chain 165

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001724764636-7HM2ATSK-MZ6V&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=e59896bc-a246-4956-ab7f-a4b90073b588&id=AU1D-0100-001724764636-7HM2ATSK-MZ6V

Request Chain 166

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V

Request Chain 168

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001724764636-7HM2ATSK-MZ6V&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001724764636-7HM2ATSK-MZ6V&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V%26tapad_id%3D%24%7BTA_DEVICE_ID%7D

Request Chain 169

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001724764636-7HM2ATSK-MZ6V HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001724764636-7HM2ATSK-MZ6V&google_gid=CAESEJBAJHUutmFkWykqQN_UcKY&google_cver=1&google_ula=450542624,0

Request Chain 200

https://id5-sync.com/i/882/8.gif?o=api&id5id=ID5*TS2hb9cM26KW0Cj0PwztNdfvGV1e5u0dFR9oUS9B_aC-2XGRBsmMOpeXiI7XcDEe&gdpr_consent=undefined&gdpr=false HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F441%2F7%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/882/441/7/2.gif?puid=u_67c1c9a1-3143-418e-a4ef-7ae19cb01af8&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F108%2F6%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/882/108/6/3.gif?puid=521143ca-3774-49ca-97a4-64f604d92cd4&gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F429%2F5%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/882/429/5/4.gif?puid=D77D6F54-4834-4079-BA1E-F623A5C4ADF5&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=e59896bc-a246-4956-ab7f-a4b90073b588&ttl=%%TTL%% HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
https://id5-sync.com/c/882/434/3/6.gif?puid=672e2daf-4283-4f43-a1c6-302301c0427f&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/882/112/2/7.gif?puid=64A0BD1688144355&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/882/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/882/2/1/8.gif?puid=6321343210350193360&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NjRBMEJEMTY4ODE0NDM1NQ%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-4a65rkBM-O-cv65GQHpvrqOOByeqekdsU_8LVg1q-g HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEPLaJsfhTitcGItUEPNPGyo&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-4a65rkBM-O-cv65GQHpvrqOOByeqekdsU_8LVg1q-g&google_cver=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8

223 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.hogwartsishere.com/1639971/ 25 KB
9 KB 1461ms
266ms Document
text/html 2600:3c03:1::68ed:94d1
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hogwartsishere.com/1639971/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:3c03:1::68ed:94d1 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ab9c50d4ff8c294038a3c1f32d2c1cbcc0eb1e6739b55a33cc5f0ae984b1e72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

connection: close
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 27 Aug 2024 13:17:06 GMT
referrer-policy: same-origin
server: nginx/1.18.0 (Ubuntu)
transfer-encoding: chunked
vary: Cookie
x-content-type-options: nosniff
x-frame-options: DENY

GET
H/1.1 200
OK bootstrap.min.css
burrow.hogwartsishere.com/static//ubold/css/config/purple/ 185 KB
185 KB 820ms
82ms Stylesheet
text/css 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/css/config/purple/bootstrap.min.css
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 76261f0cf1e114619e492dd9502126c189a3819bda96b6ab0956a61c61393a83

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:07 GMT
Last-Modified: Sun, 16 May 2021 21:15:10 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b5e-2e3a4"
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 189348

GET
H/1.1 200
OK app.min.css
burrow.hogwartsishere.com/static//ubold/css/config/purple/ 125 KB
126 KB 820ms
83ms Stylesheet
text/css 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/css/config/purple/app.min.css
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 067a944232e759ba3ecb8e24b439a85111909a3388151bf9bbc95cce4c85a970

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:07 GMT
Last-Modified: Sun, 16 May 2021 21:15:11 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b5f-1f59e"
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128414

GET
H/1.1 200
OK bootstrap-dark.min.css
burrow.hogwartsishere.com/static//ubold/css/config/purple/ 185 KB
185 KB 819ms
83ms Stylesheet
text/css 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/css/config/purple/bootstrap-dark.min.css
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: ea710d3643d7c8c5c4ca2a93079e33d0beae10cdf6671328f62959ccba6848e2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:07 GMT
Last-Modified: Sun, 16 May 2021 21:15:10 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b5e-2e440"
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 189504

GET
H/1.1 200
OK app-dark.min.css
burrow.hogwartsishere.com/static//ubold/css/config/purple/ 125 KB
125 KB 818ms
82ms Stylesheet
text/css 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/css/config/purple/app-dark.min.css
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 0ac41c47dbc6685c9e39788096a46fb155e0a0b63b56bfa6c07d05777144a8fe

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:07 GMT
Last-Modified: Sun, 16 May 2021 21:15:09 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b5d-1f3ce"
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 127950

GET
H/1.1 200
OK icons.min.css
burrow.hogwartsishere.com/static//ubold/css/ 389 KB
390 KB 819ms
83ms Stylesheet
text/css 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 4144e29632334fb2f188059c67c96f43d14796ffea4b844440d9954484afc24e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:07 GMT
Last-Modified: Sun, 16 May 2021 21:13:51 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b0f-61519"
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 398617

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 764ms
57ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cormorant:wght@400;500;700&display=swap

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1292a80d9f49a6b8791039ac9dc5f770da7ae92ad22ad7b5f84da8961f4bf23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Aug 2024 13:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Aug 2024 13:17:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Aug 2024 13:17:07 GMT

GET
H3 200 cls.css
a.pub.network/core/pubfig/ 2 KB
1 KB 399ms
81ms Stylesheet
text/css 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.pub.network/core/pubfig/cls.css

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 2880
x-guploader-uploadid: AHxI1nNNwtMIaHyfrO5btYYHSvKgivWBpidAJD2LE_iJ8znIz_ieatecyyGHg-KxVTUZ7bgYOtE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 28 Oct 2022 14:36:10 GMT
server: cloudflare
etag: W/"816783146b3907e634d0e822ca759864"
vary: Accept-Encoding
x-goog-generation: 1666967770269941
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 2096
cf-ray: 8b9c570a1d8e36a6-YYZ
expires: Tue, 27 Aug 2024 14:17:07 GMT

GET
H3 200 pubfig.min.js Show response
a.pub.network/hogwartsishere-com/ 38 KB
15 KB 115ms
87ms Script
application/javascript 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.pub.network/hogwartsishere-com/pubfig.min.js

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

962d34734a8ab2bdf7cebfc9720241b1d2b82e152a7310eac80fbc0c0c113807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 407600
x-guploader-uploadid: AHxI1nMtP2l4BIXbcGNJJG5Udcd4Ch6Rr-zx_nxNEtNGHjtA2eHR6wPv5SxpKF7ppsKnBHY_b7w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 22 Aug 2024 20:01:55 GMT
server: cloudflare
etag: W/"eaa8420de36d7a26bedb9e4345534d45"
vary: Accept-Encoding
x-goog-generation: 1724356915229527
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=2XKSTA==, md5=6qhCDeNteia+255DRVNNRQ==
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 38605
cf-ray: 8b9c57132d2c36a6-YYZ
link: <https://d.pub.network/v2/sites/hogwartsishere-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires: Tue, 27 Aug 2024 14:17:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
93 KB 485ms
84ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W8JV9KJ9MK

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e955ec19b5da9c456119c393e4cd8dd8314949c4fc95ac5dcc91117056087831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Aug 2024 13:17:09 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 322ms
58ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

ffd3cc7cc4bb06f749c44c594efa0c881ca6513ee5317b111d7cc43bee7725e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52202
x-xss-protection: 0
server: cafe
etag: 9043140795810443319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 27 Aug 2024 13:17:09 GMT

GET
H/1.1 200
OK face.jpg
burrow.hogwartsishere.com/static//fawkes/ 14 KB
14 KB 229ms
92ms Image
image/jpeg 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/face.jpg
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 20a1ec59026619d78da1d6ea821a8830e632fe0f1c5312c31692c725e127c635

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:07 GMT
Last-Modified: Sun, 30 May 2021 22:15:00 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60b40e64-38a9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14505

GET
H/1.1 200
OK logo-sm.png
burrow.hogwartsishere.com/static//fawkes/ 51 KB
51 KB 46ms
41ms Image
image/png 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/logo-sm.png
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: e9a67c969c3bc952b413cb394d3f1bc233569aed96d8b71c5222e726de75fad7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:07 GMT
Last-Modified: Sun, 06 Jun 2021 20:46:49 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60bd3439-cb47"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52039

GET
H/1.1 200
OK logo_shadow.png
burrow.hogwartsishere.com/static//fawkes/ 68 KB
69 KB 90ms
65ms Image
image/png 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/logo_shadow.png
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 53b5689b00c27570b4124f51080a30cb74efc5a4b41986aed979e8ec015201bb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:08 GMT
Last-Modified: Mon, 31 May 2021 07:13:17 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60b48c8d-111e4"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70116

GET
H/1.1 200
OK us.png
burrow.hogwartsishere.com/storage/flags/ 564 B
843 B 65ms
37ms Image
image/png 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/storage/flags/us.png
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 661252a9d6ab335398c62468651164c288aab4d17fafa3f23f81beceb1df248b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:08 GMT
Last-Modified: Tue, 08 Nov 2016 05:07:02 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "58215d76-234"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 564

GET
H/1.1 200
OK vendor.min.js Show response
burrow.hogwartsishere.com/static//ubold/js/ 314 KB
314 KB 73ms
69ms Script
application/javascript 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/js/vendor.min.js
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 6a225a2413d51727a3b4535fc35f044137bebc005ec0cc8c66ee6a3ca7566f73

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:08 GMT
Last-Modified: Sun, 16 May 2021 21:13:44 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b08-4e7b4"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 321460

GET
H/1.1 200
OK app.min.js Show response
burrow.hogwartsishere.com/static//ubold/js/ 18 KB
19 KB 54ms
53ms Script
application/javascript 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/js/app.min.js
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 20075c2cfe67e6d4e34cd1e20f00f8baca61043cc703869fcd7b11dec45ba367

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:08 GMT
Last-Modified: Sun, 16 May 2021 21:13:43 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b07-4931"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18737

GET
H/1.1 200
OK potterify.js Show response
burrow.hogwartsishere.com/storage/js/ 1 KB
2 KB 69ms
27ms Script
application/javascript 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/storage/js/potterify.js
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: dc62adf4113da7057c2c9ae71d462ca022aa0a6136de6e286265989cd2fc3eea

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:08 GMT
Last-Modified: Thu, 20 Aug 2020 22:35:43 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "5f3efabf-5e0"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1504

GET
H/1.1 200
OK fawkes30.js Show response
burrow.hogwartsishere.com/storage/js/ 13 KB
13 KB 47ms
33ms Script
application/javascript 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/storage/js/fawkes30.js
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: bdebac216fe968e22edaead95a1004711d7c9fde77e93e81be2f53e9d62dd7ec

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:08 GMT
Last-Modified: Mon, 21 Jun 2021 04:10:01 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60d01119-33a6"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13222

GET
H2 200 css
fonts.googleapis.com/ 6 KB
723 B 76ms
50ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,600,700,900

Requested by

Host: burrow.hogwartsishere.com
URL: https://burrow.hogwartsishere.com/static//ubold/css/config/purple/app-dark.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8874b008340d07584e5725e6c0a47e9304a858fe776e3171e6b5d2235fb053e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Aug 2024 13:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Aug 2024 12:53:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Aug 2024 13:17:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
535 B 73ms
48ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Requested by

Host: burrow.hogwartsishere.com
URL: https://burrow.hogwartsishere.com/static//ubold/css/config/purple/app-dark.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdc4fbe3955fbda893be7db7ca633d8053aaf30a616e47677d9bcb07fcdd7ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Aug 2024 13:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Aug 2024 11:27:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Aug 2024 13:17:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
0 8ms
8ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Requested by

Host: burrow.hogwartsishere.com
URL: https://burrow.hogwartsishere.com/static//ubold/css/config/purple/bootstrap-dark.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdc4fbe3955fbda893be7db7ca633d8053aaf30a616e47677d9bcb07fcdd7ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Aug 2024 11:27:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Aug 2024 13:17:08 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 439ms
30ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Aug 2024 13:17:09 GMT
document-policy: force-load-at-top
x-fb-server-load: 62
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58912
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4482, tp=12, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: R/yq4Oy9iu+Co6Eu0mnVvKp0+MNEoh/RBJzq2T/5jKY9rtzRkvdmOP8FO80Ioaz40PTTnH/va5VsKWBusYTjXw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK logo-sm.png
burrow.hogwartsishere.com/static//fawkes/ 51 KB
0 45ms
45ms Image
image/png 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/logo-sm.png
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: e9a67c969c3bc952b413cb394d3f1bc233569aed96d8b71c5222e726de75fad7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:07 GMT
Last-Modified: Sun, 06 Jun 2021 20:46:49 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60bd3439-cb47"
Content-Type: image/png
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 52039

GET
H/1.1 200
OK logo_shadow.png
burrow.hogwartsishere.com/static//fawkes/ 68 KB
0 45ms
45ms Image
image/png 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/logo_shadow.png
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 53b5689b00c27570b4124f51080a30cb74efc5a4b41986aed979e8ec015201bb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:08 GMT
Last-Modified: Mon, 31 May 2021 07:13:17 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60b48c8d-111e4"
Content-Type: image/png
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 70116

GET
H/1.1 200
OK face.jpg
burrow.hogwartsishere.com/static//fawkes/ 14 KB
0 45ms
45ms Image
image/jpeg 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/face.jpg
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 20a1ec59026619d78da1d6ea821a8830e632fe0f1c5312c31692c725e127c635

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:07 GMT
Last-Modified: Sun, 30 May 2021 22:15:00 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60b40e64-38a9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 14505

GET
H/1.1 200
OK Fynix.io__Logo-03.jpg
burrow.hogwartsishere.com/media/profile_covers/ 31 KB
31 KB 71ms
34ms Image
image/jpeg 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/media/profile_covers/Fynix.io__Logo-03.jpg
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 177623615e089c29b0ad1da2891a9779eeee979c9088099d6931f711b0d3915f

Request headers

Referer: https://www.hogwartsishere.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:09 GMT
Last-Modified: Thu, 18 Jul 2024 09:08:40 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "6698db98-7b0e"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31502

GET
H/1.1 200
OK Fynix.io_logo-02.jpg
burrow.hogwartsishere.com/media/profile_photos/ 8 KB
8 KB 71ms
35ms Image
image/jpeg 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/media/profile_photos/Fynix.io_logo-02.jpg
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 0e4ae0d80466e87bb1e5a3bca337762efc36439867e465faa90fd1414f139bc8

Request headers

Referer: https://www.hogwartsishere.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:09 GMT
Last-Modified: Thu, 18 Jul 2024 09:08:59 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "6698dbab-1f40"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8000

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 563ms
16ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hogwartsishere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 13:04:55 GMT
x-content-type-options: nosniff
age: 346334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 13:04:55 GMT

GET
H/1.1 200
OK feather.woff
burrow.hogwartsishere.com/static//ubold/fonts/ 29 KB
29 KB 197ms
109ms Font
application/font-woff 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/fonts/feather.woff?t=1525787366991
Requested by: Host: burrow.hogwartsishere.com
URL: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: ef3c47cb702e040372a3a4bce66d5e0ecc46c56325ec40f8c00b91da0d1d3f46

Request headers

Referer: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Origin: https://www.hogwartsishere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:09 GMT
Last-Modified: Sun, 16 May 2021 21:13:47 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b0b-733c"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29500

GET
H/1.1 200
OK materialdesignicons-webfont.woff2
burrow.hogwartsishere.com/static//ubold/fonts/ 318 KB
318 KB 197ms
108ms Font
application/octet-stream 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/fonts/materialdesignicons-webfont.woff2?v=5.9.55
Requested by: Host: burrow.hogwartsishere.com
URL: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490

Request headers

Referer: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Origin: https://www.hogwartsishere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:09 GMT
Last-Modified: Sun, 16 May 2021 21:13:49 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b0d-4f67c"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 325244

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 562ms
12ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hogwartsishere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 18:13:05 GMT
x-content-type-options: nosniff
age: 500644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Aug 2025 18:13:05 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
burrow.hogwartsishere.com/static//ubold/fonts/ 78 KB
78 KB 201ms
118ms Font
application/octet-stream 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/fonts/fa-solid-900.woff2
Requested by: Host: burrow.hogwartsishere.com
URL: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Origin: https://www.hogwartsishere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:09 GMT
Last-Modified: Sun, 16 May 2021 21:13:47 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b0b-13654"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79444

GET
H/1.1 200
OK themify.woff
burrow.hogwartsishere.com/static//ubold/fonts/ 55 KB
55 KB 200ms
117ms Font
application/font-woff 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/fonts/themify.woff?-fvbane
Requested by: Host: burrow.hogwartsishere.com
URL: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

Referer: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Origin: https://www.hogwartsishere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:09 GMT
Last-Modified: Sun, 16 May 2021 21:13:49 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b0d-db2c"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56108

GET
H2 200 configs
d.pub.network/v2/sites/hogwartsishere-com/ 87 KB
8 KB 448ms
68ms Other
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.pub.network/v2/sites/hogwartsishere-com/configs?env=PROD

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.152.160.34.bc.googleusercontent.com

Software

Resource Hash

9e24f6e8014daa54b549b9c74e07e41756024a68e30b53d56bca9e6d0ff3234a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://www.hogwartsishere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:09 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.hogwartsishere.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
10 KB 447ms
34ms Script
application/javascript 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:09 GMT
content-encoding: gzip
etag: "tIg8n6xaLBY4WwNLLw9OGA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 03 Sep 2024 13:17:09 GMT

