captcha.bot Open in urlscan Pro
2606:4700:20::681a:66e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login3.bot-captcha-verify.online/?ref=ZXlKamJHbGxiblJKWkNJNklqazROelEzTWpJNU16azFOVFV4T0RVME5DSXNJbWQxYVd4a1NXUWlPaUkzTXpBNU5EWTF...
Effective URL:
https://captcha.bot/
Submission: On November 16 via api (November 16th 2023, 3:23:37 pm UTC) from US — Scanned from US

Summary HTTP 271 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 73 IPs in 5 countries across 64 domains to perform 271 HTTP transactions. The main IP is 2606:4700:20::681a:66e, located in United States and belongs to CLOUDFLARENET, US. The main domain is captcha.bot.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 25th 2023. Valid for: a year.

This is the only time captcha.bot was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:41a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 26	2606:4700:20:... 2606:4700:20::681a:66e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	18.238.4.47 18.238.4.47	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6811:2b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2600:141b:1c0... 2600:141b:1c00:7::1728:b3ba	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:402... 2607:f8b0:4020:804::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::9a	15169 (GOOGLE) (GOOGLE)
2 2	2600:9000:220... 2600:9000:2209:a800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:25c... 2600:9000:25c8:4800:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 26	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
2	13.224.214.86 13.224.214.86	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.80.102 142.250.80.102	15169 (GOOGLE) (GOOGLE)
7	104.19.218.90 104.19.218.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	54.230.163.124 54.230.163.124	16509 (AMAZON-02) (AMAZON-02)
25	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:402... 2607:f8b0:4020:804::2001	15169 (GOOGLE) (GOOGLE)
1	107.23.92.235 107.23.92.235	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
5	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
5	147.135.94.209 147.135.94.209	16276 (OVH) (OVH)
6	2602:803:c002... 2602:803:c002:300::98	26667 (RUBICONPR...) (RUBICONPROJECT)
3	68.67.181.211 68.67.181.211	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	147.28.129.37 147.28.129.37	54825 (PACKET) (PACKET)
1	107.20.214.81 107.20.214.81	14618 (AMAZON-AES) (AMAZON-AES)
21	2607:f8b0:402... 2607:f8b0:4020:805::2001	15169 (GOOGLE) (GOOGLE)
2 3	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
4	2607:f8b0:402... 2607:f8b0:4020:807::200a	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:402... 2607:f8b0:4020:806::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4020:805::2003	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
2	2607:f8b0:402... 2607:f8b0:4020:804::2003	15169 (GOOGLE) (GOOGLE)
1	54.172.84.140 54.172.84.140	14618 (AMAZON-AES) (AMAZON-AES)
2	23.203.105.107 23.203.105.107	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.3.191.242 52.3.191.242	14618 (AMAZON-AES) (AMAZON-AES)
1	2602:803:c002... 2602:803:c002:300::36	26667 (RUBICONPR...) (RUBICONPROJECT)
3	2600:9000:20e... 2600:9000:20ed:b400:3:4706:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5 6	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
8	23.44.111.54 23.44.111.54	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	14618 (AMAZON-AES) (AMAZON-AES)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
3 13	172.217.13.194 172.217.13.194	15169 (GOOGLE) (GOOGLE)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
1 1	69.166.1.35 69.166.1.35	27630 (AS-XFERNET) (AS-XFERNET)
2 3	63.251.86.50 63.251.86.50	10913 (INTERNAP-BLK) (INTERNAP-BLK)
1 1	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1 1	52.23.71.199 52.23.71.199	14618 (AMAZON-AES) (AMAZON-AES)
1	52.45.78.169 52.45.78.169	14618 (AMAZON-AES) (AMAZON-AES)
1	23.62.105.110 23.62.105.110	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8 14	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1 2	54.88.23.27 54.88.23.27	14618 (AMAZON-AES) (AMAZON-AES)
1	52.205.7.147 52.205.7.147	14618 (AMAZON-AES) (AMAZON-AES)
1	63.251.28.133 63.251.28.133	26558 (FREEWHEEL) (FREEWHEEL)
1	108.139.29.114 108.139.29.114	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:d296:b4ab:44c7:4070	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 4	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2 3	67.220.228.202 67.220.228.202	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a02:520a:c711:865a:bf81	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.146.35.112 54.146.35.112	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.70.105.17 52.70.105.17	14618 (AMAZON-AES) (AMAZON-AES)
1	23.55.235.176 23.55.235.176	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2600:9000:251... 2600:9000:2512:5200:1a:5235:f980:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:207... 2600:9000:2073:9000:1b:6b7d:2300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.224.214.10 13.224.214.10	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:816::2006	15169 (GOOGLE) (GOOGLE)
1	2600:141b:1c0... 2600:141b:1c00:f::172c:c9da	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	107.22.177.112 107.22.177.112	14618 (AMAZON-AES) (AMAZON-AES)
271	73

1 2606:4700:3037::6815:41a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

login3.bot-captcha-verify.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:20::681a:66e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

captcha.bot	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.238.4.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-47.phl51.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:2b8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:141b:1c00:7::1728:b3ba (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.fuseplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:804::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2209:a800:9:46dc:4700:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:25c8:4800:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2607:f8b0:4020:807::2002 (Montreal, Canada) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.214.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-86.phl50.r.cloudfront.net

privygg.chargebeestaticv2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.102 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.19.218.90 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.163.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-124.ewr53.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:804::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.92.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-92-235.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 147.135.94.209 (United States)

ASN16276 (OVH, FR)
PTR: ip209.ip-147-135-94.us

prg8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c002:300::98 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.181.211 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.214.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-214-81.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4020:805::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2004 (United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:805::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:804::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.172.84.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-84-140.compute-1.amazonaws.com

cdn.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.105.107 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-105-107.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.191.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-191-242.compute-1.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:300::36 (United States)

ASN26667 (RUBICONPROJECT, US)

beacon-iad3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20ed:b400:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 8.43.72.97 (United States) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.44.111.54 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-111-54.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.13.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.35 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.251.86.50 (United States) 2 redirects

ASN10913 (INTERNAP-BLK, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.23.71.199 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-71-199.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.78.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-78-169.compute-1.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.62.105.110 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-105-110.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 8.43.72.98 (United States) 8 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.225.218.10 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.88.23.27 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-23-27.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.7.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-7-147.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.133 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-114.jfk50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:d296:b4ab:44c7:4070 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.228.202 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a02:520a:c711:865a:bf81 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.146.35.112 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-35-112.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.105.17 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-105-17.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.235.176 (Newark, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-235-176.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2512:5200:1a:5235:f980:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2073:9000:1b:6b7d:2300:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-10.phl50.r.cloudfront.net

sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:f::172c:c9da (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.177.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-177-112.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	820 KB
42	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 ad.doubleclick.net — Cisco Umbrella Rank: 154 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	377 KB
29	rubiconproject.com 13 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 eus.rubiconproject.com — Cisco Umbrella Rank: 602 beacon-iad3.rubiconproject.com — Cisco Umbrella Rank: 2400 token.rubiconproject.com — Cisco Umbrella Rank: 458 pixel.rubiconproject.com — Cisco Umbrella Rank: 376	33 KB
26	captcha.bot 1 redirects captcha.bot	824 KB
11	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	587 KB
10	fuseplatform.net cdn.fuseplatform.net — Cisco Umbrella Rank: 13713	139 KB
9	chargebee.com js.chargebee.com — Cisco Umbrella Rank: 21310	182 KB
8	evidon.com c.evidon.com — Cisco Umbrella Rank: 1673	18 KB
7	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 310 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890	5 KB
7	w55c.net 1 redirects cdn.w55c.net — Cisco Umbrella Rank: 16011 i.w55c.net — Cisco Umbrella Rank: 1952 cti.w55c.net — Cisco Umbrella Rank: 2945 pm.w55c.net — Cisco Umbrella Rank: 912 tags.w55c.net — Cisco Umbrella Rank: 4016	20 KB
7	hcaptcha.com js.hcaptcha.com — Cisco Umbrella Rank: 10111 newassets.hcaptcha.com — Cisco Umbrella Rank: 9862 api.hcaptcha.com — Cisco Umbrella Rank: 81978	499 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	99 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 327 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	104 KB
5	smartadserver.com prg8.smartadserver.com — Cisco Umbrella Rank: 19490	10 KB
5	33across.com ssc.33across.com — Cisco Umbrella Rank: 3592	1 KB
5	google.com 2 redirects analytics.google.com — Cisco Umbrella Rank: 157 www.google.com — Cisco Umbrella Rank: 2 mts0.google.com — Cisco Umbrella Rank: 3807	2 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 496 rtb0.doubleverify.com — Cisco Umbrella Rank: 761 tps.doubleverify.com — Cisco Umbrella Rank: 515 rtbc-ue1.doubleverify.com	104 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	5 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 757 gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926	7 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 877 api.btloader.com — Cisco Umbrella Rank: 948	30 KB
4	inmobi.com cmp.inmobi.com	49 KB
3	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377	1 KB
3	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 683 ce.lijit.com — Cisco Umbrella Rank: 882	2 KB
3	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 246	3 KB
2	intentiq.com 1 redirects sync.intentiq.com — Cisco Umbrella Rank: 886 sync1.intentiq.com — Cisco Umbrella Rank: 2801	2 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 573	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 353	696 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	1 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 415	811 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751	559 B
2	3lift.com 1 redirects tlx.3lift.com — Cisco Umbrella Rank: 572 eb2.3lift.com — Cisco Umbrella Rank: 417	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	41 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 946	1 KB
2	chargebeestaticv2.com privygg.chargebeestaticv2.com	1 KB
2	quantcast.com 2 redirects cmp.quantcast.com — Cisco Umbrella Rank: 3190	1 KB
2	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 6439	12 KB
1	betrad.com l.betrad.com — Cisco Umbrella Rank: 1985	122 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	72 KB
1	primis.tech 1 redirects live.primis.tech — Cisco Umbrella Rank: 1458	555 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 938	648 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 909	500 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1279	175 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 560	533 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 566	636 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 758	337 B
1	tapad.com tapestry.tapad.com — Cisco Umbrella Rank: 1686	532 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 988	633 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 685	426 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 6637	622 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 931	757 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 7594	641 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	540 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	10 KB
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502	113 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	77 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
1	bot-captcha-verify.online 1 redirects login3.bot-captcha-verify.online	474 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	britepool.com Failed px.britepool.com Failed
271	64

	Domain	Requested by
26	captcha.bot	1 redirects captcha.bot static.cloudflareinsights.com
25	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com pagead2.googlesyndication.com www.googletagservices.com captcha.bot ad.doubleclick.net
22	securepubads.g.doubleclick.net	1 redirects cdn.fuseplatform.net securepubads.g.doubleclick.net captcha.bot www.googletagservices.com 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com captcha.bot 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com ad.doubleclick.net pagead2.googlesyndication.com
14	pixel.rubiconproject.com	8 redirects cti.w55c.net captcha.bot
11	cm.g.doubleclick.net	3 redirects 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com captcha.bot
11	www.googletagservices.com	captcha.bot securepubads.g.doubleclick.net 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com cdn.w55c.net www.googletagservices.com ad.doubleclick.net
10	cdn.fuseplatform.net	captcha.bot cdn.fuseplatform.net
9	js.chargebee.com	captcha.bot js.chargebee.com
8	c.evidon.com	cti.w55c.net c.evidon.com cdn.w55c.net captcha.bot
6	token.rubiconproject.com	5 redirects eus.rubiconproject.com
6	fastlane.rubiconproject.com	cdn.fuseplatform.net
6	978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	prg8.smartadserver.com	cdn.fuseplatform.net
5	ssc.33across.com	cdn.fuseplatform.net
5	newassets.hcaptcha.com	js.hcaptcha.com newassets.hcaptcha.com
4	s.amazon-adsystem.com	2 redirects captcha.bot
4	ups.analytics.yahoo.com	3 redirects cti.w55c.net
4	www.gstatic.com	captcha.bot 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
4	googleads.g.doubleclick.net	captcha.bot 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com pagead2.googlesyndication.com
4	fonts.googleapis.com	978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com captcha.bot securepubads.g.doubleclick.net
4	cmp.inmobi.com	captcha.bot cmp.quantcast.com cmp.inmobi.com
3	aax-eu.amazon-adsystem.com	2 redirects captcha.bot
3	px.ads.linkedin.com	1 redirects cti.w55c.net captcha.bot
3	cti.w55c.net	cdn.w55c.net cti.w55c.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	ib.adnxs.com	cdn.fuseplatform.net cti.w55c.net captcha.bot
3	api.btloader.com	btloader.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	match.prod.bidr.io	2 redirects
2	match.adsrvr.org	2 redirects
2	dpm.demdex.net	1 redirects cti.w55c.net
2	idsync.rlcdn.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects cti.w55c.net
2	www.googleadservices.com
2	ap.lijit.com	2 redirects
2	eus.rubiconproject.com	captcha.bot eus.rubiconproject.com
2	fonts.gstatic.com	fonts.googleapis.com
2	gum.criteo.com	1 redirects static.criteo.net
2	prebid.a-mo.net	cdn.fuseplatform.net captcha.bot
2	static.criteo.net	securepubads.g.doubleclick.net cdn.fuseplatform.net
2	ad.doubleclick.net	captcha.bot www.googletagservices.com
2	ad-delivery.net	captcha.bot
2	privygg.chargebeestaticv2.com	js.chargebee.com
2	cmp.quantcast.com	2 redirects
2	challenges.cloudflare.com	1 redirects captcha.bot
1	rtbc-ue1.doubleverify.com	cdn.doubleverify.com
1	l.betrad.com	captcha.bot
1	tps.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	cdn.doubleverify.com	ad.doubleclick.net
1	s0.2mdn.net	ad.doubleclick.net
1	ce.lijit.com	captcha.bot
1	sync1.intentiq.com	captcha.bot
1	sync.intentiq.com	1 redirects
1	live.primis.tech	1 redirects
1	hb.yahoo.net	captcha.bot
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	partners.tremorhub.com	cti.w55c.net
1	aa.agkn.com	cti.w55c.net
1	ads.stickyadstv.com	cti.w55c.net
1	beacon.krxd.net	cti.w55c.net
1	tapestry.tapad.com	cti.w55c.net
1	pippio.com	1 redirects
1	tags.bluekai.com	cti.w55c.net
1	tags.w55c.net	cti.w55c.net
1	pm.w55c.net	1 redirects
1	ius.ctnsnet.com	1 redirects
1	eb2.3lift.com	1 redirects
1	sync.go.sonobi.com	1 redirects
1	aid.send.microad.jp	978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
1	mts0.google.com	978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
1	beacon-iad3.rubiconproject.com	captcha.bot
1	i.w55c.net	captcha.bot
1	cdn.w55c.net	captcha.bot
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	hbopenbid.pubmatic.com	cdn.fuseplatform.net
1	bidder.criteo.com	cdn.fuseplatform.net
1	tlx.3lift.com	cdn.fuseplatform.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	api.hcaptcha.com	newassets.hcaptcha.com
1	js.hcaptcha.com	js.chargebee.com
1	btloader.com	cdn.fuseplatform.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	captcha.bot
1	static.cloudflareinsights.com	captcha.bot
1	login3.bot-captcha-verify.online	1 redirects
0	sync.search.spotxchange.com Failed	cti.w55c.net
0	px.britepool.com Failed	cti.w55c.net
271	96

This site contains links to these domains. Also see Links.

Domain
docs.captcha.bot
privy.gg
discord.com
arcane.bot

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-25` - `2024-06-24`	a year	crt.sh
js.chargebee.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
cdn.fuseplatform.net R3	`2023-10-11` - `2024-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.chargebeestaticv2.com Amazon RSA 2048 M01	`2023-04-30` - `2024-05-29`	a year	crt.sh
btloader.com GTS CA 1P5	`2023-10-19` - `2024-01-17`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
ssc.33across.com GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.a-mo.net R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-05-29` - `2024-06-25`	a year	crt.sh
betrad.com R3	`2023-11-10` - `2024-02-08`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2023-10-03` - `2024-11-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.tapad.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-18` - `2024-09-17`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
*.betrad.com Amazon RSA 2048 M01	`2023-04-13` - `2024-05-11`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://captcha.bot/
Frame ID: 606F25C17242A62AEFA3C57F36B13A63
Requests: 89 HTTP requests in this frame

Frame: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html
Frame ID: DB44E036321B71799B372BE01A239856
Requests: 8 HTTP requests in this frame

Frame: https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: F3036090F5E1DFA57B4C6CFA8B6BC00A
Requests: 2 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html
Frame ID: C15F83A2B374EAEFB11B99C69E084F4B
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html
Frame ID: EA6EC9E92D50012AAC84ADE569E5D925
Requests: 3 HTTP requests in this frame

Frame: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DD238E3F8DA159046EA8B2DAD9DA90D7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C1EFDDF747B600B2E4D52FC81B9484BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4AB992A02335D35E8E02D834ED767E60
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=captcha.bot&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 8DB4C3F4958ED5FF5D1D43E19954C447
Requests: 2 HTTP requests in this frame

Frame: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DAA62EF72DD710B34303535CCEBB9966
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 9229786F3B25AD58924F2844F8529527
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2E35F6637AD080FE5ED4855628C0F379
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 7F94BCF9249DF48FE7E3B1DCD2663BC9
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyo5moOtaXhlwZUDtm3TWXHTRQnuNwcSA6JR2X4C2Mjzz59dZncUe7ND5v0n3YzmG6QfD4-kDQGnzr__bhxE4z0vLKa_ZjUguJq1cXqvdziIrHb3nyLLTkxpuO0E9KCGjQj56k-qD3pSn283bkNBSf6neFsFCOaMLNtyONjBJPWfsNJnQNb-ffKrbYfDC8sdSPvzP2_QCLw8QUl_SGra7A4VIwC0qlt2Plq0gagBeb5xr1_EWZemv05wwHGv-kcDGiW1LwK5JrZf_pKxk9vLMIemGsJn8YzF2q08h6-BfCwvnFjd6NIdh3LbXx15Bl7gehGfqZwwM_WxdWV6FAhQPB4l19MgXeyY4wLtSoOuQ_b3XfjuMb6VEQVEx2pzdDzVhE&sai=AMfl-YRA4ix0M5ZHovKS-LAgBqjGtKiFH1VVjnjX2xmDfA4pI02EUUbBsmIdUD1yIT4R_b9ad-I2jHNJvGFwUWpBm07okduXP02FIU7DfEQODFNkyB-YXxiOKyqu_T0nOi467VhERJvcyMTp_9rk9qfP2Xw&sig=Cg0ArKJSzPfp9pQ11lq-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 702EA16CED51E773BC55193EA96ABAA3
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuc1srfwV83ZScSpgnMOWiqYgPZ66BfDyoawqBnL8DjN3ibWs7GmEMnvTLiG7WjwSQUhUAElJqF0j4eFPKwfxCwxp2CK8zOPZkINprQKFLy8LAH7rj8xXp60EVM3pqO-QGtgkA9z5BRuXBCVWvk1PDodcDbV6x6iS-xk2NpsWTMssGowIEjTWIGeQiiHPPA7zedZwuXvACgavMjNwZ7Ex7pa7oPIfBN01N260f8GBQPs9B7J65QiZCWChVSGVMZDHQbDa7NgOOBQMT6uqP6p8mYzO-ys8LUYDYgF93s3K7YxZfqpW-hytSv2iDHkVptksx_c6QDkPjDvWigizaj0QFixlW7cjzGPbt0GLyKDMcVfTuUg_RD7CKmcyxjiMZ3YqASKjUjJLs8jtU&sai=AMfl-YQSZzc-SUzaS7714nMVU266W7owoqXr16cmKfi8XSML2j6AJ7G-Hqbm7Da0H-Dgi-I8vnPa2dzb2oJdHRapCzLOQh3hYa14nJ7rRdEs6b49QTg23ilCI-PZrUzCbVZeZzu2AFEvXKUN77ZuWgaWUZ0&sig=Cg0ArKJSzLBA3753GXnkEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F4B6D08CAE2B2AA5AB075EA4D35BC74D
Requests: 4 HTTP requests in this frame

Frame: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C4968C47F69FED64F1DB8B947E9BB5F9
Requests: 9 HTTP requests in this frame

Frame: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3505640D7107FBF3B3CCE37332BD4AA0
Requests: 9 HTTP requests in this frame

Frame: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 019DAFD3AB4494FF2C01B6B9E1A1FB00
Requests: 9 HTTP requests in this frame