GET
H/1.1 200
OK / Show response
www.hogwartsishere.com/posts/do/ 13 B
571 B 284ms
161ms XHR
text/html 2600:3c03:1::68ed:94d1
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hogwartsishere.com/posts/do/?do=get_feed&where=profile&pk=1639971&last_pk=undefined

Requested by

Host: burrow.hogwartsishere.com
URL: https://burrow.hogwartsishere.com/static//ubold/js/vendor.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:3c03:1::68ed:94d1 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7fb9b38af257aabf3474806fe6c9dcf539cf8e21bcc76edefde9703bfd86da90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Referer: https://www.hogwartsishere.com/1639971/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:09 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx/1.18.0 (Ubuntu)
x-frame-options: DENY
vary: Cookie
content-type: text/html; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
connection: close
content-length: 13
expires: Tue, 27 Aug 2024 13:17:09 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/ 431 KB
144 KB 157ms
98ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

e2aad5d8a1c7ceef0920e00ab0e7bd017eb47333a0912f71f76230e288ed6e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147374
x-xss-protection: 0
server: cafe
etag: 10557574620885522582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Aug 2024 13:17:09 GMT

GET
H3 200 908496515906955 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 235ms
231ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/908496515906955?v=2.9.165&r=stable&domain=www.hogwartsishere.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

6bac28b02e44610d09d2d99a6df4321c57367c4549b2343e447754a62979db91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Aug 2024 13:17:09 GMT
document-policy: force-load-at-top
x-fb-server-load: 61
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=68, mss=1232, tbw=67058, tp=65, tpl=0, uplat=111, ullat=0
pragma: public
x-fb-debug: YE25bTFRIGCZ7tCzG379Ju9WuqM9M6Lb2pRKaagtVJf1tmGQJmdFAV5oeoNRg7+3P0FDXZjJ4DFVzkVjmLFgYQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pubfig.engine.js Show response
a.pub.network/hogwartsishere-com/ 405 KB
117 KB 72ms
66ms Script
application/javascript 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.pub.network/hogwartsishere-com/pubfig.engine.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/hogwartsishere-com/pubfig.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a35b31e062ef7b8d43a77265a7fa356eed0a3517fbef08d02e78c64cca416ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 407602
x-guploader-uploadid: AHxI1nOFGIhCyc7OGF6XX2uBfP9d9_sClt4JhXczT7ZFxFnXGAwmVpVqMtc553OXzlxIcbL8Sd4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 22 Aug 2024 20:01:55 GMT
server: cloudflare
etag: W/"97f75a5c290f7ea07604c79ce10da3ce"
vary: Accept-Encoding
x-goog-generation: 1724356915309220
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=SP7smw==, md5=l/daXCkPfqB2BMec4Q2jzg==
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 415089
cf-ray: 8b9c571b8a9936a6-YYZ
expires: Tue, 27 Aug 2024 14:17:10 GMT

GET
H2 200 rules-p-8d90tFdtzPf6a.js Show response
rules.quantcount.com/ 160 B
642 B 533ms
13ms Script
application/javascript 2600:9000:21dd:c800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8d90tFdtzPf6a.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:c800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6edd8bca9c24a024e784d9868170abd8e13f73866848a9059f366afc2069dd70

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 12:23:04 GMT
via: 1.1 dee6858c751ff64f8ae28f155bee69b2.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 3260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:48:02 GMT
server: AmazonS3
etag: "4a2cfa18efd96f414af34b4d882a1d05"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: XwhRSGDp5b9v-wJ_vlg34aucosjW2OXbO4hckWJJozQhgkLnhOrzfg==

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 501ms
36ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=908496515906955&ev=PageView&dl=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&rl=&if=false&ts=1724764630671&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724764630667.942336187884339368&ler=empty&cdl=API_unavailable&it=1724764629839&coo=false&rqm=GET

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=2828, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Aug 2024 13:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 571ms
117ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=908496515906955&ev=PageView&dl=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&rl=&if=false&ts=1724764630671&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724764630667.942336187884339368&ler=empty&cdl=API_unavailable&it=1724764629839&coo=false&rqm=FGET

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 27 Aug 2024 13:17:11 GMT
document-policy: force-load-at-top
x-fb-server-load: 47
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7407807684613163698", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=17, mss=1297, tbw=3146, tp=-1, tpl=-1, uplat=87, ullat=0
pragma: no-cache
x-fb-debug: jidf68o8rUqEcS2CpdDaU3aYvydHb/ad1Ut5hws30y2BBeGPEuZl6tJXfmU7JuDiUALlw9XlEzFb/is/+PCBNA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7407807684613163698"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 254ms
42ms Fetch
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W8JV9KJ9MK&gtm=45je48q0v9167133459za200&_p=1724764628937&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=238644461.1724764631&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1724764630&sct=1&seg=0&dl=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&dt=Fynix.io%20(Gryffindor)%20%7C%20Hogwarts%20is%20Here&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5909
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W8JV9KJ9MK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:17:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240822/r20110914/ Frame 4951 0
0 163ms
37ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240822/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Aug 2024 13:10:31 GMT
etag: 5947459844715414650
expires: Tue, 10 Sep 2024 13:10:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 99ms
99ms Image
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=navbar-custom%20m-announcement&ign=false&pw=1600&ph=1200&x=800&y=0

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:17:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5723 0
0 467ms
419ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2131671202406978&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1724764630&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C128x1080_r&format=0x0&url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_7~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724764629713&bpp=20&bdt=3203&idt=1222&shv=r20240822&mjsv=m202408210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3930869338816&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95332924%2C95334830%2C95338228&oid=2&pvsid=3068643160611746&tmod=468884502&uas=0&nvt=1&fsapi=1&fc=1920&brdim=340%2C340%2C340%2C340%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1287

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45287
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Aug 2024 13:17:11 GMT
expires: Tue, 27 Aug 2024 13:17:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
optimise.net/ 5 KB
5 KB 1966ms
1942ms Fetch
application/json 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=hogwartsishere.com&t=desktop&c=CA&r=1

Requested by

Host: a.pub.network
URL: https://a.pub.network/hogwartsishere-com/pubfig.engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

929b3bbb57957a6280a8ce8a7cb59e91dd78dc5616d9dc58101979e044217ba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

date: Tue, 27 Aug 2024 13:17:11 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
fs-client-rtt: 21
fs-country: CA
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type: application/json
access-control-allow-origin: https://www.hogwartsishere.com
access-control-expose-headers: fs-client-rtt,fs-country
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
expires: 0

OPTIONS
H2 200 /
optimise.net/ Frame 0
0 220ms
55ms Preflight 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=hogwartsishere.com&t=desktop&c=CA&r=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://www.hogwartsishere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://www.hogwartsishere.com
access-control-expose-headers: fs-client-rtt,fs-country
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Tue, 27 Aug 2024 13:17:11 GMT
expires: 0
fs-client-rtt: 16
fs-country: CA
pragma: no-cache
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 pixel;r=1068994279;rf=0;a=p-8d90tFdtzPf6a;url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-787801791-172...
pixel.quantserve.com/ 35 B
455 B 57ms
40ms Image
image/gif 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1068994279;rf=0;a=p-8d90tFdtzPf6a;url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-787801791-1724764630597;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=hogwartsishere.com;dst=1;et=1724764631156;tzo=420;ogl=description.%3Cp%20dir%3D%22ltr%22%3E%3Cspan%20data-sheets-root%3D%221%22%20data-sheets-value%3D%22%7B%26quot%3B1%26quot%3B%3A2%252C%26quo%2Cimage.https%3A%2F%2Fburrow%252Ehogwartsishere%252Ecom%2Fmedia%2Fprofile_covers%2FFynix%252Eio__Logo-03%252Ejpg%2Ctitle.Fynix%252Eio%20(Gryffindor)%20%7C%20Hogwarts%20is%20Here;ses=558fde5c-1b6a-401b-9f63-73247683d5a4;mdl=

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:17:11 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/ 171 KB
58 KB 92ms
91ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

97cda5042ba40b661bfd3b129ea28d28ecc720b98ec6d7d8bbb56ead5b8d67a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58966
x-xss-protection: 0
server: cafe
etag: 4115758418250332796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Aug 2024 13:17:11 GMT

GET
H2 200 ca-pub-2131671202406978 Show response
fundingchoicesmessages.google.com/i/ 202 KB
67 KB 323ms
104ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2131671202406978?href=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c89ee10c8b756460f85ac2eaf0d3a7b7c6c9476b231d5b9b40474887390a2bc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-FbIal6q6U0dk9Y-YMQn1pQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-FbIal6q6U0dk9Y-YMQn1pQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIh-P64u3b2AQmvN13jllJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDC0FLPwCS-wAAAGlQ-zQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVboWpL2GgNHSNiCI29UU8vbOheGtMi8AJiVmW5bkwVdT6Bpuggi2Ebsq89K4x8FlrLYGSx3X3hv3bs2VG_pBCzaA9XZal-uDvMZE2aH3qTG_jJByhGc3qR1Rooic9U5Yaw7SXt8Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 91ms
90ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVboWpL2GgNHSNiCI29UU8vbOheGtMi8AJiVmW5bkwVdT6Bpuggi2Ebsq89K4x8FlrLYGSx3X3hv3bs2VG_pBCzaA9XZal-uDvMZE2aH3qTG_jJByhGc3qR1Rooic9U5Yaw7SXt8Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI0NzY0NjMyLDEzNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaG9nd2FydHNpc2hlcmUuY29tLzE2Mzk5NzEvIixudWxsLFtbOCwibkVmOE1ySThxeFEiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjIsInRydWUiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.nEf8MrI8qxQ.es5.O/am=rGA/d=1/rs=AJlcJMxTQrgXGg_aot8evW1yAX3Z_mVnYw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cffe7a2d8b53c3fca79f0e88bb7ceecaa06c29a34b1e327f0ab13076b5615eff

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yvZpYX1x_jii99VyLEXXxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yvZpYX1x_jii99VyLEXXxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0pBiOHnrNtNFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYiT_p1nLQFid62LrP5AvCTiIuuRxIushgqXWJ2B-P66S6zPgXjvx0usR4FYiJvjxuLt29gEDux4FKukkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmBhaKlnYBJfYAAA0wVDhw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240822/r20110914/ Frame E378 0
0 0ms
0ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240822/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Aug 2024 13:10:31 GMT
etag: 5947459844715414650
expires: Tue, 10 Sep 2024 13:10:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240822/r20110914/ Frame 1755 0
0 0ms
0ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240822/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Aug 2024 13:10:31 GMT
etag: 5947459844715414650
expires: Tue, 10 Sep 2024 13:10:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxUCDRJWChXC0-z6odEdyaCYLBlaTF_uDOcfu9UnuNFpAeDbBp14LdqoETCfMOYaM210t5C_Gq1jydJMWNsRjFuixssh5xXazIP8c_kJYsVZSwVJ5VU2Wo6ZPLgMXqvbOosyitIZjQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 83ms
82ms Script
application/javascript 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUCDRJWChXC0-z6odEdyaCYLBlaTF_uDOcfu9UnuNFpAeDbBp14LdqoETCfMOYaM210t5C_Gq1jydJMWNsRjFuixssh5xXazIP8c_kJYsVZSwVJ5VU2Wo6ZPLgMXqvbOosyitIZjQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI0NzY0NjMyLDIzNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LmhvZ3dhcnRzaXNoZXJlLmNvbS8xNjM5OTcxLyIsbnVsbCxbWzgsIm5FZjhNckk4cXhRIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJ0cnVlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

ESF /

Resource Hash

e4badd230e9359ba0b3ddae09141b189030f1832fa410e85f7948b7011aaead7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2oE8M35Y-8QQK96N1D5-Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-2oE8M35Y-8QQK96N1D5-Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIh-PG4u3b2AQ23DnSwqikkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmBhaKlnYBJfYAAACv8-jA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 geo_banner.htm Show response
fundingchoicesmessages.google.com/f/AGSKWxXmUHbGhg2XLc2oS-B66SYnO4838PfRpW8Yyx14UFY8L26Tqp7vWD7fpmose5DUosqRRMJHjWqOsIPCwt1RIxaiNfKBSzrBdHAqXbY91fclLn5cTXhsypsy3_urWM49oo--HPdN9uJaQHl7fJecZgcEsUpxg... 54 B
109 B 64ms
61ms Script
application/javascript 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXmUHbGhg2XLc2oS-B66SYnO4838PfRpW8Yyx14UFY8L26Tqp7vWD7fpmose5DUosqRRMJHjWqOsIPCwt1RIxaiNfKBSzrBdHAqXbY91fclLn5cTXhsypsy3_urWM49oo--HPdN9uJaQHl7fJecZgcEsUpxgvl9mQL304qQgxV4s3aDVprjxcauONNa/_-img/ads/_125ad./ad_premium_/advert./geo_banner.htm?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.nEf8MrI8qxQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwiNORm21cHcsUw0ERxtgDNzwwHHw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

ESF /

Resource Hash

8d400c4079fd84391cada802a624841798e5999951555201e6540ee1d9d79a85

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wrW9COA9Alnnet7Uw-Domg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wrW9COA9Alnnet7Uw-Domg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw05BiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYH4_rpLrM-BeO_HS6xHgViIm-Pm4u3b2AQ-zJ-jpKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRiYGFoqWdgEl9gAADMDj4S"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 30ms
29ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 12:29:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2864
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Sep 2024 12:29:29 GMT

POST
H3 204 AGSKWxWPpcCtvqUYBcxe-3hvfJS_Vid93m_FiYyS6XLV6T-G1JUj7K_nuPXrDeSb9E0HwvLcMp2BvgTO_OvAFlfv8uZ_f5XCsINISV5OVmfFfHuE-qEU_q57KBJ4swgxt9bxywElubxPVg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 116ms
55ms XHR
text/html 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPpcCtvqUYBcxe-3hvfJS_Vid93m_FiYyS6XLV6T-G1JUj7K_nuPXrDeSb9E0HwvLcMp2BvgTO_OvAFlfv8uZ_f5XCsINISV5OVmfFfHuE-qEU_q57KBJ4swgxt9bxywElubxPVg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nVb9mQfWqsSpkW_P2atuLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-nVb9mQfWqsSpkW_P2atuLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1pBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFuDluLt6-jU3gxNZTDkouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDCyFTPwDy-wAAANP4t5A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPpcCtvqUYBcxe-3hvfJS_Vid93m_FiYyS6XLV6T-G1JUj7K_nuPXrDeSb9E0HwvLcMp2BvgTO_OvAFlfv8uZ_f5XCsINISV5OVmfFfHuE-qEU_q57KBJ4swgxt9bxywElubxPVg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ExCSAbx1NwI3yQvwsa4d7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-ExCSAbx1NwI3yQvwsa4d7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0JBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFuDluLt6-jU1gxZvrDkouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDCyFTPwDy-wAAAPbAuBQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPpcCtvqUYBcxe-3hvfJS_Vid93m_FiYyS6XLV6T-G1JUj7K_nuPXrDeSb9E0HwvLcMp2BvgTO_OvAFlfv8uZ_f5XCsINISV5OVmfFfHuE-qEU_q57KBJ4swgxt9bxywElubxPVg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4xOL9k54uWxPdiM5qI3szA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-4xOL9k54uWxPdiM5qI3szA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFuDluLt6-jU3gwbvtvkouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDCyFTPwDy-wAAATbMuNg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPpcCtvqUYBcxe-3hvfJS_Vid93m_FiYyS6XLV6T-G1JUj7K_nuPXrDeSb9E0HwvLcMp2BvgTO_OvAFlfv8uZ_f5XCsINISV5OVmfFfHuE-qEU_q57KBJ4swgxt9bxywElubxPVg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qnB_UEy2-FXLtpNIXbKCvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qnB_UEy2-FXLtpNIXbKCvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFuDluLt6-jU1gw6NXvkouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDCyFTPwDy-wAAASdEuKw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW8zpAq-y9QElbwL1gB1wI3N_BUT4NGR51zU7-tp4LU3682B5on6JI5h2uCGf-WT2AdsdtRC0y0UfwbN0dzUGSmZYSLqoVhnBVQMleyvbc8TNs-q8U40EXEv7obo6FBkSpUUsHBiA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 100ms
100ms Script
application/javascript 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW8zpAq-y9QElbwL1gB1wI3N_BUT4NGR51zU7-tp4LU3682B5on6JI5h2uCGf-WT2AdsdtRC0y0UfwbN0dzUGSmZYSLqoVhnBVQMleyvbc8TNs-q8U40EXEv7obo6FBkSpUUsHBiA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI0NzY0NjMzLDEzMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuaG9nd2FydHNpc2hlcmUuY29tLzE2Mzk5NzEvIixudWxsLFtbOCwibkVmOE1ySThxeFEiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjIsInRydWUiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

ESF /

Resource Hash

4db3733682f8c63995bfd604631637f47db12a951af35f27d09b6e998b5fed3e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3fSDTlY5U6IN93D6Cczv3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3fSDTlY5U6IN93D6Cczv3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1ZBiOHnrNtNFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYiT_p1nLQFid62LrP5AvCTiIuuRxIushgqXWJ2B-P66S6zPgXjvx0usR4FYiJvj5uLt29gEXjztSFLSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMbAwtNQzMIkvMAAA0KpDgw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV4kDRokBPRe18vBvxi53BECV_HjVk2uo_3gHpfdCvLxlvfdKRnbK1x7MXqwJrpAh_Ca78phe5udCCoD6nCW-iwYnxBtF1ZJ6RrMnuHtfIn7ZasIs3pExLwdqJgEpQ3vpMBbESpGg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 58ms
46ms XHR
text/html 142.250.65.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV4kDRokBPRe18vBvxi53BECV_HjVk2uo_3gHpfdCvLxlvfdKRnbK1x7MXqwJrpAh_Ca78phe5udCCoD6nCW-iwYnxBtF1ZJ6RrMnuHtfIn7ZasIs3pExLwdqJgEpQ3vpMBbESpGg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zvdfNqx8xHCR_mf7Effd3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-zvdfNqx8xHCR_mf7Effd3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15BicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDhuLt6-jU3gwYVPExiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhZGpnoF5fIEBAHz2LpU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPpcCtvqUYBcxe-3hvfJS_Vid93m_FiYyS6XLV6T-G1JUj7K_nuPXrDeSb9E0HwvLcMp2BvgTO_OvAFlfv8uZ_f5XCsINISV5OVmfFfHuE-qEU_q57KBJ4swgxt9bxywElubxPVg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VhiDXoi8pOBxkFkKMtr4oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VhiDXoi8pOBxkFkKMtr4oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0ZBicEqfwRoExO5aF1n9gXhJxEXWQ4kXWfd-vMR6FIiFeDhuLt6-jU3gxe-DkxiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhZGpnoF5fIEBAHzrLpY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 16 KB
12 KB 297ms
86ms XHR
application/json 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20240822&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

fa968a29faa7506fb1163b783de123198f2ec7dda5fdd03c6ffa72d5264ccd8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12729
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 277ms
84ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/hogwartsishere-com/pubfig.engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

227a00cd3c655569b3bdfc16bcca45df7b2d48ed5415a4650bf914f51731a104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32078
x-xss-protection: 0
server: cafe
etag: 726 / 19962 / m202408220101 / config-hash: 11935129248913377979
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Aug 2024 13:17:13 GMT

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 91 KB
21 KB 284ms
93ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/hogwartsishere-com/pubfig.engine.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1de6c98ee09d160d70c85aadf45cc81ef78e624d75d76a67e74ecbdfada38e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 895KPR6AD9E1SQDY
age: 824
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 21078
x-amz-id-2: bTPgbGIsrl1OmbyZsjy//cCyYOkKEQ4zrBegmP0Fwlt74cT5nyl1nc10U2jEqeXLKDg9e+vWUEdM0rDXjkG9itXkLa7ASz2R
last-modified: Tue, 27 Aug 2024 12:41:51 GMT
server: cloudflare
etag: "bb0a02c46a863f0a681f765a4a4d82e4"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
cf-ray: 8b9c572f5ce036af-YYZ

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://freestar-io.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=freestar-io&upapi=true
https://btloader.com/tag?v=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&h=freestar-io&upapi=true

56 KB
19 KB

58ms
57ms

Script
application/javascript

2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?v=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&h=freestar-io&upapi=true
Protocol: H2
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7de7dc4c3c2b1ab04807e40b340b9ead77c3b7c7f0c98d21247ef6020f33e3e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 27 Aug 2024 12:47:56 GMT
server: cloudflare
age: 1704
etag: "6dc8328aead29177f2f124aa9499d0dd"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8b9c5730c96136c7-YYZ
content-length: 18842

Redirect headers

date: Tue, 27 Aug 2024 13:17:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
location: https://btloader.com/tag?v=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&h=freestar-io&upapi=true
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8b9c5730893f36c7-YYZ
content-length: 143
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 prebid-analytics-8.49.7.js Show response
a.pub.network/core/ 591 KB
197 KB 85ms
74ms Script
text/javascript 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.pub.network/core/prebid-analytics-8.49.7.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/hogwartsishere-com/pubfig.engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b79f0f08eaf12ddf11c3a219c25a5d2fd3f56c283af66ec18be7edefce941e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 64217
x-guploader-uploadid: AHxI1nObPmD-d-1mp4Yv22NGj0IrSNfgvfmibsbn7eSMeB_X_pAUEcnwkKPYLp9JaFCEor65g4g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 08:22:00 GMT
server: cloudflare
etag: W/"e3503b86c4f75e1fad76fe3e6a6a25a3"
vary: Accept-Encoding
x-goog-hash: crc32c=+gvoBA==, md5=41A7hsT3Xh+tdv4+amolow==
x-goog-generation: 1723450920182356
access-control-allow-origin: *
content-type: text/javascript
cache-control: public, max-age=86400
x-goog-stored-content-length: 605548
access-control-expose-headers: *
cf-ray: 8b9c572eb83336a6-YYZ
expires: Wed, 28 Aug 2024 13:17:13 GMT

GET
H3 200 analytics.min.js Show response
a.pub.network/core/analytics/1.4.2/ 13 KB
6 KB 47ms
34ms Script
application/javascript 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.pub.network/core/analytics/1.4.2/analytics.min.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/hogwartsishere-com/pubfig.engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88d7805a74ac5f036bb47930e6555f1656da22187e5f5e1376bf6ac29a0f7bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 409821
x-guploader-uploadid: AHxI1nOyTWTDxulBsH5nPiqHV7yrvdN85K4uZd33mJa-CeHJPvpWvH1E9wAYN62nGa__X5Kgs04
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 May 2024 13:59:25 GMT
server: cloudflare
etag: W/"35dcda30703508261b9c4d8f98f94a6a"
vary: Accept-Encoding
x-goog-generation: 1716386365851052
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=vucjuw==, md5=NdzaMHA1CCYbnE2PmPlKag==
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 13601
cf-ray: 8b9c572ec83536a6-YYZ
expires: Tue, 27 Aug 2024 14:17:13 GMT

GET
H/1.1 200
OK favicon.png
burrow.hogwartsishere.com/static//fawkes/ 54 KB
54 KB 61ms
59ms Other
image/png 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//fawkes/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 96bac415b834f5b07f8eb8abd4e82304ea9ec0e7eff99c9652c0a686760d3a1a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Tue, 27 Aug 2024 13:17:13 GMT
Last-Modified: Mon, 31 May 2021 06:43:30 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60b48592-d736"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55094

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 17 KB
7 KB 155ms
75ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 13:17:13 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/ 478 KB
149 KB 28ms
27ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

406684c7ca1393eea9101b9ef119c78b0f7801c267abcb2921c03f132703168f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 439
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152291
x-xss-protection: 0
server: cafe
etag: 9741817496811777231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 27 Aug 2025 13:09:54 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 696 B
290 B 105ms
52ms XHR
application/json 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.hogwartsishere.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

cebf34d48a579d36c1596c6d08e8c2b6a93ec80caee112a276f09f255cb09bc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
expires: Tue, 27 Aug 2024 13:17:13 GMT

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202407090940/ 284 KB
101 KB 54ms
54ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: RA0XGCNJ7H1V70PD
age: 4220279
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 103346
x-amz-id-2: R2MXS85vOK0COPVd6dgcyWsEtEVuHv/mslcjrD+If4HBhOmfzoNEuRpXq+n9OH46pIJkDrvb+HR5g4IPwwBFBw==
last-modified: Tue, 09 Jul 2024 14:20:21 GMT
server: cloudflare
etag: "76074361c87e7c8d3af88302818b71f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b9c5730adc936af-YYZ

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9458 0
0 67ms
31ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Aug 2024 13:15:20 GMT
expires: Wed, 27 Aug 2025 13:15:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 1FE0 0
0 199ms
49ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bDX7kjkkEL1a-TbNhxuzrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bDX7kjkkEL1a-TbNhxuzrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Aug 2024 13:17:14 GMT
expires: Tue, 27 Aug 2024 13:17:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 websiteconfig Show response
btloader.com/ 755 B
675 B 99ms
41ms Fetch
application/json 2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896&w=hogwartsishere.com
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9529c27c1c36bec31a2d33186f281ad4269ae7eab7fbdd6326fa880a252cb6cc

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 27 Aug 2024 13:09:35 GMT
server: cloudflare
age: 458
etag: "e603ea5e0de2f9f659c9cc3c03f87dca"
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8b9c5731ecfa36fc-YYZ
content-length: 393

GET
H2 200 px.gif
ad-delivery.net/ 43 B
921 B 154ms
50ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 98907
x-guploader-uploadid: ABPtcPoO8lHTf149iQY1YWi3D4zx22EAtSAz_AcGCaHZE_ooDIimXVBuIG_p1OOO9HKPZxksl_S475t5TA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BB2yL0Lxvl3jQmKuvaXAtLuAIdMdhmvNjLgg8pbw2UfJVdzWyeStsgw59%2FZwTucNKczL85Htc7ZrUbYE8p%2B77650%2FTHKRWKKhjVd%2BOhJd5yuqK%2Bepp8OHDoEMEJxpU9t8zztncC0AR4XlmG8ew%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8b9c573228ebac81-YYZ
expires: Wed, 28 Aug 2024 13:17:13 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 127ms
32ms Image
image/x-icon 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 20:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Aug 2024 20:28:48 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 163ms
61ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.3674861165785992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 98907
x-guploader-uploadid: ABPtcPoO8lHTf149iQY1YWi3D4zx22EAtSAz_AcGCaHZE_ooDIimXVBuIG_p1OOO9HKPZxksl_S475t5TA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdqrjX8c5CyHNqmZ6nG85YfO%2FayxKndOYXS8f%2BewHJ7%2BVWPD5b7ZAxeRKseBuLEo7g%2BwSlsEjc031PKhafn86vP3YZRwFlRTGC19Ry61WW7vOKfP0G2rFhPbbpMLIP5FwpvOfLe7%2Bvma28RHCA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8b9c573228e8ac81-YYZ
expires: Wed, 28 Aug 2024 13:17:13 GMT

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 116ms
82ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e594764adcd2717d158a50b0cb7bc7282fdf5124034e746e37d5df5e80756fb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

OPTIONS
H2 200 c
c.pub.network/v2/ Frame 0
0 176ms
78ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.hogwartsishere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.hogwartsishere.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 27 Aug 2024 13:17:14 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 321 KB
79 KB 676ms
39ms Script
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/hogwartsishere-com/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0026687363fb80fc0b0e04738be2bbf161515460c7da36ecdaa8348c5de0d7f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:07:20 GMT
content-encoding: gzip
via: 1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront), 1.1 84fd743af5e8639c32332cec06beef46.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2024 19:39:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 595
x-amz-server-side-encryption: AES256
etag: W/"697d5d5cb9eee26a08aec8b885d0213b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: kZdH2kRgwl4Q1JX34BI4e8u7kE49hG-1a4MAYStnPY_lrrOKW59K4w==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 535ms
33ms Script
application/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by: Host: a.pub.network
URL: https://a.pub.network/hogwartsishere-com/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNTEWM5RE8S976C
age: 78
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
cf-ray: 8b9c57369f08aaeb-YYZ
x-amz-id-2: 1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=
expires: Sun, 01 Sep 2024 13:17:14 GMT

GET
H2 200 4d97a662ad Show response
pb-rtd.ccgateway.net/v1.0/realtime/ 526 B
871 B 837ms
214ms Fetch
application/json 52.25.174.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-rtd.ccgateway.net/v1.0/realtime/4d97a662ad?profile_id=ade054e4-2707-4859-aea8-f8eab4804645&url=https%253A%252F%252Fwww.hogwartsishere.com%252F1639971%252F&context=true&audience=true&deal_ids=true&custom_taxonomy=true
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.25.174.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-174-97.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e06f491ebefad2bf9dbcedd402035e8d50dab4214cbd5940e79eaacd6e7b3aaf

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
etag: "526-a0f72911"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: max-age=3600
access-control-allow-credentials: true
content-length: 526

GET
H2 200 edgekit.min.js Show response
cdn.edkt.io/PV483g/ 21 KB
7 KB 504ms
22ms Script
text/javascript 34.120.111.33
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.edkt.io/PV483g/edgekit.min.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 33.111.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 58d3f67382bb7a0c0625fd9d497e26f6dd96ca82d6b7430f591a723d35e5ed34

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 06:58:49 GMT
content-encoding: gzip
age: 22705
x-guploader-uploadid: AHxI1nNNBHTrEm1B-TUPQYEjJ6Iw1G3shT8RSZSf2n2nN6GPbsVqg5pS3puNqm4a-n9nDwH8DLaE85lEhw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6718
last-modified: Mon, 19 Aug 2024 08:47:36 GMT
server: UploadServer
etag: "c8a2cf20266d66949c8a47d1bfcc7358"
x-goog-generation: 1724057256788098
x-goog-hash: crc32c=jzQXDw==, md5=yKLPICZtZpScikfRv8xzWA==
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6718
accept-ranges: bytes
expires: Wed, 28 Aug 2024 06:58:49 GMT

GET
H3

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.7&coppa=0
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.7&coppa=0&b=1&tp=zWs0ZJheqGyXlErzFmKhJiqNOarIJPrzjAZKx3Dh3%2F0%3D

42 B
58 B

75ms
75ms

Fetch
application/json

35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.7&coppa=0&b=1&tp=zWs0ZJheqGyXlErzFmKhJiqNOarIJPrzjAZKx3Dh3%2F0%3D
Protocol: H3
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Tue, 27 Aug 2024 13:17:14 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: https://www.hogwartsishere.com
location: https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.7&coppa=0&b=1&tp=zWs0ZJheqGyXlErzFmKhJiqNOarIJPrzjAZKx3Dh3%2F0%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58657/ 2 B
218 B 579ms
39ms Fetch
application/json 3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58657/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://www.hogwartsishere.com/1639971/&pixelId=58657

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.134 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.134
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://www.hogwartsishere.com
content-type: application/json
access-control-allow-credentials: true

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hogwartsishere.com%2F&domain=www.hogwartsishere.com&cw=1&lsw=1&gdpr=0
https://mug.criteo.com/sid?cpp=yBzmqXxpRmtNQXU0Qjhia0VLYTMxUzdoRFhoK3Z6RmI2ZTBQeHVYNUJ1YnZLOThUSXRXWEx0dEFqdm9ObkYrOHhiSVBIZkVQU3E5ZC9CRTJyQ3Z4SzJrbE5vUEJCT0p4VmQ4Q2ZPYS9LVnM5SDlwa1hZOFphN1Q4VnhvTl...

351 B
641 B

162ms
48ms

Fetch
application/json

74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=yBzmqXxpRmtNQXU0Qjhia0VLYTMxUzdoRFhoK3Z6RmI2ZTBQeHVYNUJ1YnZLOThUSXRXWEx0dEFqdm9ObkYrOHhiSVBIZkVQU3E5ZC9CRTJyQ3Z4SzJrbE5vUEJCT0p4VmQ4Q2ZPYS9LVnM5SDlwa1hZOFphN1Q4VnhvTlpubXdJQjdBcWhoUnl1U1pXUE5DTFNqMVRoeEh1QTdESVBhRVh5OXBBMjhOZVFLanJMSDFBVEVhak40UDZPNkk0NHNrVUpHZkE3VlBURVNJbDU4MGZqTVk1Uk1JcVRsa0VmMlJ3dW82TldRWFNkZ051Yklvc1JlTzhDNGZXMU1FQ1FoRmkxNnFZb1pJSmpoWTYzMTQ5ZmdrZW5IbEtoZz09fA&cppv=2

Protocol

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b5c2cb4fea5671d6ba915c94390116b53009460f1c8ca9153d08c27a2bbcad62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:17:15 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 514947
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:17:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://www.hogwartsishere.com
location: https://mug.criteo.com/sid?cpp=yBzmqXxpRmtNQXU0Qjhia0VLYTMxUzdoRFhoK3Z6RmI2ZTBQeHVYNUJ1YnZLOThUSXRXWEx0dEFqdm9ObkYrOHhiSVBIZkVQU3E5ZC9CRTJyQ3Z4SzJrbE5vUEJCT0p4VmQ4Q2ZPYS9LVnM5SDlwa1hZOFphN1Q4VnhvTlpubXdJQjdBcWhoUnl1U1pXUE5DTFNqMVRoeEh1QTdESVBhRVh5OXBBMjhOZVFLanJMSDFBVEVhak40UDZPNkk0NHNrVUpHZkE3VlBURVNJbDU4MGZqTVk1Uk1JcVRsa0VmMlJ3dW82TldRWFNkZ051Yklvc1JlTzhDNGZXMU1FQ1FoRmkxNnFZb1pJSmpoWTYzMTQ5ZmdrZW5IbEtoZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 204692
content-length: 0
expires: 0

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 227 B
320 B 580ms
43ms Fetch
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.hogwartsishere.com&gdpr=0
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a36cd619ac68a4a39eb1be94925967f014d1e7dc4a679f6dc86807416c2ae930

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
content-encoding: br
server: cloudflare
allow: POST, OPTIONS, GET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 8b9c57377d9ca1ed-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 194 B
671 B 674ms
140ms Fetch
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.hogwartsishere.com
content-type: application/json;charset=UTF-8
date: Tue, 27 Aug 2024 13:17:13 GMT
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"

GET
H2 204 envelope Show response
api.rlcdn.com/api/identity/ 0
284 B 572ms
53ms Fetch 34.107.165.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=106
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.165.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.165.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 any Show response
idx.liadm.com/idex/did-0047/ 378 B
800 B 435ms
51ms Fetch
text/plain 34.193.40.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/did-0047/any?duid=bda1e59b84f8--01j69zqf2rnjb70ybbh9g89y51&gdpr=0&did=did-0047&cd=.hogwartsishere.com&pu=https%3A%2F%2Fwww.hogwartsishere.com&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=thetradedesk&resolve=medianet

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.40.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-40-21.compute-1.amazonaws.com

Software

Resource Hash

9ecb5c473d8795f9abc0883eb9f46b67290a4347a797f3614ab3b76d75b31722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 12
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: max-age=86399, private
access-control-allow-credentials: true
trace-id: d9140d9c2897c42d
content-length: 378
expires: Wed, 28 Aug 2024 13:17:14 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
570 B 537ms
39ms Fetch
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: d202b282d49b07554e55d27669d96c2118fe8e715da0d1df9656007d35ccb2c7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Thu, 26 Sep 2024 13:17:14 GMT

GET
H3

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.7&coppa=0
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.7&coppa=0&b=1&tp=BbBYM9sxCX3%2BEgvgagCzDlHAPCAe0jVrcGXnBaxbtyA%3D

42 B
58 B

51ms
51ms

Fetch
application/json

35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.7&coppa=0&b=1&tp=BbBYM9sxCX3%2BEgvgagCzDlHAPCAe0jVrcGXnBaxbtyA%3D
Protocol: H3
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Tue, 27 Aug 2024 13:17:14 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: https://www.hogwartsishere.com
location: https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.7&coppa=0&b=1&tp=BbBYM9sxCX3%2BEgvgagCzDlHAPCAe0jVrcGXnBaxbtyA%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58657/ 2 B
39 B 566ms
38ms Fetch
application/json 3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58657/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://www.hogwartsishere.com/1639971/&pixelId=58657

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.134 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.134
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://www.hogwartsishere.com
content-type: application/json
access-control-allow-credentials: true

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hogwartsishere.com%2F&domain=www.hogwartsishere.com&cw=1&lsw=1&gdpr=0
https://mug.criteo.com/sid?cpp=ynPQvnx4ZzJ3VjN5a0RTODBGWXhSTEViY2l2aFRXUkhSa2VRV2JhUkRSVmlsMndKMEMvUVd2K0NYK2Q1MGs1d05WQUd4cHU3dUZHbFM4bVlFQ2huK1hMOWFzY1h1MGEycFVFYVlNS0R5QzZZN2syazdUdGZxcVNleDBQS1...