Frame: https://cdn.w55c.net/i/s_XRf87ByLeD_XctsjabcveBG_1696965932533.html?&rtbhost=conf01-us-east4.rtb.roku.com&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&ei=RUBICON&wp_exchange=NWP&ac=WFNXOXFyT2xxRzpYUzQ1S0VoZjBzfDB8MHxVU0Q7&js=0&ob=1&ccw=SUFCMjQjMS4w&ci=XmbvfiH6oH&fiu=WG01RHFwcXVhTA&fid=Xm5DqpquaL&sd=captcha.bot&s=https%3A%2F%2Fcaptcha.bot%2F&ts=1700148208613&dvdp=i.w55c.net/dv.jpg&ai=0DkbXg17JP&tpce=&c=US&r=NY&m=501&pc=10013&rnd=2830509275131764&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=WGNv&dm=MU1ocWFxcHZ5RQ&l=fGVufA&ri=2ravM8&alg=TGcwMDA4&v=0&euid=NDNmZGY0OWJkN2I2YzQ3MTA1ODFiNmFkNzBiZjA0OWJiMWVhYWIyZg&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=QW1lcmljYS9OZXdfWW9yaw&sg=ckbgDtUkhQvEnRK0f7Gl9w&buid=Xdb4S64gzq5&bs=XiosL1mBqIPx&dv=MUxWSXJn&az=us-east4-c&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif
Frame ID: F9FD014A5B5D944B6E9595275362497C
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=na&co=us
Frame ID: DBD8E9411DA2CBB3B450ABEE457C5C43
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoCYccFChhsFs-Z9xJn6CAFwpErgirliVsxIMV0UkiehRynuFPzd2QeM7gdJLQT1eIXdf4rly7mjE0dpdCqyCEFd2VEAjR9On4NNvCtMR_0VecznsXUmf6ggfLd-CewSRoMJ2jkxrePFl2ZLUoGFL9_b9wRVIXyC6zV47wJ4_d1UQKYXsoqEo6uHsTxd_cfS3gwh9Yx2U-wA4hNPMaAcbIFa-KiDsy2ELjA8ROi6ofdR_BbF94r9RnFqi-Au-ilbDS9NXfObPmZXOVDXJUqBhpH4wBWeu5TRb0qtEUQ_kHYdzcXk6Ri08HSbWj7M0XJeI2CGcCL0iiEtkMdnuJHGrSlFLIiojwEKpNtRtXYj3a4MGu4Vaqfo-WPb0M3w8jNP8jVkmmbKe5FSI&sai=AMfl-YShPu0DxRcM4Zrw_MKfGRk7Tto-TGQwEWRwZ0pRNMUuU94_Ogu2jQCoZeeG1s4U2Z9fVkL-18hmw32w58y5wqWi9-3YMn5ai0cRkdFGHzX_kbgJlRyC7AYRyasGMw&sig=Cg0ArKJSzFOxiw4MOZQOEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6DACC3B9C53B83F801C66538C79A64AF
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: E98AFE0CCBDD1F5EC90FF93D89CEFFA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: A645E184FF9DC20107A3C3AC14E7E424
Requests: 1 HTTP requests in this frame

Frame: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5D703E183E83839DE84831C99612584F
Requests: 16 HTTP requests in this frame

Frame: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Frame ID: 8967F550D2406C6DCB83E2003C55A00F
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 44BB78CCA0D516BE40DAC4416D4BCB2E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 08B80469164B023753B6C504073BA7F7
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s
Frame ID: BD442846EEF05465E0A8D06A38B72E9A
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C0825CD0D17689D567C8655D21FD19CC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: BF9E5B277C266398F8F1E24A970C023D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Captcha.bot - Verification done right

Page URL History Show full URLs

https://login3.bot-captcha-verify.online/?ref=ZXlKamJHbGxiblJKWkNJNklqazROelEzTWpJNU16azFOVFV4T0RVME5DSXNJbWQxYVd4a1N... HTTP 302
https://captcha.bot/ Page URL

Detected technologies

Chargebee (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.chargebee\.com/v([\d.]+)

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Crownpeak (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

c\.evidon\.com

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

271
Requests

86 %
HTTPS

44 %
IPv6

64
Domains

96
Subdomains

73
IPs

5
Countries

4147 kB
Transfer

11155 kB
Size

96
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.captcha.bot/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://privy.gg/
Title: Privy.gg LLC

Search URL Search Domain Scan URL

URL: https://discord.com/application-directory/512333785338216465
Title: Add to Discord

Search URL Search Domain Scan URL

URL: https://arcane.bot/
Title: Arcane.bot

Search URL Search Domain Scan URL

URL: https://privy.gg/legal
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login3.bot-captcha-verify.online/?ref=ZXlKamJHbGxiblJKWkNJNklqazROelEzTWpJNU16azFOVFV4T0RVME5DSXNJbWQxYVd4a1NXUWlPaUkzTXpBNU5EWTFOalU0TXpJNU5qWXhPRFFpTENKbGVIQnBjbVZ6SWpveE56QXdNRFkwTmpjeE1qSTBmUT09 HTTP 302
https://captcha.bot/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback

Request Chain 13

https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 35

https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2 HTTP 301
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2

Request Chain 61

https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2 HTTP 301
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2

Request Chain 101

https://gum.criteo.com/sid/json?origin=publishertagids&domain=captcha.bot&sn=ChromeSyncframe&so=0&topUrl=captcha.bot&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=pSLJmHxJNktXbGVET1UwZFkvU0RzcFpNbExMVUtTVHB2R05ha3VjM1ZUZ2hnNzBiaXgyVTliYUY1YmxSZHU4MnQ3djYxems0d0pxMEl4MXRzL28xZmdTdVlQVmlnL1RMT0kwb0VZVmhoTUR6b1E5MFhiTmw0VGhvRHNIM2Zib3BXNGtRMW02YnpFSHBpNU5IcUU1ZUQ5ZWFpaXJHd09scVNpWFRkbWdyWGxZWVdFM0syVnFJU3BZeTkvRDJLS0IzQVVNL3N3T3ZyZVdhenVWYWRZREdJWlJjVVVDU0hucDVOWm5KaUNrQ0xBRXBtQmJodWpxMEpPUnlVUlc4NkJZWWFpOUQraHVVblFLYm1oMHdTZ0kyR2RCWVV3UT09fA&cppv=2

Request Chain 159

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 161

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 209

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHWGe4BEFuoy6BXFYT1DPHk&google_cver=1&google_push=AXcoOmTKAS0v09fLIqm2lR8dy08IKeIqDOT51W6kIWewsc4WnmAVb_BDEPZJii8yChSbInxI7Z6aSjYPk9qlItdv0O8cA7utU5FGNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHWGe4BEFuoy6BXFYT1DPHk&google_push=AXcoOmTKAS0v09fLIqm2lR8dy08IKeIqDOT51W6kIWewsc4WnmAVb_BDEPZJii8yChSbInxI7Z6aSjYPk9qlItdv0O8cA7utU5FGNQ

Request Chain 211

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQiFQmvNJ-09NNaQ6TAqF-jCM3-auyAYW8x4uJt2Z_QaYhKryvs3wsYMWrgYqdimajJZSLvi19rjRsQZwavMK_Y01bX6x8%26google_hm%3D%5BUID%5D&google_gid=CAESENJcef7WmgcjNzvboAUYE7o&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQiFQmvNJ-09NNaQ6TAqF-jCM3-auyAYW8x4uJt2Z_QaYhKryvs3wsYMWrgYqdimajJZSLvi19rjRsQZwavMK_Y01bX6x8&google_hm=5338f273-4bc0-4612-a525-3b8fad1e3d4e

Request Chain 212

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL_9E0aS4784q8-JnwC7zBY&google_cver=1&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5gyY05wkFy7jLA HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL_9E0aS4784q8-JnwC7zBY&google_cver=1&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5gyY05wkFy7jLA&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5gyY05wkFy7jLA&google_hm=Hqp7iGZHKQ-vjOoIRYWZs8mP

Request Chain 213

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMGNNs6_kk_Bt6hoQexm2vM&google_cver=1&google_push=AXcoOmQlO0aQQsrV1P_Leh58cnJnTCUsde8sX6iK4RGRZ8BSaHdUO4qtoa3dmX8NpHn0lYYlm_A0QATKgzLeda1o1ny3ygy--B7J HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQzNDEwOTgzOTYwMDQxMTA5NjYyMQ%3D%3D&google_push=AXcoOmQlO0aQQsrV1P_Leh58cnJnTCUsde8sX6iK4RGRZ8BSaHdUO4qtoa3dmX8NpHn0lYYlm_A0QATKgzLeda1o1ny3ygy--B7J

Request Chain 214

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELw4bpZz7t5KjIBnm1cfcH4&google_cver=1&google_push=AXcoOmRl2u6dQYqWYu7qXQ7cxfFThF4FBJSHDolXPl2jR-V_JR8KFPEnmPPxtQURgqIoKrt0MLj5GySRF-23tam9mscEie9hMIK_dw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRl2u6dQYqWYu7qXQ7cxfFThF4FBJSHDolXPl2jR-V_JR8KFPEnmPPxtQURgqIoKrt0MLj5GySRF-23tam9mscEie9hMIK_dw&google_hm=ePUJvIu4RDih7t-G-ODOVYQ

Request Chain 219

https://securepubads.g.doubleclick.net/pagead/adview?ai=CdvQ18jNWZZbKGdXFjvQP77GT8AWZmIuHdPnb6ZWDEmQQASDTy84wYMnGqYvApNgPoAGc9uDKA8gBCeACAKgDAcgDywSqBLoCT9D0DaTJy4aFrh-9xGHc-SbRW7nSIngvyfPE-eYJe7DBssFUZdq1bkYDzbo9VOG2RC-3KT9y1j34OOJdpuhtqi-JQRnX1Mcu3GN4sIH2hgGo2BKlKv4r8RG7qd4qg2APydOgYqRa-imE1q9Kaa5bjgXu9qU03zyE6gdAQobbCXCDQFGE0UIorHkzLsI3AHjxlJ6H1Q5PjSpcFtyHFJD8HhFjE_ieFZN4Veo5SFKuUVE8RC2O35q90GA7MngDGq7ANxWoDQbRu9hsMcA9-rfG0aV1s8HGq3vEuRraknZr7szTPZ36_-jRk31KNrtLhU4MdPz_Ep_i-LsldwdFFhZ2hR4vMAxEHyhOX02KSQUHbQaSuvCgLEtdGm_voeOEkhLu2OxtJXYDuSkvAi4TFeSICM78sQN31jnn9XzABJGAn4DOBOAEAYgFvpfng02SBQQIBBgBkgUECAUYBKAGLoAHzImfNagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEI7wA9IIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkTaHR0cHM6Ly9wcmVzc2VkLmNvbYAKA8gLAZgM9KnA5cYE2gwQCgoQwNCRl-KrrsgfEgIBA-INEwj_npXR6ciCAxXVooMIHe_YBF64E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=A27w3mE-LRY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNqeMK65r53D-41zrzhfB14uhgprVqfT_Z8vOo6lz6W7cFLzzzMwnDZiOBbsm9TGC_JZ2KxbPvGAE&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc909f52672c1a4800000000000000000%22,%222%22:%220x5233a0dbd4b9caa20000000000000000%22,%223%22:%220x27e157624c0fdb150000000000000000%22,%224%22:%220xda2ae78fab0a4e670000000000000000%22,%225%22:%220xdd2202203ef37c850000000000000000%22},%22debug_key%22:%222876871645714610428%22,%22debug_reporting%22:true,%22destination%22:%22https://pressed.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22962083612%22],%224%22:[%2211-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215129133991070806385%22}&andc=true

Request Chain 221

https://pm.w55c.net/m.gif?rurl=//cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=_wfivefivec64esc_&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cHNMRlN1Z1kxUjNFZGs1&google_cm HTTP 302
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEKLUgMa9XVAbL-k1ONyZ4k0&google_cver=1

Request Chain 223

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=47&external_user_id=psLFSugY1R3Edk5&gdpr=0&gdpr_consent=&expiration=1702740211 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=47&external_user_id=psLFSugY1R3Edk5&gdpr=0&gdpr_consent=&expiration=1702740211&C=1

Request Chain 224

https://idsync.rlcdn.com/385636.gif?partner_uid=psLFSugY1R3Edk5 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=COTEFxIaChYIARCTEBoPcHNMRlN1Z1kxUjNFZGs1EAAaDQjz59iqBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&rand=02707617 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&rand=02707617&expected_cookie=95a5f5b1-9e1e-49c1-9f32-dfb37c48377d

Request Chain 227

https://ups.analytics.yahoo.com/ups/56554/sync?uid=psLFSugY1R3Edk5&_origin=1&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/56554/sync?uid=psLFSugY1R3Edk5&_origin=1&gdpr=0&gdpr_consent=&verify=true

Request Chain 229

https://dpm.demdex.net/ibs:dpid=359&dpuuid=psLFSugY1R3Edk5 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=359&dpuuid=psLFSugY1R3Edk5

Request Chain 239

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBSJKKMS9_gU3r86yDwpxo4&google_cver=1

Request Chain 240

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/rubicon?gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5b2d22ff-3381-4f15-a7fa-f78470f9c0fd&gdpr=0&gdpr_consent=&expires=30

Request Chain 241

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dcQGNUMtSh6xuD1ho4zF8w&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dcQGNUMtSh6xuD1ho4zF8w&gdpr=0

Request Chain 242

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LP1CCHJE-1H-17CQ&ex=d-rubiconproject.com&status=ok&gdpr=0

Request Chain 243

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP1CCHJE-1H-17CQ&gdpr=0

Request Chain 244

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=r_Ka9CfwRJCpT9szpt5R-g&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=r_Ka9CfwRJCpT9szpt5R-g&gdpr=0

Request Chain 245

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM5YWUxMGI4Y2U3ODYwYzgyNzY3YWFhNTg5M2FmMGUyYTBmZjE2ZQ&gdpr=0

Request Chain 246

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/OV06eFtKmJ0WQ6R_Z2hXr8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bgEY1XRE2oLcr4P_Ee48T0wAR7DWHHNQYt7uUA--~A

Request Chain 247

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAxQ0NISkUtMUgtMTdDUQ==&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEAALe76x01_jyo8flqHpSuA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxQ0NISkUtMUgtMTdDUQ==&google_push=&gdpr=0

Request Chain 248

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABja07KrGgAABOLtnH04g&expires=30&gdpr=0

Request Chain 249

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LP1CCHJE-1H-17CQ&gdpr=0

Request Chain 250

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0 HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP1CCHJE-1H-17CQ&gdpr=0

Request Chain 251

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=dc5e457b-d108-4ca1-82ba-6772903d3ba7&expires=30&gdpr=0

Request Chain 252

https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP1CCHJE-1H-17CQ&redir=true&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP1CCHJE-1H-17CQ&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wRE9rVUc5RTJ1RXpTbTh5YkpsclFTSmY5SjlFRjFuSX5B&gdpr=0&ovsid=LP1CCHJE-1H-17CQ&dpid=58160

Request Chain 253

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP1CCHJE-1H-17CQ&gdpr=0 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP1CCHJE-1H-17CQ HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP1CCHJE-1H-17CQ&ckls=true&ci=7Ql6xOGvbT&nc=false&trid=599680559

Request Chain 254

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LP1CCHJE-1H-17CQ&gdpr=0

271 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
captcha.bot/
Redirect Chain

https://login3.bot-captcha-verify.online/?ref=ZXlKamJHbGxiblJKWkNJNklqazROelEzTWpJNU16azFOVFV4T0RVME5DSXNJbWQxYVd4a1NXUWlPaUkzTXpBNU5EWTFOalU0TXpJNU5qWXhPRFFpTENKbGVIQnBjbVZ6SWpveE56QXdNRFkwTmpjeE1...
https://captcha.bot/

2 KB
2 KB

345ms
302ms

Document
text/html

2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06483d1af09fe201d80ff4fc8f93895e3898b5b3e2629af9bc9d85fcd30f57a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8270bc2f6e098c95-EWR
content-encoding: br
content-type: text/html
date: Thu, 16 Nov 2023 15:23:26 GMT
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJAW9U%2Fr0YlHYEJQNHqp%2FPH5nxP5CmnEMFXwKYmc5LlaQjSNZ1UfV5L80eDtCtkog5yKAZqg3lvHt2JGijwvkuj%2BFuRaG2tS5%2FK68CiboxBtrhs7iO1%2FDcpF5NBLnqWvOSdQHvj9ZBmb"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8270bc2dfa734414-EWR
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 15:23:25 GMT
location: https://captcha.bot
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kiOBss8VxP848Mw%2Bn2IWYRuxNFNqhTIRt7RsfUNnyuf5R5ckfa4gBYZ7U%2Bfesw7FlI92OG%2BzStYNKZoxMm8XzAsbjdEXEHRxq%2BpCAtKZ8DL3NjOP4dWMQ8GnXURP%2FLjMUIz8zG6yfuQwJ5pjMWaiNLXa%2F66cHKz4SoPMkDQkA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 261 KB
77 KB 66ms
10ms Script
application/x-javascript 18.238.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-47.phl51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

92ca1736ee4a07da4aec1bf75f1cf294129e25ba87ea6198627837448e9b1f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: Sk8aaRJ6QerEkOi1zVDX5WBct6FjSfiA
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Thu, 16 Nov 2023 15:20:08 GMT
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 198
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Nov 2023 10:27:18 GMT
server: AmazonS3
etag: W/"b7d4f680946f47f8afc2f1e9e725de76"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: pTTqKKuzwWRLfbwSTbZF3qg_BWj5-ZU_xZ3WiH_-I_l-vgzTXq4kcQ==

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/9914b343/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback

33 KB
11 KB

35ms
34ms

Script
application/javascript

2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8270bc318afd4352-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 16 Nov 2023 15:23:26 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback
cache-control: max-age=300, public
cf-ray: 8270bc316aea4352-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 chunk-vendors.bfc7157a.js Show response
captcha.bot/js/ 150 KB
53 KB 303ms
302ms Script
application/javascript 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/js/chunk-vendors.bfc7157a.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6026b5e35c99959ff49bb57e086263c3145cf10054c10448b944348d7a3d2ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=153350
etag: W/"654f00e0-25706"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gq8IuOqLebxa%2F%2Bq7W9P8gyHQey95GgjMEXXl%2BC7mD3Z%2Fz0rpj%2FFOI%2FFvfZVACshyGmoxiuh7ktjBy71%2BGnV9lRnyUyLdMbSght9lST0moshi2xzEdLKwMqLG6vXfri2qsX3bh5wtRFhK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8270bc31c96542be-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 app.3afd2610.js Show response
captcha.bot/js/ 13 KB
6 KB 290ms
290ms Script
application/javascript 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/js/app.3afd2610.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad4e421119302e89d2ef10d7461de4fd4d6318c1529c36ee973c4c17ea3e31d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=13054
etag: W/"654f00e0-32fe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovP%2BCSvoNGKnNE%2FlBMR4CDrEx5VXutORNVmE95QidcRQOnYqR7%2BGvaPf6kCjBs16dRsyqEkKe2Q58dhKXnwoJ3jOEAply3PN%2FQDc3%2Fg0QdMZ3TBEZ06BDak6TWE57BUWBQ3vYOnlwe%2Bg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8270bc31d97c42be-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 app.6a462042.css
captcha.bot/css/ 44 KB
9 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/css/app.6a462042.css
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a33ebf73afc5f7a6cdee51f0d2f70c15a844e424a74c5fcc25e425bd9a4dc8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
age: 3231
etag: W/"654f00e0-b059"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgRamRqnpYCLOMJp51QUEmnIt58nnpRErumsePXSdnUfX0d4SW9%2FbgbjPjswiEah0L8tFCkKKXaC%2BUS3PRJ08TGdXIs5fDSj1gVrof8L7igGoGYWmJFm18ly%2FyV23dqH4M9FQ93oovFs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=120
cf-ray: 8270bc3158128c95-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 79ms
43ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://captcha.bot/
Origin: https://captcha.bot
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8270bc32395ec33d-EWR

GET
H2 200 188-71f6f5b28fc43206de3c.js Show response
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/ 17 KB
5 KB 29ms
29ms Script
application/x-javascript 18.238.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/188-71f6f5b28fc43206de3c.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-47.phl51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

98174e30b9f1468b96f8d317978ded9f514e77d8903f5c1a95463bc43c51f298

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: QwSETViOhdWrgkryR5qcYZJZNzydiwnb
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Thu, 16 Nov 2023 15:20:25 GMT
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 206
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Nov 2023 10:27:18 GMT
server: AmazonS3
etag: W/"ae4a65a4f8bf8ec41db974f49cae0098"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: OzNEfHU7jT32acXJw7sFF4EgLIW8g9EvbYcl4HYJ3GaNLtIGpGSmRA==

GET
H2 200 fuse.js Show response
cdn.fuseplatform.net/publift/tags/2/2874/ 244 KB
56 KB 252ms
166ms Script
application/x-javascript 2600:141b:1c00:7::1728:b3ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/app.3afd2610.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bf690803e1fc3c3d03595643914712996adb559fb7846cf6c69b8f83275d47b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 00:40:47 GMT
server: AkamaiNetStorage
etag: "c43b788e3884f4ebc21e0b82c92cfa3f:1677199247.347819"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 57145
expires: Thu, 16 Nov 2023 15:53:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 89ms
44ms Script
application/javascript 2607:f8b0:4020:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer

Requested by

Host: captcha.bot
URL: https://captcha.bot/js/chunk-vendors.bfc7157a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9be1ff5169a3fc6334c134a96df76938723501a00fe5ad2d152f10a573595d7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78891
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 15:23:26 GMT

GET
H3 200 609.7460785c.css
captcha.bot/css/ 128 KB
52 KB 20ms
20ms Stylesheet
text/css 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/css/609.7460785c.css
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/app.3afd2610.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32b756bfa32d3c2a0a584ebaa8d5050f9db464fe5a7c7ca25bd54ebfea5b15fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
age: 3574
etag: W/"654f00e0-1801d"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtiMDSrr3W4nq8eLnqswrjtfKZ3soyUYv4JR2afZ1VmXWVMv9hzlNV4yrjnKzi81%2BYFEwJSBKWMQDP1ekuvPOKcq9KgyE8gHnffWEZinLKk7BwEUM%2BYpyPLqibaNdnXxrWEwRgH%2FD%2Fly"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=120
cf-ray: 8270bc344cfe42be-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 609.05c519c2.js Show response
captcha.bot/js/ 18 KB
6 KB 15ms
15ms Script
application/javascript 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/js/609.05c519c2.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/app.3afd2610.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f60b8ba8974945a0ffcd6f2e93258cdac42a785b9d478ec3786881e2abcbee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3574
cf-polished: origSize=18933
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
etag: W/"654f00e0-49f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMjIiqnBoUw3zWB0mnoMBmLJcC8TDBDKAaOm5M2aq4hEqmU51LFN8lfpyOpRAUAnPgYA0BmwxYZU7RDj9mnAZgdku12%2FUdtgydoearbc8HxjYmGhVJ5Nz7773AoR2aTekwIIP2RfD2wK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8270bc344d0042be-EWR

GET
H2 200 animation.css
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/ 722 B
1 KB 13ms
13ms Stylesheet
text/css 18.238.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/animation.css

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-47.phl51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: AtBGTgkO6TCW7b0GECZ0kAFPTX.8dE0B
strict-transport-security: max-age=300; includeSubdomains; preload
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 15:23:26 GMT
x-amz-cf-pop: PHL51-P1
age: 224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 722
last-modified: Wed, 15 Nov 2023 10:27:19 GMT
server: AmazonS3
etag: "520016f3fad41f77bb889758ac030aaf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300,public
accept-ranges: bytes
x-amz-cf-id: X8NHIYAWFQEfmAtotXKFPHzUf1-uNLD3I-hB98j08c7fj8cGvKvjsw==

GET
H2 200 master.html Show response
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/ Frame DB44 234 B
719 B 11ms
10ms Document
text/html 18.238.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/188-71f6f5b28fc43206de3c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-47.phl51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a6778aac1a3b22c7997c1b8d951e2fe5224a2b45f3133294e908d43e6d84e394

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 271
cache-control: max-age=300,public
content-length: 234
content-type: text/html
date: Thu, 16 Nov 2023 15:19:03 GMT
etag: "c54fd877114edb03d86a632f5e5a5c29"
last-modified: Wed, 15 Nov 2023 10:27:19 GMT
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-id: AdC9livjwm5aCZgzO_wa2OU0G9y1Jl8lzWPfYdcjhH6-Tm7j4pwkRg==
x-amz-cf-pop: PHL51-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: D9zsd7tgwQ39QmBHCAgoXi_VgHMQQX7T
x-cache: Hit from cloudfront

GET
H3

200

main.js Show response
captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame F303
Redirect Chain

https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

128ms
127ms

Script
application/javascript

2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Server

2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8109cf8ec5546bd1865b1850b83ce3ee5cc358cc0bfdc14d52b5f5cb59a93d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dC2mILWDnx%2FwjuSx6EoHkenO5oskxl7oARk7so5y08je0aUSRsnsO1yRturuMbIzTJm%2FgsRLc4moQlDsrGf%2FE98B3LGutwU%2B8Ib6FI%2FkjZNlUrwVefQAqJ4Rl5WQQAThpvMKCSeT%2Fkbb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8270bc350e5142be-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 16 Nov 2023 15:23:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVzMm0GlBGE4PlMuNXUqCXH31IF3vGnvPLOyFGsBud2YeSpl3MGH4Fp5GSSxIJuLut46L9NHcEfp%2Fo65U08%2BCAAmHD4Zmuplhcw5cTOZBHkMjixaqJlWAYyPkbV9yP83Qnt717gvOwmE"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8270bc347d6842be-EWR
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 89 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62d056f363b8b39fd0f85690a31012fcb6f1f0cef642bb247fc8ae627e33ac6d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4383437e4c7973582c6fa37a8693ce3d30e4026a462995671533ef885b0a130a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 logo.0d11fe46.png
captcha.bot/img/ 15 KB
15 KB 331ms
330ms Image
image/webp 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/img/logo.0d11fe46.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6227e69f1c3711825b5166ddcbd07539e556ce7068917ad7701a5af5b4814f33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=34020
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 14910
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
etag: "654f00e0-84e4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEYAvDqffFBHpLMz0GH7EUH3Mg3xetFyW%2BgKIvubYKvC2em%2BpAx4vqkgrEpEaVBfX5xPP%2F5osjwl4Gt0x9RqjbNJqheeb7kfNd6Zs%2BnVENrTObJYTgkoXFkrr%2FeM1mU5bXSzKrs2EJIR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8270bc34fe2942be-EWR

GET
H3 200 landing-promo.423c8618.png
captcha.bot/img/ 8 KB
9 KB 47ms
42ms Image
image/webp 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/img/landing-promo.423c8618.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a87310dacb8e83018f2cbb037552a79868dafb9214613d442581b3f3eeea914

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
cf-polished: origFmt=png, origSize=16963
content-disposition: inline; filename="landing-promo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8702
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
etag: "654f00e0-4243"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUKpX%2F0RQ43U8oBqEss4FSq042yVmig90GE1TJ0mhenVQNg90sVm7avorpNHW%2BrpPOglsO9gk4aJ5ScHK9YOSGfYDn9%2FWAxopNU8HYtso%2F%2F2m6sQSNq2lhb6Q3nIwIicrpjwH%2BTLrsmg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8270bc34fe2d42be-EWR

GET
H3 200 bitcoin.png
captcha.bot/promo/crypto/ 8 KB
9 KB 22ms
18ms Image
image/webp 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/bitcoin.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9eab613f27dc9efb747630f963208741cc088b586edfbfdaaebf7d733dc2d63

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
cf-polished: origFmt=png, origSize=14655
content-disposition: inline; filename="bitcoin.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8608
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
etag: "654f00e0-393f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dWg3ImGaWSO5y5QELm2GP8uwVt95UJtUASAyruqWdnPhaSYgH6tCRBr4CTXIWTctzDeqk2vKj6zVRqkNoIvMw6cZHBd6ub49nvuyd7Ki48eOy2FvlZMgm2Uq8cMLpHPjfX5hNCiERPm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8270bc34fe2f42be-EWR

GET
H3 200 doge.png
captcha.bot/promo/crypto/ 190 KB
190 KB 47ms
42ms Image
image/webp 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/doge.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08a184bb8e17a3028350b402628040f572e5e6b2a57a5959c5acd78bfb1f5f9a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
cf-polished: origFmt=png, origSize=332322
content-disposition: inline; filename="doge.webp"
alt-svc: h3=":443"; ma=86400
content-length: 194348
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
etag: "654f00e0-51222"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDMvmiAUAovyGP6A8MVwFr8Zg2acfAuE%2FA9ZIxl4ZeVibMDJyHGtGSMARoCQR4e%2Fm92UG5pA9vNaFS4C%2FlM4iD2FQZA54f4ChlGj8k%2B75dAga%2FLINllqFEsMpbYWcQK5lzr2qw1fmv%2BA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8270bc34fe3242be-EWR

GET
H3 200 eth.png
captcha.bot/promo/crypto/ 84 KB
85 KB 41ms
37ms Image
image/png 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/eth.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bba3a253608d50cff0174ea1102b3ff4e93993be25d07c0e0223f20f19c37382

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
cf-polished: origSize=86443, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 86302
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
etag: "654f00e0-151ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ffdlq78sirrWp%2Bz8OxOgDEeK0IhfuxFZhKeepwckVdUOUH%2FN2TNw151Gp5BYeYUnPYukmafw2JWhpdjsdmIMfN3wi9Qtpw3EAuQZj42nhbZvJWLyjflvAytgAzFoxbEnOMimTX%2BmxlI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8270bc34fe3342be-EWR

GET
H3 200 ape.webp
captcha.bot/promo/crypto/ 153 KB
153 KB 118ms
114ms Image
image/webp 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/ape.webp
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e424ab30e57e903c77ed203fd48b8e240c9333d18eada751c7a5744ad5ac5f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3573
etag: "654f00e0-2639a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQCvBHHVKVMgWlyGYtiNEtMeSQPs2RZoXAvjT7rlA6azAH37hqV6mrvu6cIaH8yNTtm4RX5j7xjtI7LG910ZiQ6oN22RLGiMMHIzt4tsxCfcV8ijtHTdcqCkTLJoYm9eGDKjLEAvPLjN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8270bc34fe3542be-EWR
alt-svc: h3=":443"; ma=86400
content-length: 156570

GET
H3 200 boost.png
captcha.bot/promo/discord/ 29 KB
29 KB 124ms
120ms Image
image/webp 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/discord/boost.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6800d363cb5a534231c868a110cc4762d636d4df062c41a407c1c091e959e96f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
cf-polished: origFmt=png, origSize=67807
content-disposition: inline; filename="boost.webp"
alt-svc: h3=":443"; ma=86400
content-length: 29300
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
etag: "654f00e0-108df"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbH5j9tCYU6d4CKIrGo56UcLTiYJfh7ChVqG8vDmk7s47%2FG3S8OUJ9GW3GjXdZHCjkUyGLAVow4N3FTPPCvxFiMRPgWudfPy2SAnpscBGHJy9qKNan1YDnDnnNnuH%2BrOoxtdLz%2FedzXc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8270bc34fe3642be-EWR

GET
H3 200 badge.png
captcha.bot/promo/discord/ 4 KB
5 KB 39ms
35ms Image
image/webp 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/discord/badge.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45081b381b2448cac81c3cc81ed427d216719a54890a2242e691ab7608a0ada8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
cf-polished: origFmt=png, origSize=8231
content-disposition: inline; filename="badge.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4252
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
etag: "654f00e0-2027"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlkJl30Mf5kATAMy9AhgsRdm0EQYZ8mwgD58WFP21Zms%2BIwvWsdzBQATqq2CB1X2kksniJsp6h%2FGwuoN0umGi0VbjxAG4yvtvVT6ib2Ejnm2P0VD8RNs8d99bwFiONYP7y48IR%2BHzaSW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8270bc34fe3842be-EWR

GET
H3 200 nitro.webp
captcha.bot/promo/discord/ 14 KB
14 KB 126ms
122ms Image
image/webp 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/discord/nitro.webp
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2a0ebb4c1e2bfeb215c6d41bb6c4fb0fac5a228fddf6a4bc77ef08e7f2e7477

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3573
etag: "654f00e0-361c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5EARH21NBDc4tFoWQBb3C272SGxWWm7s2Gf8blNZeegaEHyael%2BH4btVV1XLTJPLf7QEjD0aL%2BmqnT8Slysl76ShTQ4fY%2BP5MNj0hMUhU4UmVZt%2B65b9C63qgu2wuflfPoXO84RwMqY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8270bc34fe3a42be-EWR
alt-svc: h3=":443"; ma=86400
content-length: 13852

GET
H3 200 phishing.png
captcha.bot/promo/ 9 KB
9 KB 126ms
122ms Image
image/webp 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/phishing.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93dc5afee0d7c64a418ee3804bb76f9855e7ff5a501a26ed29cd544f066bb6d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
cf-polished: origFmt=png, origSize=13769
content-disposition: inline; filename="phishing.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8860
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
etag: "654f00e0-35c9"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVxrtgI1NowtyvrxnAfUjlWn%2FGFhlXk9xNsnJm3X92eVNHz0Ll17Dfozp7UlHW5tJDn5pKYaBYbWLC1LwRxmajCCZ9dBEBjUMhEkxPEenfUL1xFFa7PqAKurxquFb5L6PcmvcfiGpDMP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8270bc34fe3d42be-EWR

GET
H3 200 sus.png
captcha.bot/promo/ 7 KB
7 KB 128ms
124ms Image
image/webp 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/sus.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a71902890d932247a4c1a8f83c6f0b8dd7a6e7a12d64524559aa158c9a19f1db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
cf-polished: origFmt=png, origSize=23982
content-disposition: inline; filename="sus.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7104
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
etag: "654f00e0-5dae"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOwcmww1k5Hl5CPc31A%2BZC8MAJ8Z1g8wTr7TwPU637VeoxZm%2BNxPZTkrE5gUOvHKSoL7lJHVnQ9XF5Xp8UM1MNhKZycsGZUKz7Ooq2P5UEsQKH0fr7FgSmwU1f4nkLkENT4Z9X%2BxpM%2Bt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8270bc34fe3f42be-EWR

GET
H3 200 accessible.png
captcha.bot/promo/ 16 KB
16 KB 128ms
124ms Image
image/webp 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/accessible.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a929bcd8cce2585ea3be49e84b6735c35debe93e48f62f5dd7e4fc4b33825e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
cf-polished: origFmt=png, origSize=27419
content-disposition: inline; filename="accessible.webp"
alt-svc: h3=":443"; ma=86400
content-length: 16334
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
etag: "654f00e0-6b1b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCPO00YXE4N8NW1yhEcTfWhREo9KYrjffyHUKu7dFH7KnxTark5%2FHz3Pn5mIATOm4%2FlCWp3UEOF6MjMVSLaGp2oj%2FOLELCHuO2uK%2FLEZY5kirw3CnxOKrwFJCTgNZO4t8Ry9RUleTubd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8270bc34fe4042be-EWR

GET
H3 200 time-limit.png
captcha.bot/promo/ 6 KB
7 KB 132ms
128ms Image
image/webp 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/time-limit.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 950487041eb8b857d86436c10b487f194b9b97a4205366978d9b945de8164ccb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
cf-polished: origFmt=png, origSize=11864
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_Fwow7QEkiu_Lfx06VwWzVRpX6GfxbDyRkS1.y3f5MA-1700148206-0-AfW-X3AaIJy1fbKnxcFRHroZrOhOCyvRaP0cy-ugBpiKtzw49DLIhV38QCQ_6_ZzQdRE-nleETt_EBe93e2gQ5LfQQaomV1m5XD1KirAwp96cNppuwUIZS0Zsk120M3im44H_wozFN7_4urJTsLwZnE; report-to cf-csp-endpoint
content-disposition: inline; filename="time-limit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5896
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
etag: "654f00e0-2e58"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rn017B%2BFZA65YfqrMWo%2BKYZF0cbwHs%2FPTCEL%2Fy68lM%2FYMH%2F3BwDxDaSsEpWkWUyIH6UdMMQjGHAj7e2%2FWJQf9ciFIiPy1MHL3SYb4SIcYcCJr%2BmqgJB3EbmJ%2BGtM52ZdC7DiT7WJUEKC"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=_Fwow7QEkiu_Lfx06VwWzVRpX6GfxbDyRkS1.y3f5MA-1700148206-0-AfW-X3AaIJy1fbKnxcFRHroZrOhOCyvRaP0cy-ugBpiKtzw49DLIhV38QCQ_6_ZzQdRE-nleETt_EBe93e2gQ5LfQQaomV1m5XD1KirAwp96cNppuwUIZS0Zsk120M3im44H_wozFN7_4urJTsLwZnE"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8270bc34fe4242be-EWR

GET
H3 200 analytics.png
captcha.bot/promo/ 139 KB
140 KB 132ms
128ms Image
image/webp 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/analytics.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd6334bbbdabc6a816851f5c2c4a71193190a0569359d4f8834e45b57e10dfb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
cf-polished: origFmt=png, origSize=382343
content-disposition: inline; filename="analytics.webp"
alt-svc: h3=":443"; ma=86400
content-length: 142700
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
server: cloudflare
etag: "654f00e0-5d587"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfkezlfvLKuoChfEoTow6KhLVNxuaMiycn29HxYRqlcmQh871Rdig26%2Fk0kDL3gRJ9FEJweQ%2FdB26rETh3pvTG0S1KS4S5W8n2HVkUf6gN%2BwMIujZBoVd0vyvAAfKImbqMllwZyC869L"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8270bc34fe4442be-EWR

GET
H3 200 discord-logo.1bf7c650.svg
captcha.bot/img/ 2 KB
1 KB 136ms
132ms Image
image/svg+xml 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/img/discord-logo.1bf7c650.svg
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cd29fcd28558f2d1a4273dcca8b904b79b4ad2c19c0ce9d096da1e89f292546

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 11 Nov 2023 04:19:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3573
etag: W/"654f00e0-82e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Zi777Ig13YznR2sbgvsK5IqdvIzoiXMglT7wK4JrZ%2FHHI4zGg8gXlmdGPH%2Fbwmn%2BHSSQFWD7b2bKjEDUq%2F3c3uNwonQhn4E15xGgIQUssezt3ExIuE0eEwsTT5jT78JDkI46r6q%2FkbT"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=120
cf-ray: 8270bc34fe4742be-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 statistics Show response
captcha.bot/api/v1/ 17 B
443 B 327ms
324ms XHR
application/json 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/api/v1/statistics
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/chunk-vendors.bfc7157a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b489849f86636e88d98772735af2416b3c3e85076f7135b4ca14a08764e4774

Request headers

Accept: application/json, text/plain, */*
Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
Authorization: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTWWS1DsoDQxpbdJXfTFNZ1EBoN2pxFDdc0PZDBNQaSyzOvZ7Urz%2BLPxXOhXowzHBa%2FYOniwIgMZn5EJN%2Fver09%2FWGWlsQOj6%2BSbOTX73RfnyO2LRyk3fgJEyXcgwE7AFppfOrH%2FnEJ1"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8270bc34fe4842be-EWR
alt-svc: h3=":443"; ma=86400
content-length: 17

GET
H2 200 master-41a5b5a55a6af09d04bf.js Show response
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/ Frame DB44 240 KB
68 KB 29ms
27ms Script
application/x-javascript 18.238.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master-41a5b5a55a6af09d04bf.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-47.phl51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

017e92684f9301c6edc3504af22d04183982c21b1b3ae04221140b6746baaba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: VEYuS1fiFhJ4MXXtdlamOn8YGZ9ppcJ6
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Thu, 16 Nov 2023 15:19:03 GMT
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 270
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Nov 2023 10:27:18 GMT
server: AmazonS3
etag: W/"443c8d148a64032f9697c24bfcb54497"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: iZfdUfTrp8sfUEzTtXjg2CDFoydASC502yIyzP6JbWSUpsLSYhLn_w==

POST
H2 204 collect
analytics.google.com/g/ 0
251 B 54ms
18ms Ping
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VT1JT14S09&gtm=45je3b81v9119558076&_p=1700148206715&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1030093738.1700148207&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Home&dp=%2F&dl=https%3A%2F%2Fcaptcha.bot%2F&sid=1700148207&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2068
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 53ms
20ms Ping
text/plain 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VT1JT14S09&cid=1030093738.1700148207&gtm=45je3b81v9119558076&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/
Redirect Chain

https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2

10 KB
4 KB

486ms
409ms

XHR
application/javascript

2600:9000:25c8:4800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 2600:9000:25c8:4800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: beea121e5188b863d6e08e80e8b9744ecebf9cdd37f201a9b2b4000fd6af900f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: br
via: 1.1 ca0fc43bc87ea655f66615a99ef77b4e.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Wed, 15 Nov 2023 19:39:46 GMT
server: AmazonS3
etag: W/"68a808c955fa55b5689765c1870de09c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-amz-cf-id: kargrAB0jSXFsM9CgBrlTtMd53NSzNDXptkvCKY0vSE-jsXDRLHG_Q==

Redirect headers

x-amz-website-redirect-location: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
date: Thu, 16 Nov 2023 15:23:28 GMT
via: 1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
last-modified: Wed, 15 Nov 2023 19:47:35 GMT
server: AmazonS3
etag: "997985d66f999e7c0034a8915419c2cf"
access-control-max-age: 3000
access-control-allow-methods: GET
location: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
access-control-allow-origin: https://captcha.bot
cache-control: max-age=3600
access-control-allow-credentials: true
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: O7pKcvjP3v4LC8en_Ftxr6K4mpzvEUOUHFpLdBKGV28b3mQ93h2XFw==

GET
H2 200 prebid-407496646b648e67be5f557efe0c7641.js Show response
cdn.fuseplatform.net/prebid/ 261 KB
81 KB 8ms
7ms Script
application/x-javascript 2600:141b:1c00:7::1728:b3ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ac029ed357e9abcb27b7afb2c5e3ffd7b0877924f8707c32c0a094e9a2027b2d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 02:21:08 GMT
server: AkamaiNetStorage
etag: "84cb2005d5697b835da43944b24c79f2:1677810068.706101"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400000
accept-ranges: bytes
content-length: 82396
expires: Wed, 12 Aug 2026 15:23:27 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 144ms
96ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c305b7ad1d78bd67cd5af248ce383aa062d4d09e779b2add0c732469d32badb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31501
x-xss-protection: 0
server: cafe
etag: 222 / 19677 / 31079657 / config-hash: 12061389886161084213
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:27 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
266 B 25ms
7ms Fetch
text/plain 2600:141b:1c00:7::1728:b3ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1700148207090&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=2143&e=fuse-load
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Thu, 16 Nov 2023 15:53:27 GMT