367 B
653 B

167ms
48ms

Fetch
application/json

74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ynPQvnx4ZzJ3VjN5a0RTODBGWXhSTEViY2l2aFRXUkhSa2VRV2JhUkRSVmlsMndKMEMvUVd2K0NYK2Q1MGs1d05WQUd4cHU3dUZHbFM4bVlFQ2huK1hMOWFzY1h1MGEycFVFYVlNS0R5QzZZN2syazdUdGZxcVNleDBQS1k2RGZZdlNWOFRQU0NjOVhZZUVsc2RSY1licDF3RkRaYUdocXJRc1dIcnViWGpwOEpGQTk2VlR0d1FrdytVMnlrd3E0WnFvVERSQzJ4ZjlWWEl5ZEpUSnVNaFVYYmtZRnVPTEF5Yk8wbmZRVmsyYUJvS0o1UkF1SElEbGpWbnZ3dFZMUFllTXJKMkt2YTBlMmxLMlExTlBMNTZwSVNCUT09fA&cppv=2

Protocol

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c335699f5e7eb981cdfaf5dfbcd4798970b1514ce23bc21ecb5674eb33f5366e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:17:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 441809
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:17:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://www.hogwartsishere.com
location: https://mug.criteo.com/sid?cpp=ynPQvnx4ZzJ3VjN5a0RTODBGWXhSTEViY2l2aFRXUkhSa2VRV2JhUkRSVmlsMndKMEMvUVd2K0NYK2Q1MGs1d05WQUd4cHU3dUZHbFM4bVlFQ2huK1hMOWFzY1h1MGEycFVFYVlNS0R5QzZZN2syazdUdGZxcVNleDBQS1k2RGZZdlNWOFRQU0NjOVhZZUVsc2RSY1licDF3RkRaYUdocXJRc1dIcnViWGpwOEpGQTk2VlR0d1FrdytVMnlrd3E0WnFvVERSQzJ4ZjlWWEl5ZEpUSnVNaFVYYmtZRnVPTEF5Yk8wbmZRVmsyYUJvS0o1UkF1SElEbGpWbnZ3dFZMUFllTXJKMkt2YTBlMmxLMlExTlBMNTZwSVNCUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 308678
content-length: 0
expires: 0

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 227 B
178 B 567ms
45ms Fetch
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.hogwartsishere.com&gdpr=0
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a36cd619ac68a4a39eb1be94925967f014d1e7dc4a679f6dc86807416c2ae930

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
content-encoding: br
server: cloudflare
allow: POST, OPTIONS, GET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 8b9c5737cdfea1ed-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 194 B
670 B 590ms
114ms Fetch
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.hogwartsishere.com
content-type: application/json;charset=UTF-8
date: Tue, 27 Aug 2024 13:17:14 GMT
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"

GET
H2 200 any Show response
idx.liadm.com/idex/did-0047/ 378 B
0 395ms
395ms Fetch
text/plain 34.193.40.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://idx.liadm.com/idex/did-0047/any?duid=bda1e59b84f8--01j69zqf2rnjb70ybbh9g89y51&gdpr=0&did=did-0047&cd=.hogwartsishere.com&pu=https%3A%2F%2Fwww.hogwartsishere.com&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=thetradedesk&resolve=medianet
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.40.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-40-21.compute-1.amazonaws.com
Software: /
Resource Hash: 9ecb5c473d8795f9abc0883eb9f46b67290a4347a797f3614ab3b76d75b31722

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
vary: Origin
request-time: 12
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: max-age=86399, private
access-control-allow-credentials: true
trace-id: d9140d9c2897c42d
content-length: 378
expires: Wed, 28 Aug 2024 13:17:14 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
0 499ms
499ms Fetch
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: d202b282d49b07554e55d27669d96c2118fe8e715da0d1df9656007d35ccb2c7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Thu, 26 Sep 2024 13:17:14 GMT

GET
H2 200 country Show response
api.btloader.com/ 37 B
153 B 561ms
56ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=5714937848528896
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 63c8a71e02dad8f567226247d5694840937f61e94ddb0c49288e8e68873c6097

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 573ms
36ms Preflight
application/json 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hogwartsishere.com%2F&domain=www.hogwartsishere.com&cw=1&lsw=1&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.hogwartsishere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 27 Aug 2024 13:17:14 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 174008
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 516ms
35ms Preflight
application/json 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hogwartsishere.com%2F&domain=www.hogwartsishere.com&cw=1&lsw=1&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.hogwartsishere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 27 Aug 2024 13:17:13 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 213742
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 page_load Show response
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ 59 B
225 B 140ms
97ms Fetch
application/json 52.25.174.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/page_load
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.25.174.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-174-97.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: dac50e63c8aebf8765beb0bd4f484315d9ddee97727dae5305a586679c70bced

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://www.hogwartsishere.com
date: Tue, 27 Aug 2024 13:17:15 GMT
access-control-allow-credentials: true
content-length: 59
vary: Origin
content-type: application/json; charset=utf-8

GET
H3 200 fslogo-green.svg
a.pub.network/core/imgs/ 1 KB
1 KB 37ms
36ms Image
image/svg+xml 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.pub.network/core/imgs/fslogo-green.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 2908
x-guploader-uploadid: AHxI1nNInk_2J3mTVxU-tyfOfX5zZ1NPfPL-j_L6QO92Jqxxj3pltm9PbnZWXOqQToAunLhNgCs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Sep 2020 17:04:37 GMT
server: cloudflare
etag: W/"326d6cbd977657e1205bd616d1f2faca"
vary: Accept-Encoding
x-goog-hash: crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
x-goog-generation: 1599584677716817
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: public, max-age=3600
x-goog-stored-content-length: 1193
access-control-expose-headers: *
cf-ray: 8b9c5736ad9936a6-YYZ
expires: Tue, 27 Aug 2024 14:17:14 GMT

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame F1EE 0
0 101ms
40ms Document
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29367
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Aug 2024 12:34:17 GMT
expires: Tue, 27 Aug 2024 13:24:17 GMT
last-modified: Mon, 26 Aug 2024 19:48:13 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 135 KB
51 KB 471ms
442ms Fetch
text/plain 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3068643160611746&correlator=39802118727262&eid=31085738%2C31086224&output=ldjh&gdfp_req=1&vrg=202408220101&ptt=17&impl=fifs&gdpr=0&iu_parts=15184186%3A22523097934%2Chogwartsishere_google_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&fas=8&fsapi=1&eri=1&sc=1&cookie=ID%3Dbbbd727a14fbe6b5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MYxgvIjv8OczAJAY9H13FEuQAzmcQ&gpic=UID%3D00000ed5f1efa5f7%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MbY_u-0Sr29zISQMueaTRZlhET85Q&abxe=1&dt=1724764634694&lmt=1724764634&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&td=1&egid=11063&tan=8abc0fa5-ef75-4e2e-8c64-c1dcafb925c4&tdf=2&topics=9&tps=9&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJGNhZTZkMGQ1LWQxYjktNGY1My04ZjhkLTU0YTRhYmQ5NWM4NVgB&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1724764626510&idt=7567&prev_scp=fs_ad_product%3DgoogleInterstitial&cust_params=fsitf%3DYNYYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26fs_session_id%3D5a2b3e66-b9a9-4d28-b5cf-458567d9f94e%26fs_pageview_id%3D15679d5f2b776664e05b43e1744e4128%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D21%26fs_testgroup%3Doptimised&adks=3950332276&frm=20&eo_id_str=ID%3Da0046d26b19c07d5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DAA-Afja0HB8wgrjqqhLjeYxu0cu7

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

af2b22277255937fec1e7ed958caf1dee5d0da6cdfa10c6fe5ef193c586fef09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52050
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7c1999e5523e795555b0392cc542401d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9D90 0
0 535ms
52ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7c1999e5523e795555b0392cc542401d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Aug 2024 13:17:15 GMT
expires: Tue, 27 Aug 2024 13:17:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/ 48 KB
15 KB 47ms
46ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

5941d7c156ed399bb653f3cd19270a648079e66e1c20698f9a6befd4df5d7087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 12:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1151
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15390
x-xss-protection: 0
server: cafe
etag: 4455265009197319818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 27 Aug 2025 12:58:03 GMT

OPTIONS
H2 204 page_load
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ Frame 0
0 817ms
197ms Preflight 35.89.160.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/page_load
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.89.160.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-89-160-156.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.hogwartsishere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods: POST
access-control-allow-origin: https://www.hogwartsishere.com
access-control-max-age: 86400
date: Tue, 27 Aug 2024 13:17:15 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1724764634835&did=did-0047&se=e30&duid=bda1e59b84f8--01j69zqf2rnjb70ybbh9g89y51&tv=8.49.7&pu=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&wpn=prebid&gdpr=0&cd=.ho...
https://rp4.liadm.com/j?dtstmp=1724764634835&did=did-0047&se=e30&duid=bda1e59b84f8--01j69zqf2rnjb70ybbh9g89y51&tv=8.49.7&pu=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&wpn=prebid&gdpr=0&cd=.h...

13 B
348 B

376ms
50ms

Fetch
application/json

3.94.51.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?dtstmp=1724764634835&did=did-0047&se=e30&duid=bda1e59b84f8--01j69zqf2rnjb70ybbh9g89y51&tv=8.49.7&pu=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&wpn=prebid&gdpr=0&cd=.hogwartsishere.com&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjY%3D
Protocol: H2
Server: 3.94.51.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-51-155.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
x-pixel-event-id: 4f224b16-08ce-4653-b40f-44aeec04da9d
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?dtstmp=1724764634835&did=did-0047&se=e30&duid=bda1e59b84f8--01j69zqf2rnjb70ybbh9g89y51&tv=8.49.7&pu=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&wpn=prebid&gdpr=0&cd=.hogwartsishere.com&i6=MjYwNzo1MzAwOjYwOjc4Njc6OjY%3D
access-control-allow-origin: https://www.hogwartsishere.com
date: Tue, 27 Aug 2024 13:17:15 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H2 200 hadronid Show response
id.hadron.ad.gt/api/v1/ 54 KB
55 KB 148ms
52ms Script
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bf5435c55a81e3f050dc22ed008eb354bcecd1c042316e81a95a488a6c0ae43

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: Content-Type; text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization,content-type
content-length: 55794
cf-ray: 8b9c57387a5ca1ea-YYZ

GET
H2 204 pv Show response
api.btloader.com/ 0
128 B 239ms
55ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=CnUGTSTwaa&w=4855136194134016&o=5714937848528896&cv=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&widget=false&checksum=5a6d40a6&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&sid=pHfEXreg1&pm=true&upapi=true
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Aug 2024 13:17:15 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 128 B
300 B 80ms
56ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.hogwartsishere.com&url=https://www.hogwartsishere.com/1639971/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b01d588b30e5e48762be7b4d39725fe53f62fd34387c8dc4d20363caedc43fd

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization,content-type
cf-ray: 8b9c5738fee8a1ed-YYZ

GET
H2 200 topics_frame.html
pa.openx.net/ Frame 76BC 0
0 444ms
28ms Document
text/html 34.36.214.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.openx.net/topics_frame.html?bidder=openx
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.214.36.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600
content-length: 1036
content-type: text/html; charset=utf-8
date: Tue, 27 Aug 2024 12:44:13 GMT
etag: "c5379e35e267deacc52e06ed0f5fa81f"
last-modified: Mon, 22 Jan 2024 14:38:43 GMT
server: UploadServer
supports-loading-mode: fenced-frame
vary: Origin
x-allow-fledge: true
x-goog-generation: 1705934323795552
x-goog-hash: crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1036
x-guploader-uploadid: AHxI1nM2X_y0xrBhSo6fu7HMxFU1LbCEgvpPlCJbC9LITTWchVYpm4vdLVpwX97jACwy7a41Kxr31KfyYQ

GET
H2 200 topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame FC46 0
0 428ms
37ms Document
text/html 23.45.193.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.193.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-193-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=164970
content-encoding: gzip
content-length: 859
content-type: text/html
date: Tue, 27 Aug 2024 13:17:15 GMT
expires: Thu, 29 Aug 2024 11:06:45 GMT
last-modified: Tue, 21 Mar 2023 05:02:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

POST cookie_sync
s2s.t13.io/ 0
0

POST auction
s2s.t13.io/openrtb2/ 0
0

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 82 B
633 B 348ms
72ms Fetch
application/json 52.85.61.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-54.ewr53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e571990a711c26ebd61f1c50a7fb962f1291b5f9cb886233de5b4b1d098f604b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
content-encoding: gzip
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: EWR53-P1
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.hogwartsishere.com
x-reason: maxmind hosting provider
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-cache: Miss from cloudfront
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 107
x-amz-cf-id: mGm9rQp4LzqS4wjcSS269j_fXxEwVhb_Eq-Vh_xh1HGRCtSg3KVWYg==

POST auction
tlx.3lift.com/header/ 0
0

POST hbjson
grid.bidswitch.net/ 0
0

POST openrtb
ex.ingage.tech/v1/ 0
0

POST prebid
prebid.media.net/rtb/ 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
229 B 347ms
75ms Fetch 74.119.117.6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.49.7&cb=73798369329&lsavail=1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://www.hogwartsishere.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET prebid
ads.yieldmo.com/exchange/ 0
0

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 60ms
47ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e594764adcd2717d158a50b0cb7bc7282fdf5124034e746e37d5df5e80756fb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H2 200 0ab198dd-b265-462a-ae36-74e163ad6159 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
831 B 458ms
40ms Script
application/javascript 108.138.106.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/0ab198dd-b265-462a-ae36-74e163ad6159
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-108.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: ee5ebc2e5e093ee9ea3485ae13632e54bba29b488b7956923112de35efe7ded4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 12:43:08 GMT
via: 1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 2047
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: hBnmg3RhBLRYzqejkGlOPriG4wPS0E3RCUryjUWRKT3QyTg4A95PMg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
3 KB 35ms
34ms XHR
application/json 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.hogwartsishere.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 3cc3e7477f9c8eef291c048ee6e8e4e15d57a4b95c315089e072ef1dd190fb2c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 12:57:59 GMT
via: 1.1 84fd743af5e8639c32332cec06beef46.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
age: 1156
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2865
x-amz-cf-id: hEo1MIDjGqxL1oVsGVITMFcOL-qWln_uZjVPp244HVCnat4LqyNjcg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 290 B
596 B 642ms
246ms XHR
text/javascript 18.173.140.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&pid=50WeT8v0PqU0O&cb=0&ws=1600x1200&v=24.814.1731&t=586&slots=%5B%7B%22sd%22%3A%22hogwartsishere_right_sidewall%22%2C%22s%22%3A%5B%22120x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C22523097934%2Fhogwartsishere_right_sidewall%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21freestar.com%2C942%2C1%2C%2C%2C&sm=3f2a744a-df95-44ee-a256-bdec5113c5c2&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.140.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-140-223.jfk52.r.cloudfront.net
Software: Server /
Resource Hash: f02945f6c7e7f95a5c7d2aeaf2ab1fb1828ff0e6654d3b2d20b89ec27feb2950

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
content-encoding: gzip
via: 1.1 0a9d1f4cf41c66fe38072ba9d4053f7e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK52-P2
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 238
x-amz-cf-id: Jf3W5gIkn4NMJjSwRGwkx3pUhK-Ydqg0Otvv5YjoJjolcP16NqG6xA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 290 B
594 B 658ms
277ms XHR
text/javascript 18.173.140.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&pid=50WeT8v0PqU0O&cb=1&ws=1600x1200&v=24.814.1731&t=586&slots=%5B%7B%22sd%22%3A%22hogwartsishere_adhesion%22%2C%22s%22%3A%5B%221x1%22%2C%22300x50%22%2C%22320x50%22%2C%22468x60%22%2C%22728x90%22%2C%22970x90%22%2C%22300x100%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F15184186%2C22523097934%2Fhogwartsishere_adhesion%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21freestar.com%2C942%2C1%2C%2C%2C&sm=3f2a744a-df95-44ee-a256-bdec5113c5c2&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.140.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-140-223.jfk52.r.cloudfront.net
Software: Server /
Resource Hash: 7ff40162958fc3ff119df08ee33fca635d1e043de30149979434e22097223f1f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
content-encoding: gzip
via: 1.1 0a9d1f4cf41c66fe38072ba9d4053f7e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK52-P2
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 238
x-amz-cf-id: W-lP6X4NHRgDocvOpVwLesFEjnDr7Asl-sI_SCreePUMu0J_2G2PFQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 85ms
29ms XHR
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
date: Mon, 26 Aug 2024 16:06:52 GMT
x-amz-cf-pop: JFK50-P3
age: 76224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Origin,accept-encoding
x-amz-cf-id: fHIsOFq0pMZe8V7vt-U7tuHBACaWs3eZ34OBdPZwmPUs5yShYjKBfw==

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
294 B 561ms
123ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.hogwartsishere.com
date: Tue, 27 Aug 2024 13:17:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
293 B 684ms
111ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.hogwartsishere.com
date: Tue, 27 Aug 2024 13:17:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 50ms
48ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.hogwartsishere.com&url=https://www.hogwartsishere.com/1639971/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.hogwartsishere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8b9c57387e94a1ed-YYZ
content-length: 0
content-type: application/json
date: Tue, 27 Aug 2024 13:17:14 GMT
debug: OPTIONS block
expires: Wed, 27 Aug 2025 13:17:14 GMT
server: cloudflare

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 480ms
33ms Preflight
application/json 74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 27 Aug 2024 13:17:14 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 175409
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 377ms
35ms Preflight
application/json 74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 27 Aug 2024 13:17:15 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 149822
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST auction
s2s.t13.io/openrtb2/ 0
0

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 83 B
632 B 160ms
75ms Fetch
application/json 52.85.61.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-54.ewr53.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 2c6aff728dcf420d8c5c4eb784f22abd8cda73a56d816adc924c982755809773

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
content-encoding: gzip
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: EWR53-P1
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.hogwartsishere.com
x-reason: maxmind hosting provider
access-control-allow-credentials: true
x-envoy-upstream-service-time: 27
x-cache: Miss from cloudfront
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 108
x-amz-cf-id: jb3-tmatOilOOPsYufR_9uFEBEueUSgf1fS03TacapqdqyZKyaWovg==

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
270 B 250ms
96ms Fetch
application/json 74.119.117.6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://grid.bidswitch.net/hbjson

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

721d786689c56f1c92c1f3f3e1f1d24060cf76fb328556b15d11468178829c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: nginx
content-type: application/json
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 49

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 395ms
241ms Fetch 207.65.37.179
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.hogwartsishere.com
date: Tue, 27 Aug 2024 13:17:15 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST auction
tlx.3lift.com/header/ 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
228 B 135ms
75ms Fetch 74.119.117.6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.49.7&cb=4195911089&lsavail=1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://www.hogwartsishere.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
828 B 220ms
162ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 83c050194a3704b4e571f8809b0aea42112dc20e9eacae8cdc7eb11378938a73

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:17:15 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
observe-browsing-topics: ?1
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Aug 2024 13:17:15 GMT

POST openrtb
ex.ingage.tech/v1/ 0
0

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
230 B 165ms
32ms Fetch 34.206.47.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=8.49.7&p=%5B%7B%22placement_id%22%3A%22hogwartsishere_adhesion%22%2C%22callback_id%22%3A%22668e4fda45910ac%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B468%2C60%5D%2C%5B320%2C100%5D%2C%5B300%2C100%5D%2C%5B320%2C50%5D%2C%5B300%2C50%5D%2C%5B1%2C1%5D%5D%2C%22ym_placement_id%22%3A%222785004069981200390%22%2C%22gpid%22%3A%22%2F15184186%2Fhogwartsishere_adhesion%2Fhogwartsishere_adhesion%22%2C%22tid%22%3A%22c042d2f7-2649-40b0-9b1e-2ce8b15a3d6e%22%2C%22auctionId%22%3A%22a574f3c4-ec75-4046-94a1-1a53e4a22f33%22%7D%5D&page_url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&bust=1724764635277&dnt=false&description=Hogwarts%20is%20Here%20is%20a%20fully%20fan-operated%20online%20Hogwarts.%20Make%20new%20friends%2C%20attend%20Hogwarts%20classes%20and%20more!&tmax=586&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Fynix.io%20(Gryffindor)%20%7C%20Hogwarts%20is%20Here&w=1600&h=1200&pubcid=cae6d0d5-d1b9-4f53-8f8d-54a4abd95c85&tdid=e59896bc-a246-4956-ab7f-a4b90073b588&eids=%5B%7B%22source%22%3A%22liveintent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%226-ZBdCFXmypRb1K7a5KiR1bCKbvJ5AtdGvyWUH%2BWHhN6eSwMGPRiTqv2ZW94aVRpNBoPqtkMNPe72r28dMJiK44JJMrqR2qisyJSDquoYDvjeoyQ%3D%3D%22%2C%22atype%22%3A3%7D%5D%7D%2C%7B%22source%22%3A%22bidswitch.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228e64db7c-cd00-4058-8541-2c2ccee82a87%22%2C%22atype%22%3A3%2C%22ext%22%3A%7B%22provider%22%3A%22liveintent.com%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22media.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223227997929575369000V10%22%2C%22atype%22%3A3%2C%22ext%22%3A%7B%22provider%22%3A%22liveintent.com%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22rubiconproject.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22JC4DR050-W-JENX%22%2C%22atype%22%3A3%2C%22ext%22%3A%7B%22provider%22%3A%22liveintent.com%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22liveintent.indexexchange.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22WlJW1tHM4a4AAD4yysQAAAAB%262629%22%2C%22atype%22%3A3%2C%22ext%22%3A%7B%22provider%22%3A%22liveintent.com%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22openx.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22be85ee4e-6629-0cad-15e9-65135fe60164%22%2C%22atype%22%3A3%2C%22ext%22%3A%7B%22provider%22%3A%22liveintent.com%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubmatic.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22B852047B-E711-4323-8207-D18C531F9A1B%22%2C%22atype%22%3A3%2C%22ext%22%3A%7B%22provider%22%3A%22liveintent.com%22%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cae6d0d5-d1b9-4f53-8f8d-54a4abd95c85%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e59896bc-a246-4956-ab7f-a4b90073b588%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.47.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-47-50.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.hogwartsishere.com
pragma: no-cache
date: Tue, 27 Aug 2024 13:17:15 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 71 KB
0 650ms
625ms Fetch
text/plain 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3068643160611746&correlator=3093235785926389&eid=31085738%2C31086224&output=ldjh&gdfp_req=1&vrg=202408220101&ptt=17&impl=fifs&gdpr=0&iu_parts=15184186%3A22523097934%2Chogwartsishere_right_sidewall&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dbbbd727a14fbe6b5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MYxgvIjv8OczAJAY9H13FEuQAzmcQ&gpic=UID%3D00000ed5f1efa5f7%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MbY_u-0Sr29zISQMueaTRZlhET85Q&abxe=1&dt=1724764635320&lmt=1724764635&adxs=1470&adys=120&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&vis=1&psz=120x-1&msz=120x-1&fws=516&ohw=120&td=1&egid=11063&tan=8abc0fa5-ef75-4e2e-8c64-c1dcafb925c5&tdf=2&topics=9&tps=9&htps=10&a3p=Ej8KHGxpdmVpbnRlbnQuaW5kZXhleGNoYW5nZS5jb20SHVdsSlcxdEhNNGE0QUFENHl5c1FBQUFBQiYyNjI5WAESMwoJb3BlbngubmV0EiRiZTg1ZWU0ZS02NjI5LTBjYWQtMTVlOS02NTEzNWZlNjAxNjRYARI0CgpwdWJjaWQub3JnEiRjYWU2ZDBkNS1kMWI5LTRmNTMtOGY4ZC01NGE0YWJkOTVjODVYARKGAQoObGl2ZWludGVudC5jb20ScjYtWkJkQ0ZYbXlwUmIxSzdhNUtpUjFiQ0tidko1QXRkR3Z5V1VIK1dIaE42ZVN3TUdQUmlUcXYyWlc5NGFWUnBOQm9QcXRrTU5QZTcycjI4ZE1KaUs0NEpKTXJxUjJxaXN5SlNEcXVvWUR2amVveVE9PVgBEicKEnJ1Ymljb25wcm9qZWN0LmNvbRIPSkM0RFIwNTAtVy1KRU5YWAESNwoNYmlkc3dpdGNoLm5ldBIkOGU2NGRiN2MtY2QwMC00MDU4LTg1NDEtMmMyY2NlZTgyYTg3WAESNgoMcHVibWF0aWMuY29tEiRCODUyMDQ3Qi1FNzExLTQzMjMtODIwNy1EMThDNTMxRjlBMUJYARJGCgxhdWRpZ2VudC5jb20SNDAwMDF5dW0wZWFia2JhOThiY2lhZTZnaWJkZGo5NmxkY2xmNzg2a2hkYWFiYWNra2MyamxYAQ..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1724764626510&idt=7567&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3De0067c4d-556a-4873-b22d-388665981702%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dhogwartsishere_right_sidewall%26fs_ad_product%3DsideWall%26fs_clientservermask%3D23223321130232210112002%26fs-auuid%3D9d739547-a727-4094-81f2-d06c75f3d252%26amznbid%3D1%26amznp%3D1%26fsbid%3Dtimeout&cust_params=fsitf%3DYNYYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26fs_session_id%3D5a2b3e66-b9a9-4d28-b5cf-458567d9f94e%26fs_pageview_id%3D15679d5f2b776664e05b43e1744e4128%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D21%26fs_testgroup%3Doptimised&adks=4263493378&frm=20&eo_id_str=ID%3Da0046d26b19c07d5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DAA-Afja0HB8wgrjqqhLjeYxu0cu7

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16500
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 474 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 323ms
91ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c853d9b65c929542020308c86a385eccae2cfa71848283e9fb5d4843071aa2b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Aug 2024 13:11:44 GMT
server: cloudflare
age: 191
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 8b9c573c88eea24d-YYZ

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 306ms
79ms Script
application/javascript 23.203.179.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-179-38.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Tue, 27 Aug 2024 13:32:15 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 43 KB
13 KB 241ms
23ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 07:40:32 GMT
content-encoding: gzip
via: 1.1 d0bce79fed43d50812383302c31b7430.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2024 18:47:23 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 20204
x-amz-server-side-encryption: AES256
etag: W/"ad78eaf46246cac6849005eb8b50ae6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 3xlpoPBiAAzGjYHJWEA0DWTEcc59N49vHRwpcmUbGUN1uybH5hyTiw==

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ 16 KB
6 KB 310ms
91ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b45bdbf750c305208e17ba6044c938c0d147a9c41b5a1082fffa748ff11a5d3

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Aug 2024 14:55:11 GMT
server: cloudflare
age: 598154
etag: W/"66b2394f-405e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8b9c573c8d06ab3a-YYZ
expires: Fri, 30 Aug 2024 13:17:15 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 94 KB
28 KB 245ms
34ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d01f00d44818b64b781b4eb83c7be0f9c8c1f8a2b3bc0ae185db7dc9035b678e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: HEWKKHZV9PKZK5WZ
age: 13
x-amz-server-side-encryption: AES256
x-amz-id-2: rnw3yHzguGZrJKJezkQHHoMNbdXkefqxfjOnO1QCDjGrc3vYnq/TyA3c7fhJmpmdYONWJK6no9P3lGr1lvfNQQ==
last-modified: Tue, 27 Aug 2024 11:30:41 GMT
server: cloudflare
etag: W/"722e67e376c1708aa99f9a8c7fc3c215"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8b9c573c8ef1a238-YYZ
expires: Tue, 27 Aug 2024 14:17:15 GMT

OPTIONS
H2 204 openrtb
ex.ingage.tech/v1/ Frame 0
0 328ms
66ms Preflight 2606:4700:4400::6812:296a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:296a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.hogwartsishere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.hogwartsishere.com
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 8b9c573c09b9a2af-YUL
date: Tue, 27 Aug 2024 13:17:15 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers

OPTIONS
H2 204 openrtb
ex.ingage.tech/v1/ Frame 0
0 113ms
65ms Preflight 2606:4700:4400::6812:296a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:296a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.hogwartsishere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.hogwartsishere.com
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 8b9c573c09bba2af-YUL
date: Tue, 27 Aug 2024 13:17:15 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 79ms
50ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e594764adcd2717d158a50b0cb7bc7282fdf5124034e746e37d5df5e80756fb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ 35 B
296 B 501ms
30ms Image
image/gif 23.44.201.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=9d739547-a727-4094-81f2-d06c75f3d252&cid=8CUJ8GUQF&crid=315461417&adunit_count=1&dn=www.hogwartsishere.com&requrl=https://www.hogwartsishere.com/1639971/&istop=true&event=client_timeout&value=1&rd=586
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Aug 2024 13:17:16 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Tue, 27 Aug 2024 13:17:16 GMT

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 514ms
45ms Script
text/javascript 2620:100:a00b::4

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 28 Aug 2024 13:17:16 GMT

GET
H2 200 container.html
7c1999e5523e795555b0392cc542401d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D31E 0
0 6ms
6ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7c1999e5523e795555b0392cc542401d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Aug 2024 13:17:15 GMT
expires: Tue, 27 Aug 2024 13:17:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET iu3
s.amazon-adsystem.com/ Frame B88C 0
0

GET 474
p.ad.gt/api/v1/p/ 0
0

GET halo_match
ids.ad.gt/api/v1/ 0
0

GET ip_match
ids.ad.gt/api/v1/ 0
0

GET

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001724764636-7HM2ATSK-MZ6V&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V%26adnxs_id%3D%24UID%26gdpr%3D0

0
0

GET

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001724764636-7HM2ATSK-MZ6V&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=e59896bc-a246-4956-ab7f-a4b90073b588&id=AU1D-0100-001724764636-7HM2ATSK-MZ6V

0
0

GET

UCookieSetPug
image2.pubmatic.com/AdServer/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V

0
0

GET token
token.rubiconproject.com/ 0
0

GET

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001724764636-7HM2ATSK-MZ6V&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001724764636...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001724764636-7HM2ATSK-MZ6V&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001724...

0
0

GET

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001724764636-7HM2ATSK-MZ6V
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001724764636-7HM2ATSK-MZ6V&google_gid=CAESEJBAJHUutmFkWykqQN_UcKY&google_cver=1&google_ula=450542624,0

0
0

GET g_hosted
ids.ad.gt/api/v1/ 0
0

GET ux
ad.360yield.com/ 0
0

GET cm
u.openx.net/w/1.0/ 0
0

GET https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V
d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/ 0
0

GET
H3 200 envelope Show response
lexicon.33across.com/v1/ 42 B
58 B 49ms
44ms XHR
application/json 35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&src=aps&ver=1.13.0
Requested by: Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 27 Aug 2024 13:17:15 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

POST
H2 200 882.json Show response
id5-sync.com/g/v2/ 632 B
1 KB 176ms
116ms Fetch
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/882.json

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

8caf29de184029f192909bbeabc6da598c8fbb68f1f9fc8b5fa6436d29bd12ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 27 Aug 2024 13:17:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://www.hogwartsishere.com
content-type: application/json
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST map
bcp.crwdcntrl.net/6/ 0
0

GET log
qsearch-a.akamaihd.net/ 0
0

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

POST c
c.pub.network/v2/ 0
0

POST 882.json
id5-sync.com/g/v2/ 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET amp4ads-v0.mjs
cdn.ampproject.org/rtv/022406241625000/ Frame 4DB1 0
0

GET amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022406241625000/v0/ Frame 4DB1 0
0

GET amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022406241625000/v0/ Frame 4DB1 0
0

GET amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022406241625000/v0/ Frame 4DB1 0
0

GET amp-form-0.1.mjs
cdn.ampproject.org/rtv/022406241625000/v0/ Frame 4DB1 0
0

GET css
fonts.googleapis.com/ Frame 4DB1 0
0

GET
DATA 200
OK truncated
/ Frame 4DB1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57d3da9e81703df6f1555beeb05dfadb6322ad95538e609c36e0c1787c8ed07d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4DB1 0
0

GET icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4DB1 0
0

GET l
www.google.com/ads/measurement/ Frame 4DB1 0
0

GET B29069693.401571518;dc_trk_aid=593565027;dc_trk_cid=220958361;ord=2331502112;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame 4DB1 0
0

GET adview
securepubads.g.doubleclick.net/pagead/ Frame 4DB1 0
0

POST
H2 200 auction_end Show response
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ 60 B
226 B 130ms
101ms Fetch
application/json 52.25.174.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.25.174.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-174-97.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 71cab0e56c9874898192c82aae466337bb6cf8f075c1299eb50b7865b37e88f5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://www.hogwartsishere.com
date: Tue, 27 Aug 2024 13:17:16 GMT
access-control-allow-credentials: true
content-length: 60
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 bounce Show response
id5-sync.com/ 30 B
240 B 117ms
114ms Fetch
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.hogwartsishere.com
date: Tue, 27 Aug 2024 13:17:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: text/plain;charset=utf-8

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
293 B 117ms
114ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.hogwartsishere.com
date: Tue, 27 Aug 2024 13:17:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

OPTIONS
H2 204 auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ Frame 0
0 131ms
121ms Preflight 35.89.160.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.89.160.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-89-160-156.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.hogwartsishere.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods: POST
access-control-allow-origin: https://www.hogwartsishere.com
access-control-max-age: 86400
date: Tue, 27 Aug 2024 13:17:16 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 v3 Show response
id5-sync.com/gm/ 700 B
1 KB 126ms
109ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