POST
H3 200 8270bc2f6e098c95 Show response
captcha.bot/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame F303 0
550 B 27ms
26ms XHR
text/plain 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/cdn-cgi/challenge-platform/h/g/jsd/r/8270bc2f6e098c95
Requested by: Host: captcha.bot
URL: https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ds2vD%2FsL%2FNq%2B5QqyVRUOtibYVCC4So8ZVxisn24lSJ6v2usiq1sX7Z9r%2BvXE7kNqbSucCKsLjnpU%2FODfyJfv9QttJ44HGYcZxrc6FPTERBdVXpndy2r%2Bj4nWcAo4yYbfH9igZfQUWcHR"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8270bc3759c142be-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 203-021d9bb6abdf3b0a1686.js Show response
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/ Frame DB44 3 KB
2 KB 10ms
9ms Script
application/x-javascript 18.238.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/203-021d9bb6abdf3b0a1686.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master-41a5b5a55a6af09d04bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-47.phl51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

398aaea091a54352bcde7ee272823fae32d2ec9cbf1d7547ec07e97f800192e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: ZmaCPSdsoVeiTWNO2GLd.W1svX.lA..u
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Thu, 16 Nov 2023 15:19:05 GMT
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Nov 2023 10:27:18 GMT
server: AmazonS3
etag: W/"39b0397b27d3ed0a3a1371fc8ca05908"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: eCzlAif6i2mkNQh3_1bem7knJj0nnHJurWh2uqPQYXdqDw78c6B3lw==

GET
H2 200 211-6a6908e5a41569cb399a.js Show response
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/ Frame DB44 3 KB
2 KB 11ms
10ms Script
application/x-javascript 18.238.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/211-6a6908e5a41569cb399a.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master-41a5b5a55a6af09d04bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-47.phl51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e686f777af902c3b49e5143f9205136effcd04b661d8c863a8380e75a0d3a97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: pTvRBGvWyPqC7FJZSl8CBoWW58HvKYFl
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Thu, 16 Nov 2023 15:22:01 GMT
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 160
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Nov 2023 10:27:18 GMT
server: AmazonS3
etag: W/"98b68e616f028cac9f25f9eb296a0686"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: XnGRGFfPHb_MkSjbdzXvXjl0PRG970gme2QQoDX_DTQPC0AKIEBP7w==

GET
H2 200 pi-worker.js
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/ Frame DB44 65 KB
21 KB 11ms
11ms Other
application/x-javascript 18.238.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/pi-worker.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-47.phl51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b013c2c47077742878ed5169c4f564d0d5278a480d7aac99ef7df75a783359e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 6YZnSvXwCgQmMy3h1edTQ_hExiC5T2J3
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Thu, 16 Nov 2023 15:19:05 GMT
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 270
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Nov 2023 10:27:18 GMT
server: AmazonS3
etag: W/"2324169384a83daddea2b3025d388fe0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: -qe1BkiEGGE6Oa-pyZrh54T2RLS5H1sSjKvZmIHw638W7xeii0-26g==

GET
H2 200 retrieve_js_info Show response
privygg.chargebeestaticv2.com/api/internal/1700147700/ Frame DB44 596 B
1 KB 17ms
17ms XHR
application/json 13.224.214.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://privygg.chargebeestaticv2.com/api/internal/1700147700/retrieve_js_info

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master-41a5b5a55a6af09d04bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-86.phl50.r.cloudfront.net

Software

ChargeBee /

Resource Hash

064a3112be6d2f55331306cf2edd1ccc2a63cb9e3453a735861daba634d75188

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.chargebee.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:15:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
age: 500
x-cache: Hit from cloudfront
content-length: 596
server: ChargeBee
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json;charset=utf-8
access-control-allow-origin: https://js.chargebee.com
cache-control: max-age=0, must-revalidate, public, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version, chargebee-business-entity-id, X-TP-Token
x-amz-cf-id: Mvf9cXR-ZKqU0MweVKUpm7ubUxjeNRCTARHHq8i9tYEdOMBpTCN8ig==
expires: Thu, 01 Jan 1970 00:00:00 UTC

OPTIONS
H2 202 retrieve_js_info
privygg.chargebeestaticv2.com/api/internal/1700147700/ Frame 0
0 198ms
129ms Preflight 13.224.214.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://privygg.chargebeestaticv2.com/api/internal/1700147700/retrieve_js_info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-86.phl50.r.cloudfront.net

Software

ChargeBee /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://js.chargebee.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version, chargebee-business-entity-id, X-TP-Token
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://js.chargebee.com
cache-control: max-age=0, must-revalidate, public, s-maxage=10800
content-length: 0
date: Thu, 16 Nov 2023 15:23:27 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: ChargeBee
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
x-amz-cf-id: v-5N2MHQy_RiUMWAjCXtRfcNoaiJ5x_9uQgJSspV-JAXMswy6ihF-g==
x-amz-cf-pop: PHL50-C1
x-cache: Miss from cloudfront

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 14ms
12ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 17:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78315
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 14 Nov 2024 17:38:12 GMT

GET
H2 200 tag Show response
btloader.com/ 91 KB
30 KB 40ms
17ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3677a201ab63c88c0d56d83e946665e5fb5d93bca0d4b7a7ff0588b7e0107f85

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 16 Nov 2023 14:28:48 GMT
server: cloudflare
age: 3277
etag: "3b3e5d8fa78387de6747760e97ba5614"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8270bc388c331982-EWR
content-length: 30020

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 68ms
32ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 15:23:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
919 B 55ms
15ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1083504
x-guploader-uploadid: ABPtcPpNNajJRSFwM_0C3hYzCNCujkAURVj2eJaHaN1pvAL62OV4Db0k-n6McK_DMWi8P7kNfg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFtWWnCoGV8xCwcQqJ7Q%2BmIr7UK2f6NUzqAq%2Bmx%2BEkRw564ljjtOkoThBJtnCCG0odojL8CEqsX%2FMmuofqK8dbk68Bp%2FFBKW0jscEEZwGybSUlxCpujQQPl20JRMs%2FUmQ7ij%2FHhf0W3b7f5k0w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8270bc38fefb4219-EWR
expires: Fri, 17 Nov 2023 15:23:27 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 26ms
3ms Image
image/x-icon 142.250.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.102 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 09:34:20 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
339 B 56ms
16ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.24106254670847926
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1083504
x-guploader-uploadid: ABPtcPpNNajJRSFwM_0C3hYzCNCujkAURVj2eJaHaN1pvAL62OV4Db0k-n6McK_DMWi8P7kNfg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdz7wO9qjSuO4sRefhzwmrktmt2UetiROvTs0S8InWtfFLTxjfrpRG4ZVNUkq%2FQy7olj9SwLGP3kqb3ghp8JvCkhkSTWSrpuSkan%2FjMP07WhND%2Bf7tY0AlmziE3qHcIhLQYh4amZk2orMb%2FWHA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8270bc38fefe4219-EWR
expires: Fri, 17 Nov 2023 15:23:27 GMT

GET
H2 200 205-e9a35cb8e86108e5b7ba.js Show response
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/ Frame DB44 13 KB
4 KB 16ms
16ms Script
application/x-javascript 18.238.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/205-e9a35cb8e86108e5b7ba.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master-41a5b5a55a6af09d04bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-47.phl51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ad74a7f477d4dbe1cecfc7591f728f9d7236efb402e337634cd3d14c321c1ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: h3AAKv5Dik2bQU79frh68MdMzQKMhS3n
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Thu, 16 Nov 2023 15:19:05 GMT
via: 1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 262
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Nov 2023 10:27:18 GMT
server: AmazonS3
etag: W/"d277b774543358b06ec00bd035f365fa"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: WffQcgvE7AbWIC0tc-YX63MzbU9-AklTZBj5U9QUvWQOynHdjopMhA==

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 33ms
31ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

POST
H3 204 rum Show response
captcha.bot/cdn-cgi/ 0
138 B 6ms
6ms XHR
text/plain 2606:4700:20::681a:66e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://captcha.bot/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://captcha.bot
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8270bc395cae42be-EWR

GET
H2 200 api.js Show response
js.hcaptcha.com/1/ Frame DB44 325 KB
92 KB 48ms
13ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hcaptcha.com/1/api.js?onload=hCaptchaLoadCallback&render=explicit

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/205-e9a35cb8e86108e5b7ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36eb960a0f696bcea2ff0f7e1c190497b0434dc69b5f08e5ef966bf8a5fdb62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: qgwXoHvtvhyqGf6FlJZpIKGVKUu9tX9V
age: 0
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 Nov 2023 13:02:04 GMT
server: cloudflare
etag: W/"4615710d2f5af894fc819f8023a57fe1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8270bc398fdb440d-EWR
x-amz-cf-id: qeqAC9dXTdEbknaBzB858i0LDBJ5UJizIOeirnwtzoJwyyS55I2mLg==

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 30ms
30ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=sGjyYCeOw&w=5142342223265792&o=5708166709903360&cv=2.1.23-7-g7ca04d5&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fcaptcha.bot%2F&sid=sGmry40rl&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 15:23:27 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/c455997/static/ Frame C15F 2 KB
933 B 27ms
12ms Document
text/html 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=hCaptchaLoadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c85bf82b1839f7ce776633ba44f9bafe42b7bece4581e008e641274134810f4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.chargebee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
age: 252
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 8270bc3a1873440d-EWR
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:23:27 GMT
last-modified: Thu, 16 Nov 2023 13:02:04 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
x-amz-cf-id: g36cx3x-W6UQT7at_XEscPRCGCIJwVo4r9lN_6uwVHDTfXnHjxWsiQ==
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: p.ku4Nkm6QkcaDuF1MzZmBrOVAxIDhNF
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/c455997/static/ Frame EA6E 2 KB
763 B 31ms
18ms Document
text/html 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=hCaptchaLoadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c85bf82b1839f7ce776633ba44f9bafe42b7bece4581e008e641274134810f4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.chargebee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
age: 252
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 8270bc3a1870440d-EWR
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:23:27 GMT
last-modified: Thu, 16 Nov 2023 13:02:04 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
x-amz-cf-id: g36cx3x-W6UQT7at_XEscPRCGCIJwVo4r9lN_6uwVHDTfXnHjxWsiQ==
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: p.ku4Nkm6QkcaDuF1MzZmBrOVAxIDhNF
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/c455997/ Frame C15F 325 KB
91 KB 14ms
13ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/c455997/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36eb960a0f696bcea2ff0f7e1c190497b0434dc69b5f08e5ef966bf8a5fdb62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: qgwXoHvtvhyqGf6FlJZpIKGVKUu9tX9V
age: 255
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 Nov 2023 13:02:04 GMT
server: cloudflare
etag: W/"4615710d2f5af894fc819f8023a57fe1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 8270bc3a38a6440d-EWR
x-amz-cf-id: qeqAC9dXTdEbknaBzB858i0LDBJ5UJizIOeirnwtzoJwyyS55I2mLg==

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/c455997/ Frame EA6E 325 KB
91 KB 12ms
12ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/c455997/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36eb960a0f696bcea2ff0f7e1c190497b0434dc69b5f08e5ef966bf8a5fdb62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: qgwXoHvtvhyqGf6FlJZpIKGVKUu9tX9V
age: 255
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 Nov 2023 13:02:04 GMT
server: cloudflare
etag: W/"4615710d2f5af894fc819f8023a57fe1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 8270bc3a48be440d-EWR
x-amz-cf-id: qeqAC9dXTdEbknaBzB858i0LDBJ5UJizIOeirnwtzoJwyyS55I2mLg==

GET
DATA 200
OK truncated
/ Frame EA6E 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/
Redirect Chain

https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2

10 KB
4 KB

454ms
422ms

Script
application/javascript

2600:9000:25c8:4800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
Protocol: H2
Server: 2600:9000:25c8:4800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: beea121e5188b863d6e08e80e8b9744ecebf9cdd37f201a9b2b4000fd6af900f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: br
via: 1.1 155cf052093c04a91231ce0752765784.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 19:51:02 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
x-amz-server-side-encryption: AES256
etag: W/"68a808c955fa55b5689765c1870de09c"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 09JcOEF1bWVl8rd5gz0FdpWNbl_gJ_VHZYj9e0ytRxtH06wDhZnGnw==

Redirect headers

x-amz-website-redirect-location: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
date: Thu, 16 Nov 2023 15:23:28 GMT
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
last-modified: Wed, 15 Nov 2023 19:47:35 GMT
server: AmazonS3
etag: "997985d66f999e7c0034a8915419c2cf"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: grWBN09e5BmBkHe9P7E_zKxv7Wbiru1GNQfQ9aKhZHv0PtWXgeRYlA==

POST
H2 200 checksiteconfig Show response
api.hcaptcha.com/ Frame C15F 650 B
837 B 63ms
36ms XHR
application/json 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/checksiteconfig?v=c455997&host=js.chargebee.com&sitekey=dc26aa54-4902-437f-80e2-a22947a6c01b&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c455997/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ac786dd7d2df1c24377488b0cd75aa969d139420d5ac295be1e93f8fde493c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 8270bc3af9a9440d-EWR
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc: h3=":443"; ma=86400

GET
H2 200 hsw.js Show response
newassets.hcaptcha.com/c/bc8c0a8/ Frame C15F 511 KB
222 KB 23ms
23ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/bc8c0a8/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c455997/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e6dab1cacda3a4a07e374d1364e01aa182806cafee7421cc7bccf5ca347f3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: sOQ_F0Za0jAfo9cYoJ7FtRMIyAVgv0OK
age: 423
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 Nov 2023 08:28:40 GMT
server: cloudflare
etag: W/"c0fbe32c10a50567ff821ccdabc2754c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 8270bc3b29fa440d-EWR
x-amz-cf-id: pf5necXxv5tcd-jvDu4lysg5HJEXgSFoDQZ-tUd9WTj-ihlmCfuYHA==

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/ 158 KB
42 KB 12ms
12ms Script
text/javascript 2600:9000:25c8:4800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=captcha.bot
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:4800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a36cfe069f3a0762652d5b30060d711b1c3261ea54ad353241a265db227812c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:28:05 GMT
content-encoding: br
via: 1.1 155cf052093c04a91231ce0752765784.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 3324
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 20 Sep 2023 19:17:26 GMT
server: AmazonS3
etag: W/"e7ba2bb5a35380a45ae26284e5c41476"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
x-amz-cf-id: hIH0oIfDHGGLaUAAg1cqE5kWVesviRq64eME6m1m_3q2VQKpb5SwyQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 230ms
15ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Nov 2023 15:23:28 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 36ms
6ms Script
text/javascript 54.230.163.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-124.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:18:30 GMT
content-encoding: gzip
via: 1.1 b364a698bd3b40fc657ca5500f6818ce.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 29099
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: OEMbMlBO7_bDBjSmaKJZFYA47G8PclyfriU0fo5uNTf3WaenFM0y2A==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 184 KB
50 KB 869ms
868ms Fetch
text/plain 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2972673244638772&correlator=3937899634057707&eid=31079659%2C31079670%2C31079657%2C44780988%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&gdpr=0&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Cweb_interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=4167373516&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700148208377&lmt=1699676384&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1030093738.1700148207&ga_sid=1700148208&ga_hid=560816133&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9sXrxb0xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPbF68W9MUgAUgIIZA..&dlt=1700148206290&idt=1097&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D2000-2499%26PREBID_READY_MS%3D2000-2499%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3Dnot_ready%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D2000-2499%26CMP_JURISDICTION%3Dunknown%26CMP_ALLOW_PERSONAL%3Dfalse&adks=3794695886&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56e01dbd445b3e609dba673bd82bdf1969b350936a70c9e1a234ad3cddec16de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51657
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
266 B 6ms
6ms Fetch
text/plain 2600:141b:1c00:7::1728:b3ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602535&cmpj=unknown&v=1&ttm=1700148208390&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=3443&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Thu, 16 Nov 2023 15:53:28 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 81ms
34ms XHR
application/json 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce32ae882f40c9033f5d7fc2704b9be9cee32aa7d53023f20fdb966ab3e01119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12259
x-xss-protection: 0

GET
H2 200 container.html Show response
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DD23 6 KB
3 KB 103ms
34ms Document
text/html 2607:f8b0:4020:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:23:28 GMT
expires: Fri, 15 Nov 2024 15:23:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 39 KB
13 KB 12ms
11ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js?cb=31079657

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 17:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78135
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13750
x-xss-protection: 0
server: cafe
etag: 15254217830347453119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 14 Nov 2024 17:41:13 GMT

GET
H2 200 geoip Show response
cmp.inmobi.com/ 49 B
333 B 12ms
11ms XHR
application/json 2600:9000:25c8:4800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=captcha.bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:4800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 1ea50329b826918b0b803777e2f5ac48a3570aa1f9c06bc92b6a1731ae37654a

Request headers

Accept: application/json, text/plain, */*
Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
via: 1.1 ca0fc43bc87ea655f66615a99ef77b4e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PHL51-P1
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 49
x-amz-cf-id: RhyANUOlrIwcvLDtL3MUhTHE5hYeViNEHltyDZhnKNKgMPoJY9ZMBw==

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
739 B 144ms
115ms XHR
application/json 107.23.92.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fcaptcha.bot%2F&tmax=1000&gdpr=false

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.23.92.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-92-235.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
accept-ch: sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
190 B 51ms
14ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.27.0&cb=23227072884

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://captcha.bot
date: Thu, 16 Nov 2023 15:23:27 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 104 B
180 B 107ms
69ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 104 B
189 B 126ms
89ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 104 B
189 B 103ms
66ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 104 B
189 B 95ms
59ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 104 B
358 B 77ms
41ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 1 KB
2 KB 248ms
96ms XHR
application/json 147.135.94.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.135.94.209 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-147-135-94.us
Software: /
Resource Hash: a8642b2144f5f3473de287de8bf9960e40c66bacb4845580accdd400c52a7fa7

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 1010 B
2 KB 259ms
107ms XHR
application/json 147.135.94.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.135.94.209 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-147-135-94.us
Software: /
Resource Hash: 3a2762ba48e0ce21f54e4b545f937fe83de3dd840d291134103d889dbb28d86e

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 1 KB
2 KB 255ms
103ms XHR
application/json 147.135.94.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.135.94.209 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-147-135-94.us
Software: /
Resource Hash: ca73ce16bf82732ed93a9b6087c7bc63ac2d76e285ca5d7a34411b47ee49995f

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 1 KB
2 KB 251ms
100ms XHR
application/json 147.135.94.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.135.94.209 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-147-135-94.us
Software: /
Resource Hash: 16584d00bde34db36e3c3fd2d68804f1a05ef12abe8570531e561134e1fec73d

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 1007 B
2 KB 249ms
98ms XHR
application/json 147.135.94.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.135.94.209 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-147-135-94.us
Software: /
Resource Hash: a1cb10406a6a28655351f567b6851b114056e8b2b2b773d0aca26cb3da966143

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
603 B 256ms
116ms XHR
application/json 2602:803:c002:300::98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=41c58079-ea0c-4028-9f61-d42d66385f06&l_pb_bid_id=37d1c9391c09103&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7377247672957787
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 43fe9baf723ed950dda46d8675f1123142eab8360bf5d71f3126de4978e5e74f

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 5 KB
2 KB 297ms
157ms XHR
application/json 2602:803:c002:300::98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=049f652f-8843-4c19-bf9c-dcfe2c9a6617&l_pb_bid_id=38c39be76a475be&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.41142009896986886
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 64b5c64d8600b52c7750278da76ec7cb2ae1b6ac40831ef3e7f3402e970f9525

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
604 B 238ms
99ms XHR
application/json 2602:803:c002:300::98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=1a778a26-e6ce-491c-bb48-ce09e0c22169&l_pb_bid_id=39a4fa0f35740bf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7771585078351313
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1162f1c47f371d5ca4192e405bb3059b3d582df339ce66b15ed7da465367dc80

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
604 B 259ms
120ms XHR
application/json 2602:803:c002:300::98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=07301293-55dd-47be-9ff9-1c5495b45ca7&l_pb_bid_id=40ad67c3940c30a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.731575498782719
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c5cc340c08cd853d82cd532d2f58de982e0c8fc015b7116f837202d52b129508

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
774 B 235ms
96ms XHR
application/json 2602:803:c002:300::98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=7ee258c5-369c-46a3-af03-b04cab1826d7&l_pb_bid_id=415c8ffcaa2469d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3763994117632361
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cd594deba343e24788a95c61f98cecd9e107ddbc82ac9c95033a71aa4dc22a64

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 265 B
606 B 235ms
97ms XHR
application/json 2602:803:c002:300::98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=1%2C55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=ba2da729-f220-44e5-9716-79ae4d3c1a61&l_pb_bid_id=422ed1e3be7348c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4647718285707103
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4b5a1c328f781b61a764d17923f440cc970d6f699849bcc236e894a0d51c72bd

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 265
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 603 B
1 KB 78ms
42ms XHR
application/json 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

22caa2f838449dff34cf4b2e3d693ea3605903c403032431d294eef8d894da0e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
an-x-request-uuid: 0e803b08-9a55-4696-b66f-4cb375cefe94
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://captcha.bot
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.132; 5.181.234.132; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 49ms
9ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://captcha.bot
date: Thu, 16 Nov 2023 15:23:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
167 B 53ms
11ms XHR
text/plain 147.28.129.37
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Thu, 16 Nov 2023 15:23:28 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://captcha.bot
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
612 B 103ms
28ms XHR
application/json 107.20.214.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-214-81.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f1541501090897e0804ad3205d903eb61d4fed83ed28d2a903272f614ee894b7

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://captcha.bot
cache-control: no-cache
x-server: 10.40.52.132
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 90ms
46ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 15:23:28 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C1EF 13 KB
5 KB 18ms
14ms Document
text/html 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 66478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 20:55:30 GMT
expires: Thu, 14 Nov 2024 20:55:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4AB9 829 B
1 KB 46ms
26ms Document
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8e4186bd2cfa76f7a48100c5d1edb1909b37f68f1e33508f92edb72017a40406

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-APvzqoQR9uKx0ChkaftnNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-APvzqoQR9uKx0ChkaftnNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:23:28 GMT
expires: Thu, 16 Nov 2023 15:23:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame C1EF 39 KB
15 KB 15ms
3ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 13:12:21 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8DB4 15 KB
6 KB 32ms
13ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=captcha.bot&gdpr=0&gdpr_consent=&us_privacy=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:23:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 444952
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4AB9 0
0 63ms
62ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=2972673244638772&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8DB4
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=captcha.bot&sn=ChromeSyncframe&so=0&topUrl=captcha.bot&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=pSLJmHxJNktXbGVET1UwZFkvU0RzcFpNbExMVUtTVHB2R05ha3VjM1ZUZ2hnNzBiaXgyVTliYUY1YmxSZHU4MnQ3djYxems0d0pxMEl4MXRzL28xZmdTdVlQVmlnL1RMT0kwb0VZVmhoTUR6b1E5MFhiTmw0VGhvRHNIM2...