2976d7c9156fb737f97f91f1128216011caa23004a5a16ce31fc423633f4b9fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Aug 2024 13:17:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://www.hogwartsishere.com
content-type: application/json
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 82ms
81ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e594764adcd2717d158a50b0cb7bc7282fdf5124034e746e37d5df5e80756fb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Aug 2024 13:17:16 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://id5-sync.com/i/882/8.gif?o=api&id5id=ID5*TS2hb9cM26KW0Cj0PwztNdfvGV1e5u0dFR9oUS9B_aC-2XGRBsmMOpeXiI7XcDEe&gdpr_consent=undefined&gdpr=false
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F441%2F7%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://id5-sync.com/c/882/441/7/2.gif?puid=u_67c1c9a1-3143-418e-a4ef-7ae19cb01af8&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F108%2F6%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://id5-sync.com/c/882/108/6/3.gif?puid=521143ca-3774-49ca-97a4-64f604d92cd4&gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F429%2F5%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/882/429/5/4.gif?puid=D77D6F54-4834-4079-BA1E-F623A5C4ADF5&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=e59896bc-a246-4956-ab7f-a4b90073b588&ttl=%%TTL%%
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F434%2F3%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
https://id5-sync.com/c/882/434/3/6.gif?puid=672e2daf-4283-4f43-a1c6-302301c0427f&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F112%2F2%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/882/112/2/7.gif?puid=64A0BD1688144355&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/882/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/882/2/1/8.gif?puid=6321343210350193360&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NjRBMEJEMTY4ODE0NDM1NQ%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-4a65rkBM-O-cv65GQHpvrqOOByeqekdsU_8LVg1q-g
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEPLaJsfhTitcGItUEPNPGyo&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&id5=ID5-4a65rkBM-O-cv65GQHpvrqOOByeqekdsU_8LVg1q-g&...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8

70 B
349 B

81ms
25ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:19 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 27 Aug 2024 13:17:19 GMT
Frontend-ID: 6
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=x2e7tq8
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
18 KB 535ms
532ms Fetch
text/plain 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3068643160611746&correlator=3702384675922548&eid=31085738%2C31086224%2C676982996&output=ldjh&gdfp_req=1&vrg=202408220101&ptt=17&impl=fifs&gdpr=0&iu_parts=15184186%3A22523097934%2Chogwartsishere_adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=6&sfv=1-0-40&eri=65&sc=1&cookie=ID%3Dbbbd727a14fbe6b5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MYxgvIjv8OczAJAY9H13FEuQAzmcQ&gpic=UID%3D00000ed5f1efa5f7%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MbY_u-0Sr29zISQMueaTRZlhET85Q&abxe=1&dt=1724764637356&lmt=1724764637&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&vis=1&psz=338x-1&msz=300x-1&fws=516&ohw=1600&td=1&egid=11063&tan=8abc0fa5-ef75-4e2e-8c64-c1dcafb925c7&tdf=2&topics=9&tps=9&htps=10&a3p=Ej8KHGxpdmVpbnRlbnQuaW5kZXhleGNoYW5nZS5jb20SHVdsSlcxdEhNNGE0QUFENHl5c1FBQUFBQiYyNjI5WAESMwoJb3BlbngubmV0EiRiZTg1ZWU0ZS02NjI5LTBjYWQtMTVlOS02NTEzNWZlNjAxNjRYARJWCgxpZDUtc3luYy5jb20SRElENSpPZzVmNUtBdkpTbmg4OVpfU0M4VHZxRE01OVlweFJPV1lqeVcybGhpQXl1LTJUb2lLY0JaUUtRTW5aTzAxQVhTWAESNAoKcHViY2lkLm9yZxIkY2FlNmQwZDUtZDFiOS00ZjUzLThmOGQtNTRhNGFiZDk1Yzg1WAEShgEKDmxpdmVpbnRlbnQuY29tEnI2LVpCZENGWG15cFJiMUs3YTVLaVIxYkNLYnZKNUF0ZEd2eVdVSCtXSGhONmVTd01HUFJpVHF2MlpXOTRhVlJwTkJvUHF0a01OUGU3MnIyOGRNSmlLNDRKSk1ycVIycWlzeUpTRHF1b1lEdmplb3lRPT1YARInChJydWJpY29ucHJvamVjdC5jb20SD0pDNERSMDUwLVctSkVOWFgBEjcKDWJpZHN3aXRjaC5uZXQSJDhlNjRkYjdjLWNkMDAtNDA1OC04NTQxLTJjMmNjZWU4MmE4N1gBEjYKDHB1Ym1hdGljLmNvbRIkQjg1MjA0N0ItRTcxMS00MzIzLTgyMDctRDE4QzUzMUY5QTFCWAESRgoMYXVkaWdlbnQuY29tEjQwMDAxeXVtMGVhYmtiYTk4YmNpYWU2Z2liZGRqOTZsZGNsZjc4NmtoZGFhYmFja2tjMmpsWAE.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1724764626510&idt=7567&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D46b08aa2-a738-40c0-aad0-5a586960e3b7%26floors_id%3D8383fb%26floors_hour%3D13%26fs_placementName%3Dhogwartsishere_adhesion%26fs_ad_product%3DstickyFooter%26fs_clientservermask%3D23223321130232210112002%26amznbid%3D2%26amznp%3D2%26fs-auuid%3Da574f3c4-ec75-4046-94a1-1a53e4a22f33%26fsbid%3D0&cust_params=fsitf%3DYNYYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26fs_session_id%3D5a2b3e66-b9a9-4d28-b5cf-458567d9f94e%26fs_pageview_id%3D15679d5f2b776664e05b43e1744e4128%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D21%26fs_testgroup%3Doptimised&adks=3480206718&frm=20&eo_id_str=ID%3Da0046d26b19c07d5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DAA-Afja0HB8wgrjqqhLjeYxu0cu7

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

a1218ba6fb6c382d10a3b05ac5f28799556b9018b4fb371948cf754869b5aabc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18851
x-xss-protection: 0
google-lineitem-id: 6363739102
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138443801158
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 log
api.btloader.com/ 0
0 53ms
51ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/log?tid=CnUGTSTwaa&cv=2.1.48-8-ge80695d-BTCORE-501-treat-users-as-non-consented-when-consent-on-any-tcf-compliance-is-not-met&sid=pHfEXreg1&upapi=true
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 27 Aug 2024 13:17:17 GMT
via: 1.1 google
vary: Origin
x-ratelimit-remaining: 4680
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-reset: 1724764638
x-ratelimit-limit: 5000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 62ms
58ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e594764adcd2717d158a50b0cb7bc7282fdf5124034e746e37d5df5e80756fb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Aug 2024 13:17:17 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 290D 0
0 99ms
97ms Fetch
image/gif 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYjhQupHOogMctAaqGg2WFN4zkYTQkEFF2uEqr8pNhAc22A9HhVoidEvEircPWSTW71QBuCR3BCuj3_gIzDnSoihmWwGNZq2WJxEWrdxtIvJXzXQaNgVXApDN52Xv-d57xBOmYRc_xSXSpH6MO3YfqWCYy53gBHFziSL8p-O9b7mZXpVMBXnThtzcFLVlhFg7DUBN2Y0zvJCaOKGaOnaW95oX7AqHqNd7fbHNu6uF6I1O7Wnff9L6VJasnTNWPZQAnihbiulYuBggBZB9KZ0ZUSV2qRo-rgQFHIafE0aG9aBoBptCuH3c7SNBKkReujQrDaoA-6Kw0t-IG2axKSbmZ2dS1EnBY0z8qaDZMEuyzPmH2KtFoSHnnsphh4a1O5jltZIg_I6A42w&sai=AMfl-YRCcCnCUGVfkwJoE0vfd8droGu856rBvWTbycANlT7HHf7copcPREnSjOt1HmC5pk3B7FDxaPcI9Qyin_u8xkVfjcgfDx_9Zi_80J9aXP_2vLITFLSqvkvpSeI4hBU&sig=Cg0ArKJSzIYZXzd3qRmmEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/1639971/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240826/r20110914/ Frame 290D 23 KB
9 KB 99ms
33ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240826/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6a8b016cc2d9563abdfc6a0b8c1d1e52bcdb51879e9b62ebbaabcd839ca6767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 12:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 15342016733957819861
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Sep 2024 12:57:50 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 290D 152 KB
0 4ms
4ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

ffd3cc7cc4bb06f749c44c594efa0c881ca6513ee5317b111d7cc43bee7725e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52202
x-xss-protection: 0
server: cafe
etag: 9043140795810443319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 27 Aug 2024 13:17:09 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 290D 204 KB
63 KB 28ms
26ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

1ec5eff3dc2fba7c74f4f89b509f6d42a71b45051528b065150e61a65ecd6d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 12:57:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64908
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Aug 2024 13:57:50 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/ Frame 290D 431 KB
0 0ms
0ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

e2aad5d8a1c7ceef0920e00ab0e7bd017eb47333a0912f71f76230e288ed6e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147374
x-xss-protection: 0
server: cafe
etag: 10557574620885522582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Aug 2024 13:17:09 GMT

GET
DATA 200
OK truncated
/ Frame 290D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6761850ff7a3e529a77dbdb233fad029a74ba0248d9e51f615e3acb3f8fb2f4a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 290D 0
0 141ms
90ms Fetch
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:17:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 290D 0
0 119ms
118ms Fetch
image/gif 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss77hMr0jwxfrCs2pt-vJKLLyENQUdVLYWdCOyhTtVONB8xbIjFX2qXT_Mj7yamM_RjWk9m77DPk_uKJVRcNeGdYdkHiFJQz23Ugz26cq3Kw__wT9-FdBKmYYH77UFL8NoJwpPa8Zb0_wVVFnBwkiWN27vt7pJgyzI_nkNvjNm_LA5X-6xbZljM03Si57geG7cWwICOqPmPbm3ZezDl3PAyGubDlB7lS3eOUnLY1_vJHfDPOYxJdo6CQXLn8ZmDCOnxSwzmZW8yVtbGMQtVsDCqiJrRx48tiGuPkbB4tMsZXwzXdgw0mrltSf01ea0ogY--aZqsyK5kftimOnT9aB1zQNE3CXvyYuxjcibb66WSiz45Iv8d8DNzjKkh4h8VxQ-aHZuFDeOXumjM&sai=AMfl-YSaly8Z8lE6TUA_62R5OefN_U9jOS48acgX7rlmaq7vuf7HI3CmRgfuSfB3i5Pekkf6yK0bwI-aBnIqKLO36fHfUa1DTbRypQ0807J5aC9NCKuc-1NgG4turcVQJx4&sig=Cg0ArKJSzG89MgPNPZttEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 27 Aug 2024 13:17:18 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 290D 0
20 B 134ms
115ms Image
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=fs-sticky-footer&cls=fs-sticky-footer&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:17:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 290D 0
20 B 134ms
111ms Image
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=navbar-custom%20m-announcement&ign=false&pw=1600&ph=1200&x=800&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:17:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 252A 0
0 396ms
351ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2131671202406978&output=html&h=100&slotname=4019111808&adk=900731310&adf=735837974&pi=t.ma~as.4019111808&w=320&abgtt=1&lmt=1724764638&format=320x100&url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724764638537&bpp=4&bdt=530&idt=127&shv=r20240822&mjsv=m202408210101&ptt=9&saldr=aa&cookie=ID%3Dbbbd727a14fbe6b5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MYxgvIjv8OczAJAY9H13FEuQAzmcQ&gpic=UID%3D00000ed5f1efa5f7%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MbY_u-0Sr29zISQMueaTRZlhET85Q&eo_id_str=ID%3Da0046d26b19c07d5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DAA-Afja0HB8wgrjqqhLjeYxu0cu7&correlator=3930869338816&frm=23&ife=4&pv=1&nhd=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=621&ady=1100&biw=1600&bih=1200&isw=320&ish=100&ifk=2880384866&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C44795921%2C95334829%2C95338227%2C21065724&oid=2&pvsid=1964767672560092&tmod=468884502&uas=0&nvt=1&fc=896&brdim=340%2C340%2C340%2C340%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.mxtryox0cp5j&fsb=1&dtd=254

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 27006
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Aug 2024 13:17:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7DD4 0
0 216ms
173ms Document
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2131671202406978&output=html&adk=1812271804&adf=2751417939&abgtt=1&lmt=1724764638&plat=1%3A16777216%2C2%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C128x945_r&format=0x0&url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_18~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724764638537&bpp=6&bdt=531&idt=147&shv=r20240822&mjsv=m202408210101&ptt=9&saldr=aa&cookie=ID%3Dbbbd727a14fbe6b5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MYxgvIjv8OczAJAY9H13FEuQAzmcQ&gpic=UID%3D00000ed5f1efa5f7%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MbY_u-0Sr29zISQMueaTRZlhET85Q&eo_id_str=ID%3Da0046d26b19c07d5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DAA-Afja0HB8wgrjqqhLjeYxu0cu7&prev_fmts=320x100&nras=1&correlator=3930869338816&frm=23&ife=4&pv=1&nhd=1&u_tz=-420&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=320&ish=100&ifk=2880384866&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C44795921%2C95334829%2C95338227%2C21065724&oid=2&pvsid=1964767672560092&tmod=468884502&uas=0&nvt=1&fsapi=1&fc=896&brdim=340%2C340%2C340%2C340%2C1600%2C0%2C1600%2C1200%2C320%2C100&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.71v1z44u4g2x&fsb=1&dtd=260

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 657
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Aug 2024 13:17:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame 290D 17 KB
13 KB 117ms
95ms XHR
application/json 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20240822&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

e04df0e03b1ae3e3e216ebfb6e073382ee657524349683582f2dc94c6f5d7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12942
x-xss-protection: 0

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 135ms
130ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e594764adcd2717d158a50b0cb7bc7282fdf5124034e746e37d5df5e80756fb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Aug 2024 13:17:18 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame 290D 17 KB
0 60ms
60ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 13:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 13:17:13 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A7B6 0
0 3ms
3ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Aug 2024 13:15:20 GMT
expires: Wed, 27 Aug 2025 13:15:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 4072 0
0 1ms
1ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bDX7kjkkEL1a-TbNhxuzrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bDX7kjkkEL1a-TbNhxuzrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Aug 2024 13:17:14 GMT
expires: Tue, 27 Aug 2024 13:17:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 290D 0
20 B 100ms
98ms Image
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-2131671202406978&warn=12%2C13&w=320&h=100&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20240825_103452&sat=1724697617569&afm=2%2C0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.962&alldns=0.962&allp=4&pgh=104&abl=false&rr=n&su=www.hogwartsishere.com&pvc=1964767672560092&r=0.1&eid=44759875%2C44759926%2C44759837%2C42532523%2C44795921%2C95334829%2C95338227%2C21065724

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:17:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 123ms
72ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e594764adcd2717d158a50b0cb7bc7282fdf5124034e746e37d5df5e80756fb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Aug 2024 13:17:19 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.hogwartsishere.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 290D 42 B
65 B 89ms
89ms Fetch
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv94Y7SaZDaQ2pntBzJEOY5M4tb4SFZxz-iLcpPDyZTPNiUppP6i0ZTxjW7Xfc3IqwEg6j1a2I6cdhmkiL4noLmmYClwd3tc34rzo9TSOHJMW9RLvP2FlE1kuCwtU7tqKuaDsCg13p5h-NwBpTXXTZF159lYqDqACA&sig=Cg0ArKJSzHojtbJp7XtPEAE&id=lidar2&mcvt=1001&p=1100,621,1200,941&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240826&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3480206718&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2069743800&rst=1724764638008&rpt=683&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Aug 2024 13:17:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 290D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s2s.t13.io
URL: https://s2s.t13.io/cookie_sync

Domain: s2s.t13.io
URL: https://s2s.t13.io/openrtb2/auction

Domain: tlx.3lift.com
URL: https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.7&referrer=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&tmax=586&gdpr=false

Domain: grid.bidswitch.net
URL: https://grid.bidswitch.net/hbjson

Domain: ex.ingage.tech
URL: https://ex.ingage.tech/v1/openrtb

Domain: prebid.media.net
URL: https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/exchange/prebid?pbav=8.49.7&p=%5B%7B%22placement_id%22%3A%22hogwartsishere_right_sidewall%22%2C%22callback_id%22%3A%2223800e0490d8a3%22%2C%22sizes%22%3A%5B%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%222785004069981200390%22%2C%22gpid%22%3A%22%2F15184186%2Fhogwartsishere_right_sidewall%2Fhogwartsishere_right_sidewall%22%2C%22tid%22%3A%22d173c805-749a-41ab-8594-790521f07d71%22%2C%22auctionId%22%3A%229d739547-a727-4094-81f2-d06c75f3d252%22%7D%5D&page_url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&bust=1724764635043&dnt=false&description=Hogwarts%20is%20Here%20is%20a%20fully%20fan-operated%20online%20Hogwarts.%20Make%20new%20friends%2C%20attend%20Hogwarts%20classes%20and%20more!&tmax=586&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Fynix.io%20(Gryffindor)%20%7C%20Hogwarts%20is%20Here&w=1600&h=1200&pubcid=cae6d0d5-d1b9-4f53-8f8d-54a4abd95c85&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cae6d0d5-d1b9-4f53-8f8d-54a4abd95c85%22%2C%22atype%22%3A1%7D%5D%7D%5D

Domain: s2s.t13.io
URL: https://s2s.t13.io/openrtb2/auction

Domain: tlx.3lift.com
URL: https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.7&referrer=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&tmax=586&gdpr=false