435 B
653 B

485ms
11ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=pSLJmHxJNktXbGVET1UwZFkvU0RzcFpNbExMVUtTVHB2R05ha3VjM1ZUZ2hnNzBiaXgyVTliYUY1YmxSZHU4MnQ3djYxems0d0pxMEl4MXRzL28xZmdTdVlQVmlnL1RMT0kwb0VZVmhoTUR6b1E5MFhiTmw0VGhvRHNIM2Zib3BXNGtRMW02YnpFSHBpNU5IcUU1ZUQ5ZWFpaXJHd09scVNpWFRkbWdyWGxZWVdFM0syVnFJU3BZeTkvRDJLS0IzQVVNL3N3T3ZyZVdhenVWYWRZREdJWlJjVVVDU0hucDVOWm5KaUNrQ0xBRXBtQmJodWpxMEpPUnlVUlc4NkJZWWFpOUQraHVVblFLYm1oMHdTZ0kyR2RCWVV3UT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

eed41569c5406a72f15d1cf51192eb8f2ee0fc44e64cbc97b50cf7f7f5437e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1639001
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=pSLJmHxJNktXbGVET1UwZFkvU0RzcFpNbExMVUtTVHB2R05ha3VjM1ZUZ2hnNzBiaXgyVTliYUY1YmxSZHU4MnQ3djYxems0d0pxMEl4MXRzL28xZmdTdVlQVmlnL1RMT0kwb0VZVmhoTUR6b1E5MFhiTmw0VGhvRHNIM2Zib3BXNGtRMW02YnpFSHBpNU5IcUU1ZUQ5ZWFpaXJHd09scVNpWFRkbWdyWGxZWVdFM0syVnFJU3BZeTkvRDJLS0IzQVVNL3N3T3ZyZVdhenVWYWRZREdJWlJjVVVDU0hucDVOWm5KaUNrQ0xBRXBtQmJodWpxMEpPUnlVUlc4NkJZWWFpOUQraHVVblFLYm1oMHdTZ0kyR2RCWVV3UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 539408
content-length: 0
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 243 KB
42 KB 757ms
756ms Fetch
text/plain 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2972673244638772&correlator=228965415457787&eid=31079659%2C31079670%2C31079657%2C44780988%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Chome_header%2Chome_incontent_1%2Cscrolling_sticky_footer%2Chome_incontent_2%2Chome_incontent_3%2Chome_incontent_4&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C468x60%7C728x90%7C970x90%7C970x250%7C1200x90%2C728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250&ifi=2&didk=907217920~3563266103~3802411025~907161749~907278779~907458070&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700148208758&lmt=1699676384&adxs=436%2C436%2C566%2C436%2C436%2C436&adys=140%2C1149%2C1200%2C2312%2C3159%2C4373&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4&ucis=2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x64%7C0x64%7C0x-1%7C0x64%7C0x64%7C0x64&msz=728x0%7C728x0%7C468x-1%7C728x0%7C728x0%7C728x0&fws=128%2C128%2C644%2C128%2C128%2C128&ohw=0%2C0%2C1600%2C0%2C0%2C0&ga_vid=1030093738.1700148207&ga_sid=1700148208&ga_hid=560816133&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjGx-vFvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj2xevFvTFIAFICCGQ.&dlt=1700148206290&idt=1097&prev_scp=is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Chb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.20%26hb_adid%3D6355932014fc4e3%26hb_bidder%3Drubicon%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Cis_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Cis_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Cis_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Cis_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D2000-2499%26PREBID_READY_MS%3D2000-2499%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3D3000-3499%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D2000-2499%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26GPT_AUCTION_START_MS%3D3500-3999%26CMP_LOAD_FINISH_MS%3D3000-3499%26FIRST_ZONE_MS%3D2500-2999%26HB_AUCTION_START_MS%3D3500-3999&adks=789855873%2C3730992247%2C3743414737%2C258786273%2C1791281508%2C4107777432&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b25fabbdd4608ade7c022b666c1cc2e631a9d403fc29535df2789ed0bca96817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42673
x-xss-protection: 0
google-lineitem-id: -1,5936619770,6135256488,208234953,208234953,208234953
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138383374723,138370670983,138324663415,138324663418,107027452833
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://captcha.bot
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
266 B 5ms
5ms Fetch
text/plain 2600:141b:1c00:7::1728:b3ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602502&cmpj=none&v=1&ttm=1700148208772&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=3826&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Thu, 16 Nov 2023 15:53:28 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
266 B 8ms
8ms Fetch
text/plain 2600:141b:1c00:7::1728:b3ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801516488&cmpj=none&v=1&ttm=1700148208773&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=3826&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Thu, 16 Nov 2023 15:53:28 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
266 B 8ms
8ms Fetch
text/plain 2600:141b:1c00:7::1728:b3ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22856109504&cmpj=none&v=1&ttm=1700148208774&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=3827&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Thu, 16 Nov 2023 15:53:28 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
266 B 8ms
8ms Fetch
text/plain 2600:141b:1c00:7::1728:b3ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602508&cmpj=none&v=1&ttm=1700148208774&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=3828&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Thu, 16 Nov 2023 15:53:28 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
266 B 8ms
8ms Fetch
text/plain 2600:141b:1c00:7::1728:b3ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602505&cmpj=none&v=1&ttm=1700148208775&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=3828&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Thu, 16 Nov 2023 15:53:28 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
266 B 8ms
8ms Fetch
text/plain 2600:141b:1c00:7::1728:b3ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602511&cmpj=none&v=1&ttm=1700148208776&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=3829&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Thu, 16 Nov 2023 15:53:28 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C1EF 0
10 B 12ms
12ms Image
text/plain 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gzvdbw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DAA6 6 KB
3 KB 17ms
12ms Document
text/html 2607:f8b0:4020:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:23:28 GMT
expires: Fri, 15 Nov 2024 15:23:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame DAA6 4 KB
1 KB 328ms
35ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:43:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9229 14 KB
1 KB 312ms
35ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:44:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9229 2 KB
822 B 12ms
12ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:55:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 20:55:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 9229 23 KB
9 KB 12ms
11ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 20:45:00 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2E35 143 B
248 B 15ms
11ms Document
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3454
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:25:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9229 3 KB
1 KB 12ms
12ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 20:57:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9229 20 KB
8 KB 13ms
12ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 20:47:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9229 195 KB
62 KB 300ms
37ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62828
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 9229 37 KB
16 KB 277ms
14ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 20:55:46 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame DAA6 21 KB
9 KB 11ms
11ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 20:55:49 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DAA6 205 B
519 B 274ms
19ms Image
image/png 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:45:13 GMT
x-content-type-options: nosniff
age: 67096
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Nov 2024 20:45:13 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DAA6 604 B
695 B 274ms
19ms Image
image/png 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:50:18 GMT
x-content-type-options: nosniff
age: 66791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Nov 2024 20:50:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 65ms
65ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=2972673244638772&bg=!WFulWxTNAAZxrfrxUa07ADQBe5WfOAfome-V534rE6wWHfXTP4PMU1F1m8lw4ivJuCRKfb3d1n-31dhOomRwXWtuy7-JAgAAAKZSAAAABWgBB5kCw1do2XvjSoGN_B3ur6PYXpqsPnANEu0BNxM6ZnlFg4pbCsWKnENBg8XAYjmfmr3Q-Lwon2wmFxTpiy37K1dcv4ZTrBpsd9_ZTTdHpBns_Rj9WtJ8viov1XjarUtpw8dj1Q9xGzqQKfxLwAEJH5wakl7EzUoaTYsA-m6j0TVAHBanqNNs2Z6nmAP1r16QLUl5s6e7AGpMixbq0Wov6tJChxhcFrn7wlCs9qz2wKSwQILDlm8gnygkP3LsHFV3K2H7tkJGTFSiPeiU7nBfxjjZSJrNtF74IUrK7KDHsKf1KsWbTdNM72RhOABWUWKY0u4PpcALGq4EkFYA31yw1k3RiXm7USEGmfZ291DduseyWwl6YmR2il7NQYzQIOCQTFonW1Z-PzoOlp5rmE7Jnmdaemi7UUqztaqvc6IJZyqvi1TvYyZtcOsw_SxpPosjoRooA3B4b4UFkfJ0KzMPh3izsBP9dJ-y-dtbt4nXXGAgbFbD5f0a7x3_sp68uiuTxrM1IAoEoaiBoIz5vs81f64dlWj6XhavSucbwME4O0dqM8iJDeL8RPEdbZvTaVRb9FX_Cx2KQ55c8VI_Jw1bG-5Xis0y5zQWa09y-sME_OSV8QRL3PSr-7R1xyofhF4eXm75KHk2jmeV7YSKtu_6KsAI_crOO3B4FZkrHnQueM0nCOqAp1hnIbJzDagL3Wvgd7BuKec1J3ZEGYdnjAXtMqTyOKRaUVD0fCm6bZgWTYxG9Zp_cuj0ZWN49r4KKTtZ6-wGyyxdJmGry3PN-UXC2E29vyKKik-gEcKQOzCAuBUPsQQMq1Ci1unIfjTJatVDs6XA8qnopjwm8HLIRwoM-vJEfiLFHv2DgLlM9aNXv5xBQqz882DvgJZi7DXdGp5uDVz1YOFSgdi_bh3DU1GJGpwk2MNEaOwe6T5oWSI_ccUHMRSQD4uf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 17ms
16ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Nov 2023 15:23:29 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 7F94 196 KB
56 KB 101ms
7ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 11 Nov 2023 04:44:03 GMT
age: 470366
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 10 Nov 2024 04:44:03 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7F94 15 KB
5 KB 110ms
17ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Nov 2023 18:07:46 GMT
age: 249343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 12 Nov 2024 18:07:46 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7F94 95 KB
29 KB 104ms
11ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Nov 2023 18:07:46 GMT
age: 249343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 12 Nov 2024 18:07:46 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7F94 5 KB
2 KB 111ms
18ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Nov 2023 18:07:46 GMT
age: 249343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 12 Nov 2024 18:07:46 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7F94 40 KB
13 KB 108ms
15ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Nov 2023 21:20:22 GMT
age: 583387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 08 Nov 2024 21:20:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7F94 14 KB
1 KB 128ms
36ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:37:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7F94 2 KB
2 KB 13ms
13ms Image
image/png 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:59:41 GMT
x-content-type-options: nosniff
server: cafe
age: 66228
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 Nov 2023 20:59:41 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7F94 295 B
319 B 14ms
14ms Image
image/png 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:48:23 GMT
x-content-type-options: nosniff
server: cafe
age: 66906
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 16 Nov 2023 20:48:23 GMT

GET
DATA 200
OK truncated
/ Frame 7F94 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81c68e93b5bad4332a72ee44e13adf8f0ad4a709f0ff5b93f37d985485ff903b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 702E 0
0 79ms
78ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyo5moOtaXhlwZUDtm3TWXHTRQnuNwcSA6JR2X4C2Mjzz59dZncUe7ND5v0n3YzmG6QfD4-kDQGnzr__bhxE4z0vLKa_ZjUguJq1cXqvdziIrHb3nyLLTkxpuO0E9KCGjQj56k-qD3pSn283bkNBSf6neFsFCOaMLNtyONjBJPWfsNJnQNb-ffKrbYfDC8sdSPvzP2_QCLw8QUl_SGra7A4VIwC0qlt2Plq0gagBeb5xr1_EWZemv05wwHGv-kcDGiW1LwK5JrZf_pKxk9vLMIemGsJn8YzF2q08h6-BfCwvnFjd6NIdh3LbXx15Bl7gehGfqZwwM_WxdWV6FAhQPB4l19MgXeyY4wLtSoOuQ_b3XfjuMb6VEQVEx2pzdDzVhE&sai=AMfl-YRA4ix0M5ZHovKS-LAgBqjGtKiFH1VVjnjX2xmDfA4pI02EUUbBsmIdUD1yIT4R_b9ad-I2jHNJvGFwUWpBm07okduXP02FIU7DfEQODFNkyB-YXxiOKyqu_T0nOi467VhERJvcyMTp_9rk9qfP2Xw&sig=Cg0ArKJSzPfp9pQ11lq-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 702E 26 KB
10 KB 42ms
3ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Nov 2023 15:23:29 GMT
x-content-type-options: nosniff
content-encoding: br
age: 41621
x-jsd-version: 1.16.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9365
x-served-by: cache-fra-etou8220028-FRA, cache-lga21957-LGA
x-jsd-version-type: version
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 702E 195 KB
61 KB 128ms
89ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62828
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4B6 0
0 81ms
81ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuc1srfwV83ZScSpgnMOWiqYgPZ66BfDyoawqBnL8DjN3ibWs7GmEMnvTLiG7WjwSQUhUAElJqF0j4eFPKwfxCwxp2CK8zOPZkINprQKFLy8LAH7rj8xXp60EVM3pqO-QGtgkA9z5BRuXBCVWvk1PDodcDbV6x6iS-xk2NpsWTMssGowIEjTWIGeQiiHPPA7zedZwuXvACgavMjNwZ7Ex7pa7oPIfBN01N260f8GBQPs9B7J65QiZCWChVSGVMZDHQbDa7NgOOBQMT6uqP6p8mYzO-ys8LUYDYgF93s3K7YxZfqpW-hytSv2iDHkVptksx_c6QDkPjDvWigizaj0QFixlW7cjzGPbt0GLyKDMcVfTuUg_RD7CKmcyxjiMZ3YqASKjUjJLs8jtU&sai=AMfl-YQSZzc-SUzaS7714nMVU266W7owoqXr16cmKfi8XSML2j6AJ7G-Hqbm7Da0H-Dgi-I8vnPa2dzb2oJdHRapCzLOQh3hYa14nJ7rRdEs6b49QTg23ilCI-PZrUzCbVZeZzu2AFEvXKUN77ZuWgaWUZ0&sig=Cg0ArKJSzLBA3753GXnkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4B6 195 KB
61 KB 73ms
57ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62828
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
H3 200 container.html Show response
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C496 6 KB
3 KB 15ms
14ms Document
text/html 2607:f8b0:4020:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:23:28 GMT
expires: Fri, 15 Nov 2024 15:23:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3505 6 KB
3 KB 14ms
12ms Document
text/html 2607:f8b0:4020:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:23:28 GMT
expires: Fri, 15 Nov 2024 15:23:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 019D 6 KB
3 KB 12ms
12ms Document
text/html 2607:f8b0:4020:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:23:28 GMT
expires: Fri, 15 Nov 2024 15:23:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
20 KB 397ms
396ms Fetch
text/plain 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2972673244638772&correlator=228965415457787&eid=31079659%2C31079670%2C31079657%2C44780988%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Cscrolling_sticky_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=468x60%7C728x90%7C970x90%7C970x250%7C1200x90&ifi=8&didk=3802411025&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D46bc5e9458bf6f55%3AT%3D1700148208%3ART%3D1700148208%3AS%3DALNI_MbIJYE-JKAAMrCyQrBxKQ-UMyNMDw&gpic=UID%3D00000a0053d5c6ac%3AT%3D1700148208%3ART%3D1700148208%3AS%3DALNI_MZu1Oz511-cDZ4fCVwbtKJ8OrNGog&abxe=1&dt=1700148209710&lmt=1699676384&adxs=800&adys=1151&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x-1&msz=0x-1&fws=516&ohw=1600&psts=AOrYGsmzTUZIvfN6iqrGRNqK91FkNnD6Kewtw11F-75YiYeCO7FICCTEmeISiehFktV1NjvPzTpjR5zNDumPbeAxNnU5-KsC4vIBFTk%2CAOrYGsmdGDm7W07vuVzPP-LSCeRket1sqN8VupqjSCVZJG7UpRxR2bQmLS-bELkyw-EEUEhaENqtGxa9xJlNNr5U1OTM_vawmiQ%2CAOrYGsl28t0dSUBLbM-TuixCRH7gGM57jYM1vW7OAzbXJWCRD50D13X4cohz13fsHrIfdBCslJJPHpa47BI9pOZmE2z-cYpuziM%2CAOrYGslbfMLpMo25aWcI34-6bTPmGlPgJ5Jrjc49AweOCkOgVLyKBNJ9Ake4SV4eam73298L3uirMgN65ozpD8xYuL9ecwk62mk&ga_vid=1030093738.1700148207&ga_sid=1700148208&ga_hid=560816133&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjGx-vFvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj2xevFvTFIAFICCGQ.&dlt=1700148206290&idt=1097&prev_scp=is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26in2w_key%3D5%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx1515%26in2w_key4%3D--3---%2C--3---%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D1515%26in2w_key8%3D5%252C6%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D7%26in2w_keypm%3Dfuse-slot-22856109504-1%26in2w_key9001%3D1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D2000-2499%26PREBID_READY_MS%3D2000-2499%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3D3000-3499%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D2000-2499%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26GPT_AUCTION_START_MS%3D3500-3999%26CMP_LOAD_FINISH_MS%3D3000-3499%26FIRST_ZONE_MS%3D2500-2999%26HB_AUCTION_START_MS%3D3500-3999&adks=3743414737&frm=20

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf2251fa0d25ff7169dc9c75e11526578a71434eb9b25487dc2228f13bfc2bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20215
x-xss-protection: 0
google-lineitem-id: 6135185025
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138376945722
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7F94 33 KB
34 KB 73ms
25ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://captcha.bot
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:47:49 GMT
x-content-type-options: nosniff
age: 66940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 20:47:49 GMT

GET
H/1.1 200 s_XRf87ByLeD_XctsjabcveBG_1696965932533.html Show response
cdn.w55c.net/i/ Frame F9FD 1 KB
1 KB 306ms
31ms Document
text/html 54.172.84.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.w55c.net/i/s_XRf87ByLeD_XctsjabcveBG_1696965932533.html?&rtbhost=conf01-us-east4.rtb.roku.com&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&ei=RUBICON&wp_exchange=NWP&ac=WFNXOXFyT2xxRzpYUzQ1S0VoZjBzfDB8MHxVU0Q7&js=0&ob=1&ccw=SUFCMjQjMS4w&ci=XmbvfiH6oH&fiu=WG01RHFwcXVhTA&fid=Xm5DqpquaL&sd=captcha.bot&s=https%3A%2F%2Fcaptcha.bot%2F&ts=1700148208613&dvdp=i.w55c.net/dv.jpg&ai=0DkbXg17JP&tpce=&c=US&r=NY&m=501&pc=10013&rnd=2830509275131764&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=WGNv&dm=MU1ocWFxcHZ5RQ&l=fGVufA&ri=2ravM8&alg=TGcwMDA4&v=0&euid=NDNmZGY0OWJkN2I2YzQ3MTA1ODFiNmFkNzBiZjA0OWJiMWVhYWIyZg&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=QW1lcmljYS9OZXdfWW9yaw&sg=ckbgDtUkhQvEnRK0f7Gl9w&buid=Xdb4S64gzq5&bs=XiosL1mBqIPx&dv=MUxWSXJn&az=us-east4-c&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.84.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-84-140.compute-1.amazonaws.com

Software

AdTracking/v2.0.30-795-gb641a57#rel-ec2-master i-08ccf266c0a43c5e8@us-east-1d@dxedge-app-us-east-1-prod-asg /

Resource Hash

e7d966b93453ecd66f4633ebf4cfa77e88a8fd891507ee213a6fa8f836a992e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 880
Content-Type: text/html
Date: Thu, 16 Nov 2023 15:23:29 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Server: AdTracking/v2.0.30-795-gb641a57#rel-ec2-master i-08ccf266c0a43c5e8@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame DBD8 281 B
555 B 210ms
27ms Document
text/html 23.203.105.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=na&co=us
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.105.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-105-107.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 15:23:30 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200 a.gif
i.w55c.net/ Frame 702E 42 B
576 B 236ms
10ms Image
image/gif 52.3.191.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-us-east4.rtb.roku.com&rts=1&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&ei=RUBICON&wp_exchange=461C729B55943175&ac=WFNXOXFyT2xxRzpYUzQ1S0VoZjBzfDB8MHxVU0Q7&js=0&ob=1&ccw=SUFCMjQjMS4w&ci=XmbvfiH6oH&fiu=WG01RHFwcXVhTA&fid=Xm5DqpquaL&sd=captcha.bot&s=https%3A%2F%2Fcaptcha.bot%2F&ts=1700148208613&dvdp=i.w55c.net/dv.jpg&ai=0DkbXg17JP&c=US&r=NY&m=501&pc=10013&rnd=2830509275131764&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=WGNv&dm=MU1ocWFxcHZ5RQ&l=fGVufA&ri=2ravM8&alg=TGcwMDA4&v=0&euid=NDNmZGY0OWJkN2I2YzQ3MTA1ODFiNmFkNzBiZjA0OWJiMWVhYWIyZg&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=QW1lcmljYS9OZXdfWW9yaw&sg=ckbgDtUkhQvEnRK0f7Gl9w&buid=Xdb4S64gzq5&bs=XiosL1mBqIPx&dv=MUxWSXJn&az=us-east4-c&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.191.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-191-242.compute-1.amazonaws.com

Software

PixelTracking/v2.0.30-795-gb641a57#rel-ec2-master i-055993d3c4412001c@us-east-1b@dxedge-app-us-east-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 15:23:29 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-795-gb641a57#rel-ec2-master i-055993d3c4412001c@us-east-1b@dxedge-app-us-east-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 03459223-65cb-436d-a88e-4f9171ceec97
beacon-iad3.rubiconproject.com/beacon/d/ Frame 702E 43 B
227 B 222ms
28ms Image
image/avif 2602:803:c002:300::36
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-iad3.rubiconproject.com/beacon/d/03459223-65cb-436d-a88e-4f9171ceec97?oo=0&accountId=20884&siteId=439790&zoneId=2524990&sizeId=55&e=6A1E40E384DA563B79DB8C0973A11FFF69541C6F39E4EC003BB59FE2B4CF98E5F58C123D78C513AF531DF96EB190BC017E9407B9AA8219989470015D0D83109A65D526DDA1F37A0349A4D5289E6FB05D293BC4FB2B9617DC5F8B706BCFC491273A5A217D874F4CE29E21D797FBA67262A487001C20827FDB04303F356A9175FDBC7563EBF67C5EA7882E7E659025382CA574F01A8D37877B5E0F970957AADF808CDE26324DFAF831CA2F7B50A4398B2F76E747A35D71D90DCDA10306204D320B

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c002:300::36 , United States, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:29 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C496 24 KB
6 KB 21ms
13ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Nov 2024 20:45:18 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame C496 24 KB
10 KB 33ms
28ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a91cc53d98054493697f3fa81e2fbefa695bdd4e122524bf59e57d50719dc42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10246
x-xss-protection: 0
server: cafe
etag: 12324758957409740054
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C496 195 KB
61 KB 48ms
43ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62828
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3505 24 KB
6 KB 20ms
16ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Nov 2024 20:45:18 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3505 24 KB
10 KB 57ms
54ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

915a4f4841a2fc128f33bac8815a6b9e041a16a07e328aa6c22041167cb31987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10241
x-xss-protection: 0
server: cafe
etag: 5641402966499741169
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3505 195 KB
61 KB 68ms
65ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62828
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 019D 24 KB
6 KB 19ms
17ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Nov 2024 20:45:18 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 019D 24 KB
10 KB 80ms
79ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a872bbbb6742e0d8756d7e5c7ad9f117ea78f7985fbbd6861adfced3648fd774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10183
x-xss-protection: 0
server: cafe
etag: 753930000383727430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 019D 195 KB
61 KB 95ms
93ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62828
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 702E 0
0 113ms
82ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0sJY7zIUuaTfFph8aT17XhtMVqbtUn3AjLRrwnIhrfSqVl7yaU2P3ps-cc0k4c45GiWgIxUGbIb6e-xOvHs8guUWlI78FmGtLqZGLg2W1I1lskWMptMcLNFKn4EJp9JvC9iJMZysitAX_-N3h30M0SxuYEkKr2ffw2CuzZA0rxln73_HyCZIUmvSWiB4fZpa579mozA7cWUQm99C46VxT9I9KJhB8zbSNre8l-EGbhxY-S2h39rDtPJX6x2ObkMlCSKB8ZR8eR-JdAzf0cpesNInVV720HL0rP3tBtBS5Pmc-UtG1CeQzbLGy19_kMdPb1gABdL5v3JCcPi7XBVVQ5enLsqNKEmE5oeCTCMSOVR0m2CbVTgkFz52ydLimw9ZUkfU&sai=AMfl-YQ2GllIgTwrJuW_WKO0N3R7MAjqt7uMt4Xjts7wuhe4JXS0ljoI2E7-Rk1I6Ylyhe5HTWokoIZE1vs2F2XIGHL5APPh--6FEqR6J7RVZSFBGgq2W6U8y2RQbhEHtVcIKs4SeAyS7d8gLPBYtD-NurU&sig=Cg0ArKJSzCdLyrOzIkWzEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Nov 2023 15:23:29 GMT

GET
DATA 200
OK truncated
/ Frame 702E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d1ceb94e880da6a9d0d5dbc9bca2163e767f3eb9c4c9a6583a2ce64255a83cd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2E35
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
47ms

Document
text/html

2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:23:30 GMT
expires: Thu, 16 Nov 2023 15:23:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:23:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4B6 0
0 108ms
107ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrqaPp4b1B-oDQfOU9QDQjU0LnID-zoaEoJXpdVsu-nPko8iKfhb2tj1yS74Li1TxJ4DVlPcsJXS-YPb0tMedhZsVMSUV-wiLMelakN770vspgF15YsQSnnH-R94oV3mv2CkkoM7gmfMplyjitazn0_p40_6VrjiSq9fuWgKZVAM7DBWJbAVqjfir2BZHpFvGV7i4ISiAxdEdJVCC8ZNjhl8GQ-vpNx6OdPkrgzTSsAgaX6jR7amj38mbyZDLDH7u8O8HlkLgRaPL88GvS0ZmARgurUrhPpx9Z4VpxY29azxVznDEvEJo5Khb8cK87ITTfQvrSwg64B0kLU-49h4AhId5euQ-MvQ83FYgbgrQ0BkmFYFuCsWB_mzEcfUTx3L5g6q0DWVzXNC9u5w&sai=AMfl-YQ09nw9_7LvBN3lqw1rd33aPpln-xDhlPzyd_N0PV74NcBrVW9nQUT4TR758zEhBLM-5CQiTk8fPAg0RRZOgsIw7KO132HcVE7pcBhjsuXDJFTsAK2oSqhyb7NpIcyfeFKrJX2OnkK_LgPG36uJtdQ&sig=Cg0ArKJSzBkBjbQRH2mzEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Nov 2023 15:23:30 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7F94
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

57ms
57ms

Image
text/html

2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date: Thu, 16 Nov 2023 15:23:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DBD8 46 KB
13 KB 8ms
4ms Script
text/html 23.203.105.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=na&co=us
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.105.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-105-107.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 64f168455859b28f4a27d3f9c07063c7011cb6b4ab0e75dbad02869067884b8d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=na&co=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:23:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Nov 2023 12:56:22 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=77558
Connection: keep-alive
Content-Length: 13230
Expires: Fri, 17 Nov 2023 12:56:08 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3505 0
0 86ms
79ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste0j_BYS6lqk_HeoquXl3JwxWoApo11oG8gJFFwqNHCNIfydyUeCmIcMswp629J8tnvlpqfqMqS1yxn7Qj0fl2CcysxVIDSY8ddswkWLnkST-0VZZS0mAnAnKGGWOfI7uw9g3IbkKVrZa7lhV0ofOoQgnJoWSEVpSImakAbgdrWB0mlY1NzgqXZq5aOeJ476GkBKtHW-yIrXfHFkUX29Q53l-OlkI3LP-ZEXzyav8ArrAavA4aGlnMeq-Of8nz0Fa1bJdn3er6_PKIhnTLh04AWzG_ATyTR3clsYkx11DDW4mOrylHv7YCsbjNW6GfN7Rql4qb39trcYwWA4sGPcAl0J-R5hSx8LSjsF-YIGjoVv_XMcu4itPUUE0e3hc&sai=AMfl-YTC9pQS6TR3u3FWQWiQpWWHf9Z2RUtBxLJzeLeECDL7wFWTIHQubOAVVjNJ1UCc_0Ou2g1uskIFqBpwTgQgzqHdwYGvNqn-KsMY2fnvTWrz9CdzOFCY3gRs9Hw7N2N59fBV3FVExChqif5k8K6IOh0&sig=Cg0ArKJSzAz1VwxDBSkbEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3505 150 KB
51 KB 180ms
173ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729193687b34515324d1c9020777b3d86b9f42d1fdbcb5998824944c601bcd54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52666
x-xss-protection: 0
server: cafe
etag: 11796332636468626065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 019D 0
0 84ms
83ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEHMSnxud7nIOiDEcLLxAFPEkm2A5aZ7KTWcz7vka_sFlUGorfugtgIH_P2LklWFOo2zqtdDW9YIeFOxGAF5jmdVRiACloZTye2tBR9kI0v7nUTQKI69MGgIEqICPuZUMFhK98FZqtCgzPEUbBmqzQVX2MqHruBMgXZUnT2SztVB6XH_OAwSkViiBd9zlt9L91rqqGp90rdv07ouDaiOqp7mFcBkbwnBAtx5BmJ_vRYDcGM5shdDNOfd0oPE264aqsd0fdc5-sIZt-vqfIrG90okFmUWKwuXwMqbRiUIxtrOjM68RYm692aPC4GMGGDYKPm_4ytAtEtu5KliXt5E8_RiEHtqI66WqqRdGGFVs_WVP5H2fOsmP9vuaq4ig&sai=AMfl-YQzL4nzDUnhCgKHvnOjIHhdrjYCtnXZHKDV9SVsMJJpSEybeTHIJZuEUnN2Rqtdb65fqBU_PmpSHcU4J-ESf3yJYl-j-7GsXPMI_vyx-WE0DUSokSj492xc_nShONVZHdHCDrPGlcrMOt88mK_ASfs&sig=Cg0ArKJSzFeoPXF4kidpEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C496 0
0 85ms
84ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGymNdMQCQDf1_6E0JcLkbC3dKHfpVl0HYOQlevCj3i9zLI11hh2jZ4jFgZbTdRc85U8NkLMSBtRlHUeWEow2ki8IqguR5FdjRjhifPF1wD2u5dxmlUfIBOipWV9dsH75VQDUFyUJ5JKmzzsLQ-7ZsFs7UffmCsJxgdmu1-ZgDLdJkaO2_PZXV7mjM94PxaeekgitfIM10BGgac5FRVj6c2OE6O8Qu8jUduMbhY8FLrWgwfyLSD8Q5QjVHoziTKBpoPjlJeDkXJTO0wRdecdw0gTqmUVBoISDJtW6E0fo34sIt0168Ql6ZLGzfBjatSN_TqLJHM6i8G91CAzkk2-ArG0F86UDWyZZIIY2zbOhO0IDNis9BxwIYOgGj7FM&sai=AMfl-YRKIcvPOXQ_Hqrqcbljhq0RhFh_0SADFooq2TrfP2VM7K-pIG9x9lJgPBG8SMTVEBikaS8yiyr_e-nSp8Ze1rKyMw18ZMnMxF_kWn_7WoY5kSgOmWPJ65H3lTYWkCT-SDWqoKjUPQ6uuBK0l9mP400&sig=Cg0ArKJSzKR6k_QsEnXCEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C496 150 KB
51 KB 224ms
224ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5369907163ac4f204bd871d3db2537d401ac4bf2cb034da05bcc0af1271eb5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52632
x-xss-protection: 0
server: cafe
etag: 16808164148181876585
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:30 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 019D 150 KB
51 KB 211ms
210ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a13bba05bc65835222eb71040bba525c75e73845a2b3f10b7ccbe7fc35e130ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52667
x-xss-protection: 0
server: cafe
etag: 16297179189874648165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:30 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame F9FD 18 KB
8 KB 17ms
16ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.w55c.net
URL: https://cdn.w55c.net/i/s_XRf87ByLeD_XctsjabcveBG_1696965932533.html?&rtbhost=conf01-us-east4.rtb.roku.com&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&ei=RUBICON&wp_exchange=NWP&ac=WFNXOXFyT2xxRzpYUzQ1S0VoZjBzfDB8MHxVU0Q7&js=0&ob=1&ccw=SUFCMjQjMS4w&ci=XmbvfiH6oH&fiu=WG01RHFwcXVhTA&fid=Xm5DqpquaL&sd=captcha.bot&s=https%3A%2F%2Fcaptcha.bot%2F&ts=1700148208613&dvdp=i.w55c.net/dv.jpg&ai=0DkbXg17JP&tpce=&c=US&r=NY&m=501&pc=10013&rnd=2830509275131764&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=WGNv&dm=MU1ocWFxcHZ5RQ&l=fGVufA&ri=2ravM8&alg=TGcwMDA4&v=0&euid=NDNmZGY0OWJkN2I2YzQ3MTA1ODFiNmFkNzBiZjA0OWJiMWVhYWIyZg&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=QW1lcmljYS9OZXdfWW9yaw&sg=ckbgDtUkhQvEnRK0f7Gl9w&buid=Xdb4S64gzq5&bs=XiosL1mBqIPx&dv=MUxWSXJn&az=us-east4-c&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 16 Nov 2023 15:26:50 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame F9FD 5 KB
2 KB 68ms
10ms Script
application/javascript 2600:9000:20ed:b400:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=970&h=90&pos=&zindex=0&ci=XmbvfiH6oH&ei=RUBICON&ob=1&ai=0DkbXg17JP&dvt=&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&fiu=WG01RHFwcXVhTA&s=https%3A%2F%2Fcaptcha.bot%2F&abn=&ciu=XRf87ByLeD&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&c=US&dl=&dt=2dt0005&ean=&sd=captcha.bot&cip=&pa=&hmt=1&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&eridu=&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&dcn=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20ed:b400:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 191d4b07c4ff3e2c7cfeea67e1eb00f0.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 23:33:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: PHL50-C1
age: 229780
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: rEq_8PH20GjBQVF9mtS9QnI9dImNMrnLbBRwhm-6AkZkIPSTY5jZxg==

GET activeview
pagead2.googlesyndication.com/pcs/ Frame F4B6 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DAC 0
0 85ms
84ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoCYccFChhsFs-Z9xJn6CAFwpErgirliVsxIMV0UkiehRynuFPzd2QeM7gdJLQT1eIXdf4rly7mjE0dpdCqyCEFd2VEAjR9On4NNvCtMR_0VecznsXUmf6ggfLd-CewSRoMJ2jkxrePFl2ZLUoGFL9_b9wRVIXyC6zV47wJ4_d1UQKYXsoqEo6uHsTxd_cfS3gwh9Yx2U-wA4hNPMaAcbIFa-KiDsy2ELjA8ROi6ofdR_BbF94r9RnFqi-Au-ilbDS9NXfObPmZXOVDXJUqBhpH4wBWeu5TRb0qtEUQ_kHYdzcXk6Ri08HSbWj7M0XJeI2CGcCL0iiEtkMdnuJHGrSlFLIiojwEKpNtRtXYj3a4MGu4Vaqfo-WPb0M3w8jNP8jVkmmbKe5FSI&sai=AMfl-YShPu0DxRcM4Zrw_MKfGRk7Tto-TGQwEWRwZ0pRNMUuU94_Ogu2jQCoZeeG1s4U2Z9fVkL-18hmw32w58y5wqWi9-3YMn5ai0cRkdFGHzX_kbgJlRyC7AYRyasGMw&sig=Cg0ArKJSzFOxiw4MOZQOEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DAC 195 KB
61 KB 36ms
36ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62828
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:30 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 157 KB
47 KB 290ms
289ms Fetch
text/plain 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2972673244638772&correlator=228965415457787&eid=31079659%2C31079670%2C31079657%2C44780988%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Cscrolling_sticky_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=468x60|728x90|970x90|970x250|1200x90&ifi=9&didk=3802411025&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D46bc5e9458bf6f55%3AT%3D1700148208%3ART%3D1700148208%3AS%3DALNI_MbIJYE-JKAAMrCyQrBxKQ-UMyNMDw&gpic=UID%3D00000a0053d5c6ac%3AT%3D1700148208%3ART%3D1700148208%3AS%3DALNI_MZu1Oz511-cDZ4fCVwbtKJ8OrNGog&abxe=1&dt=1700148210346&lmt=1699676384&adxs=800&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x-1&msz=0x-1&fws=516&ohw=1600&psts=AOrYGsmzTUZIvfN6iqrGRNqK91FkNnD6Kewtw11F-75YiYeCO7FICCTEmeISiehFktV1NjvPzTpjR5zNDumPbeAxNnU5-KsC4vIBFTk%2CAOrYGsmdGDm7W07vuVzPP-LSCeRket1sqN8VupqjSCVZJG7UpRxR2bQmLS-bELkyw-EEUEhaENqtGxa9xJlNNr5U1OTM_vawmiQ%2CAOrYGsl28t0dSUBLbM-TuixCRH7gGM57jYM1vW7OAzbXJWCRD50D13X4cohz13fsHrIfdBCslJJPHpa47BI9pOZmE2z-cYpuziM%2CAOrYGslbfMLpMo25aWcI34-6bTPmGlPgJ5Jrjc49AweOCkOgVLyKBNJ9Ake4SV4eam73298L3uirMgN65ozpD8xYuL9ecwk62mk&ga_vid=1030093738.1700148207&ga_sid=1700148208&ga_hid=560816133&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjGx-vFvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj2xevFvTFIAFICCGQ.&dlt=1700148206290&idt=1097&prev_scp=is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26cmp_allow_personal%3Dtrue%26cmp_determined_ms%3D3000-3499%26cmp_gdpr_cached%3Dfalse%26cmp_jurisdiction%3Dnone%26cmp_load_finish_ms%3D3000-3499%26first_zone_ms%3D2500-2999%26fuse_industry%3DIAB9%26fuse_loaded_ms%3D2000-2499%26fuse_path%3D%252F%26fuse_profanity%3Dfalse%26fuse_publication_id%3D5%26fuse_site%3Dcaptcha.bot%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26gpt_auction_start_ms%3D3500-3999%26gpt_ready_ms%3D2000-2499%26hb_auction_start_ms%3D3500-3999%26in2w_key%3D6%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D1%2C1%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx1515%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D1515%26in2w_key8%3D5%2C6%26in2w_key9001%3D2%26in2w_keypm%3Dfuse-slot-22856109504-1%26inskin_yes%3Dtrue%26prebid_ready_ms%3D2000-2499%26testmode%3Dfalse%26uam_ready_ms%3Ddisabled&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D2000-2499%26PREBID_READY_MS%3D2000-2499%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3D3000-3499%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D2000-2499%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26GPT_AUCTION_START_MS%3D3500-3999%26CMP_LOAD_FINISH_MS%3D3000-3499%26FIRST_ZONE_MS%3D2500-2999%26HB_AUCTION_START_MS%3D3500-3999&adks=3743414737&frm=20

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6707a3c68df726150faa7897909a1052309a6d021c0c699d1261a0a0945f10e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47929
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3505 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48bed48790300a86a8b38be367b9fc7e124007d87d3ae1a1b5f9a05349dcf9a5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7F94 0
0 87ms
86ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDJwy8DNWZdqlNtvSjvQProqp6Ai40Y2edJban9LsEbLnh-mTDhABINPLzjBgycapi8Ck2A-gAf6E1ZApyAEBqQIpN_mFyi-yPuACAKgDAcgDCqoEtwJP0EPifAyHoic_-lGIpyj5E1hPMM_K9D2R9bUG_VHXIVpMRZfWiTXXQJ5uhNrIgYUrpSIgM3S1UY1ihge_U46sldpOHnYubpM1zrj4Fil5u9ffQVEZRPwwVYIVVILK0CJc9RIeWFNG7xCSdNoV9WNleuqm4PlfPkSlLMSbDZnO7ABtkkT1bZkUZzqqEKrFn3e0aXsVMmWPa-loD2bxtiCOlmZNWSAuzhJOErzR5jyr3__sQ2iFRIOjtyRhKH80MpCjWmS55vMO2KtzWzx2KTDiRVWraLfTDZl1ib6g5UP5MYpiIURCtc_U4TxUdI0mIESOQTW4bGWVXtymVTw37Emy8f8A3Rz4AtFV4QkWCXX2E2TyijkjcAKKWXF9PRa50iAIsJQXE5SLtJvMhNHn-mgp9uCndNQt9sAEuNC59dkE4AQBiAWwydaFTZIFBAgEGAGSBQQIBRgEgAf-vKXwA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJTcHtIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkbaHR0cHM6Ly90ZW1wb3NlYXJjaC5jb20vZHNygAoDyAsB2gwRCgsQ8KKG5s3hw6DQARICAQPiDRMIn-i00OnIggMVW6mDCB0uRQqN2BMM0BUBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=as_sgu3_yQQ&uach_m=[]&ase=2&nis=5&cid=CAQSTgDICaaNn_ENZ23K86C78wlLHrtSZt3usUpsCsJKdX_6_Hk8Af0IcimSNJGlrnVKyDOCMG6sLM4P3mxDVxRffTVKp90pUJ65MwwbivS48BgB&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame DBD8 7 B
790 B 1260ms
128ms XHR
application/json 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
Expires: 0