Domain: ex.ingage.tech
URL: https://ex.ingage.tech/v1/openrtb

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-index_n-LoopMe_rx_n-MediaNet_ox-db5_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-Vidazoo_n-nativo_gg_n-adMediaV1_n-Beeswax_smrt_n-inmobi_cnv_n-sharethrough_rbd_ppt_an-db5_n-Rise_3lift

Domain: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474

Domain: ids.ad.gt
URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001724764636-7HM2ATSK-MZ6V&halo_id=060ixe6ju6a65dg9iefi9ld8dfc9glgge7huom0wi0e0ykq6umou60k4koi6q0qqm

Domain: ids.ad.gt
URL: https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001724764636-7HM2ATSK-MZ6V

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V%26adnxs_id%3D%24UID%26gdpr%3D0

Domain: ids.ad.gt
URL: https://ids.ad.gt/api/v1/t_match?tdid=e59896bc-a246-4956-ab7f-a4b90073b588&id=AU1D-0100-001724764636-7HM2ATSK-MZ6V

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001724764636-7HM2ATSK-MZ6V&gdpr=0

Domain: pixel.tapad.com
URL: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001724764636-7HM2ATSK-MZ6V&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V%26tapad_id%3D%24%7BTA_DEVICE_ID%7D

Domain: ids.ad.gt
URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001724764636-7HM2ATSK-MZ6V&google_gid=CAESEJBAJHUutmFkWykqQN_UcKY&google_cver=1&google_ula=450542624,0

Domain: ids.ad.gt
URL: https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001724764636-7HM2ATSK-MZ6V

Domain: ad.360yield.com
URL: https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V%26impr_uid%3D%7BPUB_USER_ID%7D

Domain: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V%26auid%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V

Domain: d.turn.com
URL: https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001724764636-7HM2ATSK-MZ6V

Domain: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/6/map

Domain: qsearch-a.akamaihd.net
URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=a574f3c4-ec75-4046-94a1-1a53e4a22f33&cid=8CUJ8GUQF&crid=315461417&adunit_count=1&dn=www.hogwartsishere.com&requrl=https://www.hogwartsishere.com/1639971/&istop=true&event=client_timeout&value=1&rd=586

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3068643160611746&correlator=3093235785926389&eid=31085738%2C31086224%2C676982996&output=ldjh&gdfp_req=1&vrg=202408220101&ptt=17&impl=fifs&gdpr=0&iu_parts=15184186%3A22523097934%2Chogwartsishere_adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dbbbd727a14fbe6b5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MYxgvIjv8OczAJAY9H13FEuQAzmcQ&gpic=UID%3D00000ed5f1efa5f7%3AT%3D1724764631%3ART%3D1724764631%3AS%3DALNI_MbY_u-0Sr29zISQMueaTRZlhET85Q&abxe=1&dt=1724764636019&lmt=1724764636&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&vis=1&psz=338x-1&msz=300x-1&fws=516&ohw=1600&td=1&egid=11063&tan=8abc0fa5-ef75-4e2e-8c64-c1dcafb925c6&tdf=2&topics=9&tps=9&htps=10&a3p=Ej8KHGxpdmVpbnRlbnQuaW5kZXhleGNoYW5nZS5jb20SHVdsSlcxdEhNNGE0QUFENHl5c1FBQUFBQiYyNjI5WAESMwoJb3BlbngubmV0EiRiZTg1ZWU0ZS02NjI5LTBjYWQtMTVlOS02NTEzNWZlNjAxNjRYARI0CgpwdWJjaWQub3JnEiRjYWU2ZDBkNS1kMWI5LTRmNTMtOGY4ZC01NGE0YWJkOTVjODVYARKGAQoObGl2ZWludGVudC5jb20ScjYtWkJkQ0ZYbXlwUmIxSzdhNUtpUjFiQ0tidko1QXRkR3Z5V1VIK1dIaE42ZVN3TUdQUmlUcXYyWlc5NGFWUnBOQm9QcXRrTU5QZTcycjI4ZE1KaUs0NEpKTXJxUjJxaXN5SlNEcXVvWUR2amVveVE9PVgBEicKEnJ1Ymljb25wcm9qZWN0LmNvbRIPSkM0RFIwNTAtVy1KRU5YWAESNwoNYmlkc3dpdGNoLm5ldBIkOGU2NGRiN2MtY2QwMC00MDU4LTg1NDEtMmMyY2NlZTgyYTg3WAESNgoMcHVibWF0aWMuY29tEiRCODUyMDQ3Qi1FNzExLTQzMjMtODIwNy1EMThDNTMxRjlBMUJYARJGCgxhdWRpZ2VudC5jb20SNDAwMDF5dW0wZWFia2JhOThiY2lhZTZnaWJkZGo5NmxkY2xmNzg2a2hkYWFiYWNra2MyamxYAQ..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1724764626510&idt=7567&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D46b08aa2-a738-40c0-aad0-5a586960e3b7%26floors_id%3D8383fb%26floors_hour%3D13%26fs_placementName%3Dhogwartsishere_adhesion%26fs_ad_product%3DstickyFooter%26fs_clientservermask%3D23223321130232210112002%26amznbid%3D2%26amznp%3D2%26fs-auuid%3Da574f3c4-ec75-4046-94a1-1a53e4a22f33%26fsbid%3D0&cust_params=fsitf%3DYNYYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26fs_session_id%3D5a2b3e66-b9a9-4d28-b5cf-458567d9f94e%26fs_pageview_id%3D15679d5f2b776664e05b43e1744e4128%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D21%26fs_testgroup%3Doptimised&adks=3480206718&frm=20&eo_id_str=ID%3Da0046d26b19c07d5%3AT%3D1724764631%3ART%3D1724764631%3AS%3DAA-Afja0HB8wgrjqqhLjeYxu0cu7

Domain: c.pub.network
URL: https://c.pub.network/v2/c

Domain: id5-sync.com
URL: https://id5-sync.com/g/v2/882.json

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240822&jk=3068643160611746&bg=!IyClIG_NAAa5X5oAmV87ADQBe5WfOGLTXHdah8HrbewNCz4kqI_j0AujX0tTwWhNa_coOTXXBAc2yi64w9n1e1UrBEVkAgAAAdxSAAAARGgBB34ANsizJkyOPWaRnRQs-oHLbyXOvuvtwtvzBmuoAbyr5cwEZ5qiodleVdOXy1ITsTBrhEbgLCswu5kC-O3XG3uKTsKdhV38ODwN7gYFsV-MrDSrS11Cg1tMvlSstBS3zhA6Xj1POt60Na6ikEk5vyEflbCuCr1sJq-B5Udo3YHRDNMue6zDRaBXrV6GY23IkMkicT7LqEurfg_Q_wxe88W7T1EjRIuKJoyG_FbQVxZE84OlgcOnJt7j0efUJ_Lpf5ET1OQW-s33tOLc6VFKC00jPHtm7ddtQ_ptcsvTk7i3gneHU15WynsRoaal09QbqOcO0D82ZroiYM7btCdgdN1Hs1DryukvDrxMJfszBQWYGJ6UvbVR9YaPxnU7wViAVSlixoY-VwWXdjp6f32fPptak7QG3puXNoHo1MJ0iOCtkKMtgKgFOURAq_JTt7pv-wUHqxHyVKY85cbpo281rdV6mLopwkAN7T_J9SlNdfveiODcXb5pqu87bnzsGalExuIHyQtzntbd__yjebNeF3D4eB52KWtTgNE2P8CjjxGJqnVy49SKQaa6ue6l-R0DUNHi8Rc26ATQukstyBIRSTBNXT0vyBChuVMXgfmywBMbT-TrsfJ2Ihw0SceLC8TnbnOI0OADQN0-OlhJ4jfic4zhMzMUcc-g0WrkfmrHFAbDxXFr9ojJjrEeJKvW0bdberJp_2-qLj0dPTx_HY0NOTlinemGAV_Wll_ug4RlqTegeZ7Efcz8YTZqMgITYOj9FGbB6Y8HFnz7r5Uclh8XNipfCgPP-jam0Sg-yfhAL_fvXhH5Vl41cO8hlT02Jli2sv3spzWkE54IoQrpxRyJrBf0s3tdBqHCKVHTFD7DUsLapzQIcYqOOg7CD3hJ0gIJ-WXG9c2W0jGDIuYAq4J1dDktsx6Bim8KzterrgUZj0N3WrdciaG6DPpCzGjhk9-MA3JD3mS5DS1NDXlJw3mDoNgFKNsUA0er3Rn93STOyeJ4xyaz6D5lEOS2DsHyGbmeVS-9sj9AL8ssxCjOcpzvQhsF-z7ds4cNNFtya3qE_8eBF75fFFyjPCs42BY5WiIKZ1OwUDM

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022406241625000/amp4ads-v0.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022406241625000/v0/amp-ad-exit-0.1.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022406241625000/v0/amp-analytics-0.1.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022406241625000/v0/amp-fit-text-0.1.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022406241625000/v0/amp-form-0.1.mjs

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTV4la0ffmTH4pd8eQS97NxkkkVVMxnDyb69Y5JO_twjKNc63_ySCl1zXSDJrnHFqh3A_1AOFPjK5ygREjj8lBAvKkiXg

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.401571518;dc_trk_aid=593565027;dc_trk_cid=220958361;ord=2331502112;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CpamV29HNZsG9IcyZrr4P9Y2ToQzbt_mpecfolrWPE6-BuuPXAhABINrXxTlg_eiigfADoAHS-MviA8gBAeACAKgDAcgDCqoEowJP0C7F1RlhOnu6Q79kzxzj7TL1AuF1361I8aaduX-1pP6x6kJxAoRLsVURjdnhs4Axdfj0GsaWbSTmBWSBNHlVF10TajCMjBAkCsxqaHft14YMQK762VFaub2yA3RDuyf1IUQCI3jko2DmdaO-2z_aYb_KAxqLIdqxvSRTsDwrbUSa05QiGOd3UL2vZZ6aZT9IdPeNcl0ERa9v12XqVMu1KfHYDd5jYfCfr8635HTMSbSEyAlGH8Bm1zVM3YsjGXjVesk5zv3VQK3cuZVl0pTJZAlnZs3Q3CrV9SGLbk4RFnxSmJ56GGeMUkKzUP6T5GY-r-wJMMtlKF6rOc9TZv9lhnjiEK5lnf3VKhLhT8m8t5bnJLICELHm-yn-BHyiHvNCJSDABL7W4amFAuAEAYgF2Ib9uQeAB4GI1kOoB9m2sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBBDA_QTSCCQIgGEQARgdMgKKAjoJgECAwICAgKAoSL39wTpY5d-v-6CViAPyCBthZHgtc3Vic3luLTE2MTIxMTkxMTgwMDkwNziaCThodHRwczovL3d3dy5zcXVhcmVzcGFjZS5jb20vd2Vic2l0ZS1kZXNpZ24vP2dhZF9zb3VyY2U9NYAKA8gLAdoMEQoLEODfopqei6vangESAgED4g0TCI6LsPuglYgDFcyMywEd9cYkxNgTA9AVAYAXAbIXIAocCAASFHB1Yi04MDYxOTQ2NDEzNTM3OTg0GLrIFxgBuhcCOAGyGAkSAuVZGAEiAQDQGAE&sigh=skYNSI8RAfg&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSPADpaXnfh6Yk7J7NrAjqmOoiTUilJXDWtUQe6PLyS0k1QxD6IrZ-yMCBWvJFJx2EcbgoMyBGR5IUGG_qERgB&template_id=5020

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240822&jk=1964767672560092&bg=!8POl87zNAAa5X5oAmV87ADQBe5WfOBKjXVp5UzGY_2J-5OU8Xt6eASq_nOMwMKaHRXCkUalrAZQY4XgySiAbp8XqgzTJAgAAAmlSAAAAA2gBB34ANjhfO41n-XXkXEC2ETh_zlpYDbWWjCKLgF1uxAjRGide07P4RXldX6NlZarEKYtv4A0Dh1FepgoAGUHmLLjTA0EiG_I3jB8Yx09iLSlgLENcpGOZAxA40IEl45xqn7FGOYm5-EaYgdEljSSCVRkK1zEOv-E5ZKKxXUq-Q3SLYXl_VH11xNjzQd18hwQra0RLKs-xhsaJUwP-pZkGtbARWId47JSxi6XstRNM8L6M-Y8WQQVnmXlz4Hd7H67Qu8jnvMmDrLLTGIDGzt0y6Csm_6qBHbAob3fASgyMmxV-x9_-2UkNQUtAOWWdo50zrWUoK4iHIvFiUalnB52oKPteMPkt9joGUhiqm8GtGmqM6YdyxnbpWQM8QvMPENh-va_4In7OD93QLbNE4LIpf3pswobhcsfdSdHhq1-v8e7jIrCMlyU-QrF_xSfEFR0tRuTYNkufKShv92YetVSJehNoh-99g_kgkJzvcniQZ4jk6uAL2Ccop0gjuXNQFhW8dXAms5XjfOAzEmKxXYoq42jvoC2EF2GaJ6kbemsnStdOGj84hxWBNrD3nfc9RrNAE6bIO4ctrImHKceTn5CRflXs6D9tQoJWfT7imyf6ytdVFgP8b0dSGbY19MnoDj2iVNYTe4NSwI4Gat3wjufj2kX3B9SK2mEa37yeT5264fmoyuswI2x-rbh31nIrhYFLmEJKXiy09o88vvJxhavvSOJtdKvk5Ako-fZvDhPPym16LpsStmmPbXzahXpASUl-aEsMsU8ipTAx4pddossWkbTz1VHVVuPxR2kH_pL2dA210fKG71YjS6eZJ0C498DMpUpvzHY_CSZ2h7X6ECG2cxm-_hJH4Kv2zVH9g3qwuKu5AMEwi9pskNoE0R_ttXwfxikZ8FvW4-eGuyJ_4Acp-ZPz8tkJldXPk-l5SWyCvTCWQ54j2jthJNOdrfvO-2ZBs7vZ2zvtPSrj4CRmRrld24lwh0NAUWboDylcUjbcSQ-JI1dkiZ6QOShSz0OsTdbl1aPHFtvdcz0xGpsCHwAT55Li6QZZVkGIY7EcjehjDtjC8mbLX3MZs4WKQzsUQooKjo4gUsh2LlmdJ3dMGoKyIdn8-lQIFcySrmcUCW_YJ-KGuo3icwMPqGb-a-CCimXhNmLpKphmQ2y_