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame E98A 38 KB
15 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 17:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 17:06:45 GMT

GET
DATA 200
OK truncated
/ Frame 019D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26f0552bbcdf57b802dc4fb481f0623f6bad3129c35da64310e5c50ef1d44a9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame F9FD 59 KB
23 KB 14ms
13ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 20:59:46 GMT

GET
DATA 200
OK truncated
/ Frame C496 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b45b26a597954e058c5af5f2e15ef7e315bd4571dbb86241fe47cd5395744ca

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DAC 0
0 79ms
78ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseptWMEdnxNZpWEZVV8MMXl4UNhkpigw_9nnFhv_PvkxbgSNpOFj9W0G5zbXDLotM5nwx3lL8T8C6GVOtFZjca6IR1Vv-ZMvNmRTT14VKxR9OyHarvFu4pfQoT6nZKo2-no3hR0BHTX8UzxbVpW4Qu7roCTuCjUnnj1YOuPSwUv-21KRswtYS80bBT11q522KAVJDHWqykCceYRRj18pJJaTSnSQgPegI2xVtoGV-d5DGaSiMZ3rwLIz2nqmFlC2p_XI3GoalVf27rBnkqAasBmNgcH58aAt_ROmFrzPHCcTVS9SJXj6ae2hGDt9hhnyQfx7MT_j79rhcXrqmMkRHQ5y44VjOoPUPn24Js4RkbsAOjlFFKv_6wci-xA6Y2FtERfMHfUNS5B10bPA&sai=AMfl-YS9z33CsLPq45osMGszW8OE1ikNtUbdwp92pP8fMRlQnyw_4_H93CFhvkO2-5moPimyLAJ5emkhZNazAnBrHFW2ZOUtxa3F6DDeVME1HZA5kSvPcM9AzFlVZgzfag&sig=Cg0ArKJSzBdkrNGEKS5IEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Nov 2023 15:23:30 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame 3505 400 KB
135 KB 75ms
74ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f69294cb3228695da3ba9b677db613089da1f680cc7daba635881b6e6554af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138484
x-xss-protection: 0
server: cafe
etag: 12696593722970998856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:30 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame A645 9 KB
4 KB 14ms
14ms Document
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 78821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 17:29:50 GMT
etag: 16674218716276178799
expires: Wed, 29 Nov 2023 17:29:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ Frame C496 396 KB
134 KB 108ms
108ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1206a0fff7f8e27074b00ac3c9abece94df9312c7aba4ad8c8b44666f141c3ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137152
x-xss-protection: 0
server: cafe
etag: 2671794590518573610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:30 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame 019D 400 KB
135 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3d1a7e5a7458fab350938e5d27ac4a5715e3c27e00e4d0287e406721cebd8db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138491
x-xss-protection: 0
server: cafe
etag: 2031640218591517695
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:30 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7F94 42 B
64 B 67ms
67ms Image
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuc3iOfkQ1Y3SuZj5EReVdUnE_kmfoFEgecPnYDA4DeyMSLBrbY7JRUEetAjIbJ_TIBeLcVKHFMTeWj86bEKgJJartnVncwzNAZAA4OlHMPebYXBbXRPy3s_fEv4xMKrjPxNP5olRWyHw&sai=AMfl-YSMzjh7j7XxrtV5s9cw8WcVCYnZ7yWPfSFtvMqfT7qifw_0u4exkEF9OXM2nXnIEY3TVn6jNZF-yTiTSILTo5dPGHMHAdpcCNnk6pqn6Z4ttz4GFKksamjiK2fNTj-REgbKG1jJ4YTYeD0SECQZ&sig=Cg0ArKJSzI4VIQT1YXw4EAE&cid=CAQSTgDICaaNn_ENZ23K86C78wlLHrtSZt3usUpsCsJKdX_6_Hk8Af0IcimSNJGlrnVKyDOCMG6sLM4P3mxDVxRffTVKp90pUJ65MwwbivS48BgB&id=ampim&o=315,140&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=735&tls=1736&g=100&h=100&tt=1736&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 6DAC 0
0

GET
H3 200 container.html Show response
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D70 6 KB
3 KB 18ms
14ms Document
text/html 2607:f8b0:4020:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:23:28 GMT
expires: Fri, 15 Nov 2024 15:23:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 durly.js Show response
c.evidon.com/ Frame F9FD 4 KB
2 KB 82ms
5ms Script
application/x-javascript 23.44.111.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/durly.js?;coid=292;nid=2532;ad_w=970;ad_h=90;ad_z=0
Requested by: Host: cti.w55c.net
URL: https://cti.w55c.net/ct/creative_add_on.js?w=970&h=90&pos=&zindex=0&ci=XmbvfiH6oH&ei=RUBICON&ob=1&ai=0DkbXg17JP&dvt=&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&fiu=WG01RHFwcXVhTA&s=https%3A%2F%2Fcaptcha.bot%2F&abn=&ciu=XRf87ByLeD&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&c=US&dl=&dt=2dt0005&ean=&sd=captcha.bot&cip=&pa=&hmt=1&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&eridu=&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&dcn=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c54eb47c8ffc83c5ceeff7a5f3bb3544c4eec6c92091f3ee37f36ab36b09fd88

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:31 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 17:00:59 GMT
server: AkamaiNetStorage
etag: "dfc6274d1706a7345478409711bbd93a:1692723659.506965"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1606

GET
H2 200 cms-2c.html Show response
cti.w55c.net/ct/ Frame 8967 52 KB
12 KB 12ms
12ms Document
text/html 2600:9000:20ed:b400:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON

Requested by

Host: cti.w55c.net
URL: https://cti.w55c.net/ct/creative_add_on.js?w=970&h=90&pos=&zindex=0&ci=XmbvfiH6oH&ei=RUBICON&ob=1&ai=0DkbXg17JP&dvt=&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&fiu=WG01RHFwcXVhTA&s=https%3A%2F%2Fcaptcha.bot%2F&abn=&ciu=XRf87ByLeD&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&c=US&dl=&dt=2dt0005&ean=&sd=captcha.bot&cip=&pa=&hmt=1&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&eridu=&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&dcn=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20ed:b400:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

90344adeb8e502c0a5582900ed8480f49e834970830b5f7fccdef17f68cb75fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://cdn.w55c.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 229847
cache-control: must-revalidate
content-encoding: br
content-type: text/html
date: Mon, 13 Nov 2023 23:32:50 GMT
etag: W/"31617dfb523a79d899463679b126cece"
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 191d4b07c4ff3e2c7cfeea67e1eb00f0.cloudfront.net (CloudFront)
x-amz-cf-id: dsc3hbIRkikmLgwB7VfxwmTn-1tm0QspuDZ48DdHyeqEkKFIOTUrbQ==
x-amz-cf-pop: PHL50-C1
x-amz-replication-status: COMPLETED
x-amz-version-id: A15NsXZXRtcdiNLRKl5wurbKu36icykE
x-cache: Hit from cloudfront

GET
H2 200 css
fonts.googleapis.com/ Frame 5D70 14 KB
1 KB 36ms
35ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 15:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 14:40:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 15:23:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5D70 2 KB
822 B 14ms
13ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:55:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66472
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 20:55:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5D70 23 KB
9 KB 14ms
14ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 20:45:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5D70 3 KB
1 KB 16ms
15ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 20:57:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 44BB 1 KB
643 B 6ms
4ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 34890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 05:42:01 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 05:42:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5D70 20 KB
8 KB 14ms
13ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 20:47:31 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 5D70 225 B
250 B 16ms
14ms Image
image/png 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:45:19 GMT
x-content-type-options: nosniff
server: cafe
age: 67092
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Thu, 16 Nov 2023 20:45:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D70 195 KB
61 KB 45ms
44ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62828
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:31 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 5D70 37 KB
15 KB 13ms
12ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 20:55:46 GMT

GET
H2 400 data=9a9HNZdiJVpu3L7bUN318jvG-VF6AuCJNbHfJe4MN5IRtb5PzEZd7S-cEosq5pl_M0NWbGFVCXQPVDnOvPTosMtNGEkyoAFLUcK3Ks_2fuLJvhLE7O484C1r
mts0.google.com/vt/ Frame 5D70 0
0 85ms
38ms Image
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=9a9HNZdiJVpu3L7bUN318jvG-VF6AuCJNbHfJe4MN5IRtb5PzEZd7S-cEosq5pl_M0NWbGFVCXQPVDnOvPTosMtNGEkyoAFLUcK3Ks_2fuLJvhLE7O484C1r
Requested by: Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5D70 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5D70 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 019D 0
0 83ms
83ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvD3uKVU-NkOw7EFVyBV1NIK0NzqtEiY32V4HB2vTyP54qdnoo5hxCFEy6LAZRfeLkgo2uTo7YV76i_lA0iGNL3N9ps5z_88slo8TnDKRCfqhn8G5Mpw8yBPpZwrpSPRru9YMS0dfPA55j21KrFdtEncI_8-ZNqGXOjEP9Jp2L3065H-ICmv8f9EJ1WOXrXtNu3SOdEg4OpgfhVjNsIMVkUTojGEmQqaXfSgaj98qHbitzUfhyFlygsNqP4xzEF2vOeKrqg77jtuLAChbqsKRhKqskg4fzfCpdZ4gQziZ9r7FqJXzwk8-q0zpxDBrGtkLlfCb2CeFtATDPb4GTX-HKpmyeU3HQuteB4S_uUMRW59z1mUSM5j4BgZFLtZhTA0A&sai=AMfl-YT184PRVCk1BIX6qlE-3s3-YYocB1srKwfnuW_WWamDZ79WWONtBdBMBS85UOc-OvkjLlL5XZ-0ZdJ5L7GtC4XyoylLccGQq2CeGIwkEK35XBF53oHxCl17QCy7mEiKiIL-DEI-scQU7tt-YxZsF1w&sig=Cg0ArKJSzBaitX1dguEzEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Nov 2023 15:23:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3505 0
0 78ms
78ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssv2GFJx1H9YyLXJA4TpFflH31SLidcMYAoJlFPocLkQkITtE8X39iFmJcPslNH0mSX4fN8dzG3Eoy8n6hszGiJ5GgF_2k8YoWG0OwpgMeFdA4DR1iDI0v_GHyQB-tAF2oVQiFcnrZwGpp5DqJltdeyP-MVbFrI5G8MtfitwYOjwHjNgJB24Te1mo2XYuJHvHNdaZP_b5WWep-CC-UY9XFupm2yMoMojxu5Z9ZleS-YdFoN-LyW6CD2NaInNbJInxczsQo-QHPjkBpVxlSZz9WerOjvB4TsyygvEOE3jLn7TrtTxTvWxdsuVQ7lLujyZBdRjTipjrH0uZh-y8aqT2NAE9lnxhUX--_2ddwonrQ_GoAh1hkFbZnLODGUjakNVw&sai=AMfl-YRRGa8xRk6AoVulFq11BjinmeYU_K9ot3rnMufyMBASeaExUanNUoxpQAWo76cqVKSOMUZZ_y5FW0wwEL3eCCcFJ_IOiTQZoZq5Qz7vlc51eD5QBNk3kIKpC6Mf5nBSAoWC-ZVs3zjDwBiEQzKcwJQ&sig=Cg0ArKJSzHqnnkFXXgpjEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Nov 2023 15:23:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C496 0
0 79ms
78ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuV3OZAG0bw9ahFX-a89-K0LSfs675pIqTu7LHBmHovACIdcP2cjNUy92g7VFCPvMPS7XtI15ezTrXCpt8Cbd5lD-6cjQ0hGnxHidzXBU9h8tLuqxqJVTvEIjR_zdO79lnxCAvAkhmwK3eupLrjPM1XdN5DRnw3sxz8I63W4lZwEY_ZsPszZFv3mUYXXevO-nzxNRAYNkcdQ3DNvaSpORjZ_F4pj8WS4TQgv-FfkXuv-jZ4Q157MDrWDVmx2WsWXTnLruKJjetPpjUT0_CxxQPxPR9PJFhs7N1MaG9JCPXLd4ZUWNJ2ygJciuDE2cYOsaS_7lUQgZB25tiq5Oc5EL30zW5jil5gsCBpC41ZX7_8nveQ9Gpzdq7eZ7Zck8Ta3Q&sai=AMfl-YTC3dUCZDbXjE7oVq7gQf2IpjvOePmTp7pHtKB08iW-O-Qe3_1nGwUP2nOM_mp6V6WWOcmxhuoU123IgEQmTg1Ua4mthuUuXnHbXY04V2Wr3GxatDpmGH1vmFgA6sElQXycesP--Wmh3lP8tOslZdk&sig=Cg0ArKJSzJe4f9zCD4BcEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Nov 2023 15:23:31 GMT

GET
H2 200 cms-2.min.js Show response
cti.w55c.net/ct/ Frame 8967 8 KB
3 KB 33ms
33ms Script
application/javascript 2600:9000:20ed:b400:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/cms-2.min.js

Requested by

Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20ed:b400:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

60dc3bb507df5e166862248771d6a0c2597f7dd318613c7c4478c9faeba80840

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: e7Zq2fuNOK8tsl7ngXs7K19L9fD3QcT1
content-encoding: br
via: 1.1 191d4b07c4ff3e2c7cfeea67e1eb00f0.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 23:32:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: PHL50-C1
age: 229848
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"93910b779f850309b648ed6cfd843be6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: qhPffecG8_zHOLuYaDthxdWJ9N7EhEW3Sex_VJfAV3e8qAHRwem4jg==

GET
H2 200 dpixel
cms.quantserve.com/ Frame 44BB 35 B
463 B 44ms
10ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOyTmlQcYaKjzKGl5e5Dyjs&google_cver=1&google_push=AXcoOmRX164z6-L5FT8D7HQThsWBvJoS0aZqixrS1JDQZBplbt-q7dcsJApFsA_MAYWJ6eEZTQvCoakI9bGDqdHeOEsWseTcdESUDQ

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44BB
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHWGe4BEFuoy6BXFYT1DPHk&google_push=AXcoOmTKAS0v09fLIqm2lR8dy08IKeIqDOT51W6kIWewsc4WnmAVb_BDEP...

170 B
188 B

38ms
37ms

Image
image/png

172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHWGe4BEFuoy6BXFYT1DPHk&google_push=AXcoOmTKAS0v09fLIqm2lR8dy08IKeIqDOT51W6kIWewsc4WnmAVb_BDEPZJii8yChSbInxI7Z6aSjYPk9qlItdv0O8cA7utU5FGNQ

Protocol

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-lga21921-LGA
pragma: no-cache
date: Thu, 16 Nov 2023 15:23:33 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1700148212.719936,VS0,VE1932
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHWGe4BEFuoy6BXFYT1DPHk&google_push=AXcoOmTKAS0v09fLIqm2lR8dy08IKeIqDOT51W6kIWewsc4WnmAVb_BDEPZJii8yChSbInxI7Z6aSjYPk9qlItdv0O8cA7utU5FGNQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 44BB 43 B
641 B 593ms
171ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEAO6uUapFGSBTBse1S_n_IE&google_cver=1&google_push=AXcoOmSxMFrG6wNC0JGL9xX46qgt4kaWDTfi4G_aIoylPjoCqxTgsxUcxaS0YM8Lb0Jfbe_50ZJGBkJXm-6aITP4VhbHvc3s197VWA

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:23:32 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 44BB
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQiFQmvNJ-09NNaQ6TAqF-jCM3-auyAYW8x4uJt2Z_QaYhKryvs3wsYMWrgYqdimajJZSLvi19rjR...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQiFQmvNJ-09NNaQ6TAqF-jCM3-auyAYW8x4uJt2Z_QaYhKryvs3wsYMWrgYqdimajJZSLvi19rjRsQZwavMK_Y01bX6x8&google_hm=5338f273-4bc0-4612-a52...

170 B
232 B

72ms
46ms

Image
image/png

172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQiFQmvNJ-09NNaQ6TAqF-jCM3-auyAYW8x4uJt2Z_QaYhKryvs3wsYMWrgYqdimajJZSLvi19rjRsQZwavMK_Y01bX6x8&google_hm=5338f273-4bc0-4612-a525-3b8fad1e3d4e

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-132
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQiFQmvNJ-09NNaQ6TAqF-jCM3-auyAYW8x4uJt2Z_QaYhKryvs3wsYMWrgYqdimajJZSLvi19rjRsQZwavMK_Y01bX6x8&google_hm=5338f273-4bc0-4612-a525-3b8fad1e3d4e
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 44BB
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL_9E0aS4784q8-JnwC7zBY&google_cver=1&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL_9E0aS4784q8-JnwC7zBY&google_cver=1&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5gyY05wkFy7jLA&google_hm=Hqp7iGZHKQ-vjOoIRYWZ...

170 B
232 B

43ms
39ms

Image
image/png

172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5gyY05wkFy7jLA&google_hm=Hqp7iGZHKQ-vjOoIRYWZs8mP

Protocol

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 16 Nov 2023 15:23:31 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5gyY05wkFy7jLA&google_hm=Hqp7iGZHKQ-vjOoIRYWZs8mP
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 44BB
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMGNNs6_kk_Bt6hoQexm2vM&google_cver=1&google_push=AXcoOmQlO0aQQsrV1P_Leh58cnJnTCUsde8sX6iK4RGRZ8BSaHdUO4qtoa3dmX8NpHn0lYYlm_A0QATKgzLeda1o1ny3ygy--B7J
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQzNDEwOTgzOTYwMDQxMTA5NjYyMQ%3D%3D&google_push=AXcoOmQlO0aQQsrV1P_Leh58cnJnTCUsde8sX6iK4RGRZ8BSaHdUO4qt...

170 B
329 B

48ms
45ms

Image
image/png

172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQzNDEwOTgzOTYwMDQxMTA5NjYyMQ%3D%3D&google_push=AXcoOmQlO0aQQsrV1P_Leh58cnJnTCUsde8sX6iK4RGRZ8BSaHdUO4qtoa3dmX8NpHn0lYYlm_A0QATKgzLeda1o1ny3ygy--B7J

Protocol

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQzNDEwOTgzOTYwMDQxMTA5NjYyMQ%3D%3D&google_push=AXcoOmQlO0aQQsrV1P_Leh58cnJnTCUsde8sX6iK4RGRZ8BSaHdUO4qtoa3dmX8NpHn0lYYlm_A0QATKgzLeda1o1ny3ygy--B7J
date: Thu, 16 Nov 2023 15:23:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 44BB
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELw4bpZz7t5KjIBnm1cfcH4&google_cver=1&google_push=AXcoOmRl2u6dQYqWYu7qXQ7cxfFThF4FBJSHDolXPl2jR-V_JR8KFPEnmPPxtQURgq...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRl2u6dQYqWYu7qXQ7cxfFThF4FBJSHDolXPl2jR-V_JR8KFPEnmPPxtQURgqIoKrt0MLj5GySRF-23tam9mscEie9hMIK_dw&google_hm=e...

170 B
232 B

46ms
45ms

Image
image/png

172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRl2u6dQYqWYu7qXQ7cxfFThF4FBJSHDolXPl2jR-V_JR8KFPEnmPPxtQURgqIoKrt0MLj5GySRF-23tam9mscEie9hMIK_dw&google_hm=ePUJvIu4RDih7t-G-ODOVYQ

Protocol

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:30 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRl2u6dQYqWYu7qXQ7cxfFThF4FBJSHDolXPl2jR-V_JR8KFPEnmPPxtQURgqIoKrt0MLj5GySRF-23tam9mscEie9hMIK_dw&google_hm=ePUJvIu4RDih7t-G-ODOVYQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 44BB 0
139 B 119ms
44ms Image
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ii8pmneqlmADDYYWxEdsAp9eH6eKP0IqTOnD1FQ5_6SolDFS2QNlzhF3MNXAJGHBiEzqm_LA

Requested by

Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 ba.js Show response
c.evidon.com/geo/ Frame F9FD 41 KB
12 KB 11ms
10ms Script
application/x-javascript 23.44.111.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/ba.js?r230822
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=292;nid=2532;ad_w=970;ad_h=90;ad_z=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 51f4dc64108e838c8879494af7e51ff28088766f95b52b7d3444b1f4e0e77d0b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:31 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 17:00:27 GMT
server: AkamaiNetStorage
etag: "8b29a624c1584b2233dc1351c2973536:1692723627.228193"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12427

GET
H2 200 4.gif
c.evidon.com/a/ Frame F9FD 43 B
326 B 10ms
10ms Image
image/gif 23.44.111.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/a/4.gif
Requested by: Host: cdn.w55c.net
URL: https://cdn.w55c.net/i/s_XRf87ByLeD_XctsjabcveBG_1696965932533.html?&rtbhost=conf01-us-east4.rtb.roku.com&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&ei=RUBICON&wp_exchange=NWP&ac=WFNXOXFyT2xxRzpYUzQ1S0VoZjBzfDB8MHxVU0Q7&js=0&ob=1&ccw=SUFCMjQjMS4w&ci=XmbvfiH6oH&fiu=WG01RHFwcXVhTA&fid=Xm5DqpquaL&sd=captcha.bot&s=https%3A%2F%2Fcaptcha.bot%2F&ts=1700148208613&dvdp=i.w55c.net/dv.jpg&ai=0DkbXg17JP&tpce=&c=US&r=NY&m=501&pc=10013&rnd=2830509275131764&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=WGNv&dm=MU1ocWFxcHZ5RQ&l=fGVufA&ri=2ravM8&alg=TGcwMDA4&v=0&euid=NDNmZGY0OWJkN2I2YzQ3MTA1ODFiNmFkNzBiZjA0OWJiMWVhYWIyZg&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=QW1lcmljYS9OZXdfWW9yaw&sg=ckbgDtUkhQvEnRK0f7Gl9w&buid=Xdb4S64gzq5&bs=XiosL1mBqIPx&dv=MUxWSXJn&az=us-east4-c&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:31 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2010 17:07:29 GMT
server: AkamaiNetStorage
etag: "65786c291a4603aa5150a1884452838d:1271351254"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: image/gif
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 53

GET
DATA 200
OK truncated
/ Frame 5D70 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c79e8606b6cce8b1d3d3fd72e2b4e5ab1a19bdc00501d407cbeb8d40c09d4a9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5D70
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CdvQ18jNWZZbKGdXFjvQP77GT8AWZmIuHdPnb6ZWDEmQQASDTy84wYMnGqYvApNgPoAGc9uDKA8gBCeACAKgDAcgDywSqBLoCT9D0DaTJy4aFrh-9xGHc-SbRW7nSIngvyfPE-eYJe7DB...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc909f52672c1a4800000000000000000%22,%222%22:%220x5233a0dbd4b9caa20000000000000000%22,%223%22:%220x27e157...