Verdicts & Comments Add Verdict or Comment

269 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 08:42:04	Name: lidid Value: 6fabb6dd-41d0-429f-b178-a209ed95b53e
www.hogwartsishere.com/	1970-01-21 07:50:14	Name: csrftoken Value: MAXFv6V5YwvoeVELHaAtU6V9luknr49EaQ74rgFrGOvx6jQBzr3HL7DwPvFWBBdv
.hogwartsishere.com/	1970-01-20 23:46:23	Name: sessionid Value: kkx0zqmtl4odiukp5jceizuaohzacy78
.pub.network/	1970-01-21 08:42:04	Name: _fsuid Value: 0a210b57-8f0b-4e0b-ad2e-b2f306f6abbd
.hogwartsishere.com/	1970-01-21 01:15:40	Name: _fbp Value: fb.1.1724764630667.942336187884339368
.hogwartsishere.com/	1970-01-21 08:42:04	Name: _ga_W8JV9KJ9MK Value: GS1.1.1724764630.1.0.1724764630.0.0.0
.hogwartsishere.com/	1970-01-21 08:42:04	Name: _ga Value: GA1.1.238644461.1724764631
.quantserve.com/	1970-01-21 08:36:19	Name: mc Value: 66cdd1d7-2f8ab-dd972-65291
.hogwartsishere.com/	1970-01-21 08:30:33	Name: __qca Value: P0-787801791-1724764630597
.doubleclick.net/	1970-01-21 08:42:04	Name: IDE Value: AHWqTUm6SKIAyHWjb2ojiihOUFxMBpVNvTezvzM-ABYeiJQrDSlGefv4w9OwIgLIc2U
.hogwartsishere.com/	1970-01-21 08:27:40	Name: __gads Value: ID=bbbd727a14fbe6b5:T=1724764631:RT=1724764631:S=ALNI_MYxgvIjv8OczAJAY9H13FEuQAzmcQ
.hogwartsishere.com/	1970-01-21 08:27:40	Name: __gpi Value: UID=00000ed5f1efa5f7:T=1724764631:RT=1724764631:S=ALNI_MbY_u-0Sr29zISQMueaTRZlhET85Q
.hogwartsishere.com/	1970-01-21 03:25:16	Name: __eoi Value: ID=a0046d26b19c07d5:T=1724764631:RT=1724764631:S=AA-Afja0HB8wgrjqqhLjeYxu0cu7
.mediago.io/	1970-01-21 07:51:40	Name: __mguid_ Value: 2bb5d33082a976be2zvcrg00m0cgbvwl
gtrace.mediago.io/	1970-01-21 07:51:40	Name: cst_70 Value: ts=1724764632
.hogwartsishere.com/	1970-01-21 07:51:40	Name: FCNEC Value: %5B%5B%22AKsRol8pWggDqtQmiRCefk8K27Zm6kqBSIhD6vUjg2LBu1ByKwgcPCF9VYy4_vCFvWphNjEgpco04oc6x2K4yAMC-EVjdLu-hDjO_R-v7Kio5MPcji1XHLqLORVvq6KnAHboJaJPk0vcMEXlzZDu7tJ2k1K6Fag-pQ%3D%3D%22%5D%5D
.hogwartsishere.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .hogwartsishere.com
.hogwartsishere.com/	1970-01-21 08:42:04	Name: _lc2_fpi Value: bda1e59b84f8--01j69zqf2rnjb70ybbh9g89y51
.hogwartsishere.com/	1970-01-21 08:42:04	Name: _lc2_fpi_meta Value: %7B%22w%22%3A1724764634201%7D
.hogwartsishere.com/	1970-01-20 23:46:23	Name: cookie Value: cae6d0d5-d1b9-4f53-8f8d-54a4abd95c85
.hogwartsishere.com/	1970-01-20 23:46:23	Name: cookie_cst Value: kSylLAssaw%3D%3D
www.hogwartsishere.com/	1970-01-20 23:06:08	Name: _lr_retry_request Value: true
www.hogwartsishere.com/	1970-01-20 23:49:16	Name: _lr_env_src_ats Value: false
.liadm.com/	1970-01-21 08:42:04	Name: lidid Value: 6fabb6dd-41d0-429f-b178-a209ed95b53e
.adsrvr.org/	1970-01-21 07:51:40	Name: TDID Value: e59896bc-a246-4956-ab7f-a4b90073b588
.33across.com/	1970-01-21 07:51:40	Name: check Value: true
.ccgateway.net/	1970-01-21 01:14:14	Name: ccuid Value: ade054e4-2707-4859-aea8-f8eab4804645
.3lift.com/	1970-01-21 01:15:40	Name: receive-cookie-deprecation Value: 1
prebid.media.net/	1970-01-21 03:25:16	Name: receive-cookie-deprecation Value: 1
.ad.gt/	1969-12-31 23:59:59	Name: au_3p_check Value: 1
www.hogwartsishere.com/	1970-01-21 01:13:45	Name: ccuid Value: ade054e4-2707-4859-aea8-f8eab4804645
.hogwartsishere.com/	1970-01-21 07:51:40	Name: _au_1d Value: AU1D-0100-001724764636-7HM2ATSK-MZ6V
.adsrvr.org/	1970-01-21 07:51:40	Name: TDCPM Value: CAEYASABKAIyCwiW1M7TqamjPRAFOAFaBzhna3hiNm5gAg..
.hogwartsishere.com/	1970-01-21 08:27:15	Name: cto_bundle Value: ofWws191dVZDV01sSWVqV2hkclFvYktjMXdRRFJZWXR2c2hqWEF4NCUyQlV5ZGclMkJLclBVaTh1MVh3UGNUMVBQN2oyTG95VHRhTkw3WmpGd3hLdEY2RkRteVVJNG9MdkIya3FINkVJQVlHdU5Pblh4cXVnMFdiWFJEVE9FR3NETm1tcmdvYzk
.hogwartsishere.com/	1970-01-21 08:27:15	Name: cto_bidid Value: CCJvRl9HJTJCZ3h3TXpRR1RGV2x4MnhJbHZla3RrUnFuSHN6elhmVzY0NXJPazZlV0JKdWU2OXZRUGZoSTIwSzY1NmpGWVdmNWxXTGc0RGRlWDNiWWxSYzNnYTRBJTNEJTNE
.ingage.tech/	1970-01-20 23:06:06	Name: __cf_bm Value: w10qpIASVPr7XzlmTd8M.gnxLVQiX6xkoQx0T.OrcKU-1724764635-1.0.1.1-MelZBiAo4HMycNxnbaioA_Q77wox0OmN4mJptN_qScr2XJtqfqSwLfIWCxRIOEYetLrfuwDUUthpFXulA_9RJw
.adnxs.com/	1970-01-21 01:15:40	Name: XANDR_PANID Value: e3eu9pTYzBPGlYNfEPg6v5cNmFU_qAwmVndeTTGsK1CuJkioPox737w2TlcoaSfJkWMd6XYE2lkKHLoAaVukZZZWeRxGbtJA3ruHs8ZHmvM.
.adnxs.com/	1970-01-21 08:42:04	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 01:15:40	Name: uuid2 Value: 6321343210350193360
.pubmatic.com/	1970-01-21 01:15:40	Name: KTPCACOOKIE Value: true
.tapad.com/	1970-01-21 00:32:28	Name: TapAd_TS Value: 1724764636262
.tapad.com/	1970-01-21 00:32:28	Name: TapAd_DID Value: 521143ca-3774-49ca-97a4-64f604d92cd4
.id5-sync.com/	1970-01-21 01:15:40	Name: id5 Value: 69a72b04-ec6a-77fc-98a6-027157d7ecc5#1724764634838#3

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.hogwartsishere.com/1639971/ Message: Access to fetch at 'https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.7&referrer=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&tmax=586&gdpr=false' from origin 'https://www.hogwartsishere.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.7&referrer=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&tmax=586&gdpr=false Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.hogwartsishere.com/1639971/ Message: Access to fetch at 'https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.7&referrer=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&tmax=586&gdpr=false' from origin 'https://www.hogwartsishere.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.7&referrer=https%3A%2F%2Fwww.hogwartsishere.com%2F1639971%2F&tmax=586&gdpr=false Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7c1999e5523e795555b0392cc542401d.safeframe.googlesyndication.com
a.ad.gt
a.pub.network
aax.amazon-adsystem.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ads.pubmatic.com
ads.yieldmo.com
api.btloader.com
api.rlcdn.com
bcp.crwdcntrl.net
bidder.criteo.com
btloader.com
burrow.hogwartsishere.com
c.amazon-adsystem.com
c.pub.network
cdn-ima.33across.com
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.edkt.io
cdn.hadronid.net
cdn.id5-sync.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
d.pub.network
d.turn.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
ex.ingage.tech
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
idx.liadm.com
image2.pubmatic.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
mug.criteo.com
optimise.net
p.ad.gt
pa.openx.net
pagead2.googlesyndication.com
pb-ing.ccgateway.net
pb-rtd.ccgateway.net
pixel.quantserve.com
pixel.tapad.com
prebid.media.net
qsearch-a.akamaihd.net
rp.liadm.com
rp4.liadm.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
s2s.t13.io
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
static.criteo.net
sync.go.sonobi.com
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.hogwartsishere.com
ad.360yield.com
ad.doubleclick.net
ads.yieldmo.com
bcp.crwdcntrl.net
c.pub.network
cdn.ampproject.org
d.turn.com
ex.ingage.tech
fonts.googleapis.com
grid.bidswitch.net
id5-sync.com
ids.ad.gt
image2.pubmatic.com
p.ad.gt
pagead2.googlesyndication.com
pixel.tapad.com
prebid.media.net
qsearch-a.akamaihd.net
s.amazon-adsystem.com
s2s.t13.io
secure.adnxs.com
securepubads.g.doubleclick.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
www.google.com
104.18.20.206
104.18.35.167
108.138.106.108
108.138.115.149
108.138.128.46
130.211.23.194
141.95.98.64
142.250.176.194
142.250.65.238
142.250.72.98
142.250.80.100
142.250.80.66
142.250.81.230
142.251.40.226
142.251.40.98
157.240.241.1
162.19.138.83
172.64.144.166
18.173.140.223
207.65.37.179
207.65.37.181
23.203.179.38
23.44.201.209
23.45.193.13
2600:1f18:730:b150:c220:7fa2:182e:6e62
2600:3c03:1::68ed:94d1
2600:9000:21dd:c800:6:44e3:f8c0:93a1
2606:4700:10::6816:3556
2606:4700:10::6816:4ad8
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:20::681a:246
2606:4700:20::ac43:4acf
2606:4700:4400::6812:296a
2607:f350:3:2569:0:10:0:d
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2003
2607:f8b0:4006:817::2001
2607:f8b0:4006:81e::200e
2607:f8b0:4006:81f::2001
2620:100:a00b::12
2620:100:a00b::4
2620:116:800b:21:c1e8:5385:5098:6bf0
2a03:2880:f112:182:face:b00c:0:25de
3.225.218.10
3.227.196.50
3.33.220.150
3.94.51.155
34.107.165.188
34.111.113.62
34.111.152.239
34.120.111.33
34.120.63.153
34.160.152.31
34.193.40.21
34.206.47.50
34.36.214.49
35.244.193.51
35.89.160.156
45.79.154.113
50.57.31.206
52.25.174.97
52.85.61.54
68.67.179.164
74.119.117.17
74.119.117.6
067a944232e759ba3ecb8e24b439a85111909a3388151bf9bbc95cce4c85a970
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0ac41c47dbc6685c9e39788096a46fb155e0a0b63b56bfa6c07d05777144a8fe
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0e4ae0d80466e87bb1e5a3bca337762efc36439867e465faa90fd1414f139bc8
177623615e089c29b0ad1da2891a9779eeee979c9088099d6931f711b0d3915f
1bf5435c55a81e3f050dc22ed008eb354bcecd1c042316e81a95a488a6c0ae43
1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587
1ec5eff3dc2fba7c74f4f89b509f6d42a71b45051528b065150e61a65ecd6d29
20075c2cfe67e6d4e34cd1e20f00f8baca61043cc703869fcd7b11dec45ba367
20a1ec59026619d78da1d6ea821a8830e632fe0f1c5312c31692c725e127c635
227a00cd3c655569b3bdfc16bcca45df7b2d48ed5415a4650bf914f51731a104
2976d7c9156fb737f97f91f1128216011caa23004a5a16ce31fc423633f4b9fd
2c6aff728dcf420d8c5c4eb784f22abd8cda73a56d816adc924c982755809773
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
3c89ee10c8b756460f85ac2eaf0d3a7b7c6c9476b231d5b9b40474887390a2bc
3cc3e7477f9c8eef291c048ee6e8e4e15d57a4b95c315089e072ef1dd190fb2c
3e594764adcd2717d158a50b0cb7bc7282fdf5124034e746e37d5df5e80756fb
406684c7ca1393eea9101b9ef119c78b0f7801c267abcb2921c03f132703168f
4144e29632334fb2f188059c67c96f43d14796ffea4b844440d9954484afc24e
429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4b01d588b30e5e48762be7b4d39725fe53f62fd34387c8dc4d20363caedc43fd
4b45bdbf750c305208e17ba6044c938c0d147a9c41b5a1082fffa748ff11a5d3
4db3733682f8c63995bfd604631637f47db12a951af35f27d09b6e998b5fed3e
53b5689b00c27570b4124f51080a30cb74efc5a4b41986aed979e8ec015201bb
57d3da9e81703df6f1555beeb05dfadb6322ad95538e609c36e0c1787c8ed07d
58d3f67382bb7a0c0625fd9d497e26f6dd96ca82d6b7430f591a723d35e5ed34
5941d7c156ed399bb653f3cd19270a648079e66e1c20698f9a6befd4df5d7087
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63c8a71e02dad8f567226247d5694840937f61e94ddb0c49288e8e68873c6097
661252a9d6ab335398c62468651164c288aab4d17fafa3f23f81beceb1df248b
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
6761850ff7a3e529a77dbdb233fad029a74ba0248d9e51f615e3acb3f8fb2f4a
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
6a225a2413d51727a3b4535fc35f044137bebc005ec0cc8c66ee6a3ca7566f73
6bac28b02e44610d09d2d99a6df4321c57367c4549b2343e447754a62979db91
6edd8bca9c24a024e784d9868170abd8e13f73866848a9059f366afc2069dd70
71cab0e56c9874898192c82aae466337bb6cf8f075c1299eb50b7865b37e88f5
721d786689c56f1c92c1f3f3e1f1d24060cf76fb328556b15d11468178829c14
76261f0cf1e114619e492dd9502126c189a3819bda96b6ab0956a61c61393a83
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
7fb9b38af257aabf3474806fe6c9dcf539cf8e21bcc76edefde9703bfd86da90
7ff40162958fc3ff119df08ee33fca635d1e043de30149979434e22097223f1f
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
83c050194a3704b4e571f8809b0aea42112dc20e9eacae8cdc7eb11378938a73
8874b008340d07584e5725e6c0a47e9304a858fe776e3171e6b5d2235fb053e2
88d7805a74ac5f036bb47930e6555f1656da22187e5f5e1376bf6ac29a0f7bac
8caf29de184029f192909bbeabc6da598c8fbb68f1f9fc8b5fa6436d29bd12ce
8d400c4079fd84391cada802a624841798e5999951555201e6540ee1d9d79a85
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
929b3bbb57957a6280a8ce8a7cb59e91dd78dc5616d9dc58101979e044217ba5
9529c27c1c36bec31a2d33186f281ad4269ae7eab7fbdd6326fa880a252cb6cc
962d34734a8ab2bdf7cebfc9720241b1d2b82e152a7310eac80fbc0c0c113807
96bac415b834f5b07f8eb8abd4e82304ea9ec0e7eff99c9652c0a686760d3a1a
97cda5042ba40b661bfd3b129ea28d28ecc720b98ec6d7d8bbb56ead5b8d67a2
9c853d9b65c929542020308c86a385eccae2cfa71848283e9fb5d4843071aa2b
9e24f6e8014daa54b549b9c74e07e41756024a68e30b53d56bca9e6d0ff3234a
9ecb5c473d8795f9abc0883eb9f46b67290a4347a797f3614ab3b76d75b31722
a0026687363fb80fc0b0e04738be2bbf161515460c7da36ecdaa8348c5de0d7f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1218ba6fb6c382d10a3b05ac5f28799556b9018b4fb371948cf754869b5aabc
a1292a80d9f49a6b8791039ac9dc5f770da7ae92ad22ad7b5f84da8961f4bf23
a35b31e062ef7b8d43a77265a7fa356eed0a3517fbef08d02e78c64cca416ce4
a36cd619ac68a4a39eb1be94925967f014d1e7dc4a679f6dc86807416c2ae930
a7de7dc4c3c2b1ab04807e40b340b9ead77c3b7c7f0c98d21247ef6020f33e3e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab9c50d4ff8c294038a3c1f32d2c1cbcc0eb1e6739b55a33cc5f0ae984b1e72a
af2b22277255937fec1e7ed958caf1dee5d0da6cdfa10c6fe5ef193c586fef09
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b5c2cb4fea5671d6ba915c94390116b53009460f1c8ca9153d08c27a2bbcad62
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b79f0f08eaf12ddf11c3a219c25a5d2fd3f56c283af66ec18be7edefce941e1d
bdebac216fe968e22edaead95a1004711d7c9fde77e93e81be2f53e9d62dd7ec
c335699f5e7eb981cdfaf5dfbcd4798970b1514ce23bc21ecb5674eb33f5366e
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdc4fbe3955fbda893be7db7ca633d8053aaf30a616e47677d9bcb07fcdd7ad8
cebf34d48a579d36c1596c6d08e8c2b6a93ec80caee112a276f09f255cb09bc3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffe7a2d8b53c3fca79f0e88bb7ceecaa06c29a34b1e327f0ab13076b5615eff
d01f00d44818b64b781b4eb83c7be0f9c8c1f8a2b3bc0ae185db7dc9035b678e
d202b282d49b07554e55d27669d96c2118fe8e715da0d1df9656007d35ccb2c7
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490
dac50e63c8aebf8765beb0bd4f484315d9ddee97727dae5305a586679c70bced
dc62adf4113da7057c2c9ae71d462ca022aa0a6136de6e286265989cd2fc3eea
e04df0e03b1ae3e3e216ebfb6e073382ee657524349683582f2dc94c6f5d7dca
e06f491ebefad2bf9dbcedd402035e8d50dab4214cbd5940e79eaacd6e7b3aaf
e2aad5d8a1c7ceef0920e00ab0e7bd017eb47333a0912f71f76230e288ed6e2f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4badd230e9359ba0b3ddae09141b189030f1832fa410e85f7948b7011aaead7
e571990a711c26ebd61f1c50a7fb962f1291b5f9cb886233de5b4b1d098f604b
e6a8b016cc2d9563abdfc6a0b8c1d1e52bcdb51879e9b62ebbaabcd839ca6767
e955ec19b5da9c456119c393e4cd8dd8314949c4fc95ac5dcc91117056087831
e9a67c969c3bc952b413cb394d3f1bc233569aed96d8b71c5222e726de75fad7
ea710d3643d7c8c5c4ca2a93079e33d0beae10cdf6671328f62959ccba6848e2
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ee5ebc2e5e093ee9ea3485ae13632e54bba29b488b7956923112de35efe7ded4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3c47cb702e040372a3a4bce66d5e0ecc46c56325ec40f8c00b91da0d1d3f46
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f02945f6c7e7f95a5c7d2aeaf2ab1fb1828ff0e6654d3b2d20b89ec27feb2950
fa968a29faa7506fb1163b783de123198f2ec7dda5fdd03c6ffa72d5264ccd8e
ff1de6c98ee09d160d70c85aadf45cc81ef78e624d75d76a67e74ecbdfada38e
ffd3cc7cc4bb06f749c44c594efa0c881ca6513ee5317b111d7cc43bee7725e2

www.hogwartsishere.com Open in urlscan Pro 2600:3c03:1::68ed:94d1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

223 Requests

78 %HTTPS

34 %IPv6

54 Domains

85 Subdomains

62 IPs

4 Countries

3740 kBTransfer

7918 kBSize

43 Cookies

9 Outgoing links

Redirected requests

223 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hogwartsishere.com Open in urlscan Pro
2600:3c03:1::68ed:94d1 Public Scan

Screenshot
Live screenshot

Full Image

223
Requests

78 %
HTTPS

34 %
IPv6

54
Domains

85
Subdomains

62
IPs

4
Countries

3740 kB
Transfer

7918 kB
Size

43
Cookies

223 HTTP transactions
3 data transactions