0
0

50ms
32ms

Fetch
text/css

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc909f52672c1a4800000000000000000%22,%222%22:%220x5233a0dbd4b9caa20000000000000000%22,%223%22:%220x27e157624c0fdb150000000000000000%22,%224%22:%220xda2ae78fab0a4e670000000000000000%22,%225%22:%220xdd2202203ef37c850000000000000000%22},%22debug_key%22:%222876871645714610428%22,%22debug_reporting%22:true,%22destination%22:%22https://pressed.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22962083612%22],%224%22:[%2211-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215129133991070806385%22}&andc=true

Protocol

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc909f52672c1a4800000000000000000","2":"0x5233a0dbd4b9caa20000000000000000","3":"0x27e157624c0fdb150000000000000000","4":"0xda2ae78fab0a4e670000000000000000","5":"0xdd2202203ef37c850000000000000000"},"debug_key":"2876871645714610428","debug_reporting":true,"destination":"https://pressed.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["962083612"],"4":["11-16"],"6":["true"]},"priority":"500","source_event_id":"15129133991070806385"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Nov 2023 15:23:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 16 Nov 2023 15:23:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc909f52672c1a4800000000000000000","2":"0x5233a0dbd4b9caa20000000000000000","3":"0x27e157624c0fdb150000000000000000","4":"0xda2ae78fab0a4e670000000000000000","5":"0xdd2202203ef37c850000000000000000"},"debug_key":"2876871645714610428","debug_reporting":true,"destination":"https://pressed.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["962083612"],"4":["11-16"],"6":["true"]},"priority":"500","source_event_id":"15129133991070806385"}&andc=true
access-control-allow-origin: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 87ms
85ms Preflight
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CdvQ18jNWZZbKGdXFjvQP77GT8AWZmIuHdPnb6ZWDEmQQASDTy84wYMnGqYvApNgPoAGc9uDKA8gBCeACAKgDAcgDywSqBLoCT9D0DaTJy4aFrh-9xGHc-SbRW7nSIngvyfPE-eYJe7DBssFUZdq1bkYDzbo9VOG2RC-3KT9y1j34OOJdpuhtqi-JQRnX1Mcu3GN4sIH2hgGo2BKlKv4r8RG7qd4qg2APydOgYqRa-imE1q9Kaa5bjgXu9qU03zyE6gdAQobbCXCDQFGE0UIorHkzLsI3AHjxlJ6H1Q5PjSpcFtyHFJD8HhFjE_ieFZN4Veo5SFKuUVE8RC2O35q90GA7MngDGq7ANxWoDQbRu9hsMcA9-rfG0aV1s8HGq3vEuRraknZr7szTPZ36_-jRk31KNrtLhU4MdPz_Ep_i-LsldwdFFhZ2hR4vMAxEHyhOX02KSQUHbQaSuvCgLEtdGm_voeOEkhLu2OxtJXYDuSkvAi4TFeSICM78sQN31jnn9XzABJGAn4DOBOAEAYgFvpfng02SBQQIBBgBkgUECAUYBKAGLoAHzImfNagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEI7wA9IIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkTaHR0cHM6Ly9wcmVzc2VkLmNvbYAKA8gLAZgM9KnA5cYE2gwQCgoQwNCRl-KrrsgfEgIBA-INEwj_npXR6ciCAxXVooMIHe_YBF64E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=A27w3mE-LRY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNqeMK65r53D-41zrzhfB14uhgprVqfT_Z8vOo6lz6W7cFLzzzMwnDZiOBbsm9TGC_JZ2KxbPvGAE&template_id=515&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 15:23:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200

match-result
tags.w55c.net/ Frame 8967
Redirect Chain

https://pm.w55c.net/m.gif?rurl=//cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=_wfivefivec64esc_&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cHNMRlN1Z1kxUjNFZGs1&google_cm
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEKLUgMa9XVAbL-k1ONyZ4k0&google_cver=1

42 B
618 B

46ms
10ms

Image
image/gif

52.45.78.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEKLUgMa9XVAbL-k1ONyZ4k0&google_cver=1

Requested by

Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON

Protocol

HTTP/1.1

Server

52.45.78.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-78-169.compute-1.amazonaws.com

Software

Retargeting/v2.0.30-795-gb641a57#rel-ec2-master i-0ba988f9abfc8bce5@us-east-1d@dxedge-app-us-east-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 15:23:31 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-795-gb641a57#rel-ec2-master i-0ba988f9abfc8bce5@us-east-1d@dxedge-app-us-east-1-prod-asg
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Forwarded-Proto
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEKLUgMa9XVAbL-k1ONyZ4k0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 384
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2964
tags.bluekai.com/site/ Frame 8967 62 B
426 B 175ms
106ms Image
image/gif 23.62.105.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2964?id=psLFSugY1R3Edk5
Requested by: Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.105.110 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-105-110.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 16 Nov 2023 15:23:31 GMT
content-length: 62
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 8967
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=47&external_user_id=psLFSugY1R3Edk5&gdpr=0&gdpr_consent=&expiration=1702740211
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=47&external_user_id=psLFSugY1R3Edk5&gdpr=0&gdpr_consent=&expiration=1702740211&C=1

43 B
339 B

20ms
16ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=47&external_user_id=psLFSugY1R3Edk5&gdpr=0&gdpr_consent=&expiration=1702740211&C=1
Requested by: Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfV%2Bqb%2Fo56hWA5%2BDvCCmw14UKXnpO5pAI5se2XY2ckTmsFpT4jFxr94d9iZlep80NZ6WA09wJmEZDf6YeVj4ByD%2BeuW87fxqIT9iQD81PjYA%2BmYUbF4b3E4WwauhSUXxQ5YC5AM93s6H9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8270bc53fa2d4391-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmoA10lQX76kPML9b%2F2IENREzud%2BsdlVic%2FgayU70425rWQ7ZalcR1KaMmOVXKRrB5SbmMQnBkUxHU5YIJ7Ub%2BCbJaTnpF9p0UBotIrYrPBjH5OcK298IeOpySAPxe%2Bd6h%2FXRS8DOb97yg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=47&external_user_id=psLFSugY1R3Edk5&gdpr=0&gdpr_consent=&expiration=1702740211&C=1
cache-control: no-cache
cf-ray: 8270bc53897c4391-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 8967
Redirect Chain

https://idsync.rlcdn.com/385636.gif?partner_uid=psLFSugY1R3Edk5
https://idsync.rlcdn.com/1000.gif?memo=COTEFxIaChYIARCTEBoPcHNMRlN1Z1kxUjNFZGs1EAAaDQjz59iqBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&rand=02707617
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&rand=02707617&expected_cookie=95a5f5b1-9e1e-49c1-9f32-dfb37c48377d

0
144 B

38ms
36ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&rand=02707617&expected_cookie=95a5f5b1-9e1e-49c1-9f32-dfb37c48377d
Requested by: Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:31 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5DD2E74AFD0D40F4830283777F3EF64E Ref B: EWR30EDGE0216 Ref C: 2023-11-16T15:23:32Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKRppAQfkVXGCulHDxxA==

Redirect headers

date: Thu, 16 Nov 2023 15:23:31 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5504708925AE4E4CA4631C1807A453EC Ref B: EWR30EDGE0216 Ref C: 2023-11-16T15:23:32Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: /db_sync?pid=10339&puuid=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&rand=02707617&expected_cookie=95a5f5b1-9e1e-49c1-9f32-dfb37c48377d
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKRpo/nduGiD5gbdf5mA==

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 8967 42 B
703 B 501ms
126ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=psLFSugY1R3Edk5&expires=10
Requested by: Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 86c92d2fca135435ceca5cadd19355a6
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 1
tapestry.tapad.com/tapestry/ Frame 8967 95 B
532 B 83ms
28ms Image
image/png 34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tapestry.tapad.com/tapestry/1?ta_partner_id=1011&ta_partner_did=psLFSugY1R3Edk5&ta_format=png&gdpr=0&gdpr_consent=

Requested by

Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:31 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

GET
H2

204

sync
ups.analytics.yahoo.com/ups/56554/ Frame 8967
Redirect Chain

https://ups.analytics.yahoo.com/ups/56554/sync?uid=psLFSugY1R3Edk5&_origin=1&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/56554/sync?uid=psLFSugY1R3Edk5&_origin=1&gdpr=0&gdpr_consent=&verify=true

0
121 B

17ms
14ms

Image
text/plain

3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56554/sync?uid=psLFSugY1R3Edk5&_origin=1&gdpr=0&gdpr_consent=&verify=true

Requested by

Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON

Protocol

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/56554/sync?uid=psLFSugY1R3Edk5&_origin=1&gdpr=0&gdpr_consent=&verify=true
date: Thu, 16 Nov 2023 15:23:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET sync
px.britepool.com/ Frame 8967 0
0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 8967
Redirect Chain

https://dpm.demdex.net/ibs:dpid=359&dpuuid=psLFSugY1R3Edk5
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=359&dpuuid=psLFSugY1R3Edk5

42 B
720 B

15ms
15ms

Image
image/gif

54.88.23.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=359&dpuuid=psLFSugY1R3Edk5

Requested by

Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON

Protocol

Server

54.88.23.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-23-27.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs: dcscanary-prod-va6-1-v067-07f4b616a.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: YOqr3LQSQ74=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-2-v053-01d318e41.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 8kvK7rU7Soo=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=359&dpuuid=psLFSugY1R3Edk5
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 setuid
ib.adnxs.com/ Frame 8967 43 B
848 B 46ms
44ms Image
image/gif 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=17&code=psLFSugY1R3Edk5

Requested by

Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
an-x-request-uuid: ac273279-46ad-424d-880d-b88fe8123022
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.181.234.132; 5.181.234.132; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 8967 0
337 B 90ms
11ms Image
text/plain 52.205.7.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=dataxu&uid=psLFSugY1R3Edk5
Requested by: Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.7.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-7-147.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by: beacon-n018-ash-prod.krxd.net
date: Thu, 16 Nov 2023 15:23:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1700148211
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 8967 43 B
636 B 87ms
3ms Image
image/gif 63.251.28.133
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=psLFSugY1R3Edk5
Requested by: Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.133 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 15:23:31 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1700148211798080-140

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 8967 43 B
533 B 50ms
14ms Image
image/gif 108.139.29.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9232829800&dx=psLFSugY1R3Edk5
Requested by: Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-114.jfk50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: JFK50-P2
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: 5V6of2irQ2X8VKOf1RULvEzalfG5rzSoH8gtpHhFY7h1K4V_MMGj8A==
expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 8967 43 B
175 B 78ms
16ms Image
image/gif 2600:1f18:612b:4216:d296:b4ab:44c7:4070
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDX=psLFSugY1R3Edk5
Requested by: Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:d296:b4ab:44c7:4070 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 16 Nov 2023 15:23:31 GMT
server: nginx
content-type: image/gif

GET partner
sync.search.spotxchange.com/ Frame 8967 0
0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5D70 33 KB
33 KB 22ms
20ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:47:49 GMT
x-content-type-options: nosniff
age: 66942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 20:47:49 GMT

GET
H2 200 2532.js Show response
c.evidon.com/a/n/292/ Frame F9FD 2 KB
1017 B 12ms
9ms Script
application/x-javascript 23.44.111.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/n/292/2532.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r230822
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c427820d10fd65f85b3f4165edd9586dedb7050815e868589fa5053427141ad0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:31 GMT
content-encoding: gzip
last-modified: Wed, 29 Apr 2020 21:14:41 GMT
server: AkamaiNetStorage
etag: "c7fc1b40bd9577a21bcb7652721eca53:1588194881.633596"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=600
accept-ranges: bytes
access-control-allow-headers: *
content-length: 730

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 08B8 38 KB
15 KB 13ms
12ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 17:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 17:06:45 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DBD8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBSJKKMS9_gU3r86yDwpxo4&google_cver=1

42 B
703 B

484ms
126ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBSJKKMS9_gU3r86yDwpxo4&google_cver=1
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 86c92d2fca135435ceca5cadd19355a6
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBSJKKMS9_gU3r86yDwpxo4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DBD8
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://match.adsrvr.org/track/cmb/rubicon?gdpr=0
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5b2d22ff-3381-4f15-a7fa-f78470f9c0fd&gdpr=0&gdpr_consent=&expires=30

42 B
703 B

488ms
129ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5b2d22ff-3381-4f15-a7fa-f78470f9c0fd&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5b2d22ff-3381-4f15-a7fa-f78470f9c0fd&gdpr=0&gdpr_consent=&expires=30
date: Thu, 16 Nov 2023 15:23:31 GMT
server: Kestrel
content-length: 289

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame DBD8
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dcQGNUMtSh6xuD1ho4zF8w&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dcQGNUMtSh6xuD1ho4zF8w&gdpr=0

43 B
479 B

17ms
17ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dcQGNUMtSh6xuD1ho4zF8w&gdpr=0

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 15:23:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4N0195XC3AY4M41CYKHK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dcQGNUMtSh6xuD1ho4zF8w&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame DBD8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
https://s.amazon-adsystem.com/ecm3?id=LP1CCHJE-1H-17CQ&ex=d-rubiconproject.com&status=ok&gdpr=0

43 B
720 B

20ms
19ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LP1CCHJE-1H-17CQ&ex=d-rubiconproject.com&status=ok&gdpr=0

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 15:23:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: A0Z9MPSSN2VRFPEY6C8A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LP1CCHJE-1H-17CQ&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
Expires: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame DBD8
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP1CCHJE-1H-17CQ&gdpr=0

0
253 B

170ms
33ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP1CCHJE-1H-17CQ&gdpr=0
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:31 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CBB74AFE2E0743969B5C72E427FF994D Ref B: EWR30EDGE0216 Ref C: 2023-11-16T15:23:32Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKRpo/ilKMCn+EjgMAvA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP1CCHJE-1H-17CQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame DBD8
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=r_Ka9CfwRJCpT9szpt5R-g&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=r_Ka9CfwRJCpT9szpt5R-g&gdpr=0

43 B
479 B

89ms
88ms

Image
image/gif

67.220.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=r_Ka9CfwRJCpT9szpt5R-g&gdpr=0

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

HTTP/1.1

Server

67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 15:23:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3R743MJFP16TK9XVZX89
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=r_Ka9CfwRJCpT9szpt5R-g&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DBD8
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM5YWUxMGI4Y2U3ODYwYzgyNzY3YWFhNTg5M2FmMGUyYTBmZjE2ZQ&gdpr=0

170 B
188 B

44ms
43ms

Image
image/png

172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM5YWUxMGI4Y2U3ODYwYzgyNzY3YWFhNTg5M2FmMGUyYTBmZjE2ZQ&gdpr=0

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM5YWUxMGI4Y2U3ODYwYzgyNzY3YWFhNTg5M2FmMGUyYTBmZjE2ZQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DBD8
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/OV06eFtKmJ0WQ6R_Z2hXr8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bgEY1XRE2oLcr4P_Ee48T0wAR7DWHHNQYt7uUA--~A

42 B
703 B

131ms
131ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bgEY1XRE2oLcr4P_Ee48T0wAR7DWHHNQYt7uUA--~A
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 16 Nov 2023 15:23:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bgEY1XRE2oLcr4P_Ee48T0wAR7DWHHNQYt7uUA--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DBD8
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAxQ0NISkUtMUgtMTdDUQ==&gdpr=0
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEAALe76x01_jyo8flqHpSuA&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxQ0NISkUtMUgtMTdDUQ==&google_push=&gdpr=0

170 B
188 B

38ms
38ms

Image
image/png

172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxQ0NISkUtMUgtMTdDUQ==&google_push=&gdpr=0

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxQ0NISkUtMUgtMTdDUQ==&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DBD8
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABja07KrGgAABOLtnH04g&expires=30&gdpr=0

42 B
703 B

514ms
130ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABja07KrGgAABOLtnH04g&expires=30&gdpr=0
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABja07KrGgAABOLtnH04g&expires=30&gdpr=0
Date: Thu, 16 Nov 2023 15:23:31 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame DBD8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
https://prebid.a-mo.net/setuid/magnite?uid=LP1CCHJE-1H-17CQ&gdpr=0

0
392 B

19ms
18ms

Image
text/plain

147.28.129.37
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LP1CCHJE-1H-17CQ&gdpr=0
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:31 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LP1CCHJE-1H-17CQ&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
Expires: 0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame DBD8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP1CCHJE-1H-17CQ&gdpr=0

43 B
1 KB

3ms
2ms

Image
image/gif

68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP1CCHJE-1H-17CQ&gdpr=0

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:32 GMT
an-x-request-uuid: 43484922-72ad-4571-ba09-3d75b357ae74
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 5.181.234.132; 5.181.234.132; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP1CCHJE-1H-17CQ&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DBD8
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=dc5e457b-d108-4ca1-82ba-6772903d3ba7&expires=30&gdpr=0

42 B
703 B

276ms
125ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=dc5e457b-d108-4ca1-82ba-6772903d3ba7&expires=30&gdpr=0
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 86c92d2fca135435ceca5cadd19355a6
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=dc5e457b-d108-4ca1-82ba-6772903d3ba7&expires=30&gdpr=0
Date: Thu, 16 Nov 2023 15:23:32 GMT
Connection: keep-alive
X-CI-RTID: 90c2d57f-a56a-4bce-afd9-25265879c847
Content-Length: 155
Content-Type: text/html; charset=utf-8

GET
H2

200

cksync
hb.yahoo.net/ Frame DBD8
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=0
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP1CCHJE-1H-17CQ&redir=true&gdpr=0
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP1CCHJE-1H-17CQ&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wRE9rVUc5RTJ1RXpTbTh5YkpsclFTSmY5SjlFRjFuSX5B&gdpr=0&ovsid=LP1CCHJE-1H-17CQ&dpid=58160

53 B
648 B

518ms
32ms

Image
image/gif

23.55.235.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wRE9rVUc5RTJ1RXpTbTh5YkpsclFTSmY5SjlFRjFuSX5B&gdpr=0&ovsid=LP1CCHJE-1H-17CQ&dpid=58160

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Server

23.55.235.176 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-55-235-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Thu, 16 Nov 2023 15:23:33 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Thu, 16 Nov 2023 15:23:33 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wRE9rVUc5RTJ1RXpTbTh5YkpsclFTSmY5SjlFRjFuSX5B&gdpr=0&ovsid=LP1CCHJE-1H-17CQ&dpid=58160
date: Thu, 16 Nov 2023 15:23:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame DBD8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP1CCHJE-1H-17CQ&gdpr=0
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP1CCHJE-1H-17CQ
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP1CCHJE-1H-17CQ&ckls=true&ci=7Ql6xOGvbT&nc=false&trid=599680559

43 B
1 KB

85ms
24ms

Image
image/gif

13.224.214.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP1CCHJE-1H-17CQ&ckls=true&ci=7Ql6xOGvbT&nc=false&trid=599680559
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 13.224.214.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-10.phl50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:33 GMT
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: PHL50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: FVHrrjmh3xVQh7MwlprJl1XA7mtbH-zEWXzWXb0VfvfzGcdebsyBSA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:33 GMT
via: 1.1 90ad2a23a8617490c9d13e1f260633f8.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: IAD50-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP1CCHJE-1H-17CQ&ckls=true&ci=7Ql6xOGvbT&nc=false&trid=599680559
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: p7ydrzk4N9go8pr8pz9-J3F3l6n2cYVzEeQxfJO9MNixsKWQ3Pcrmg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame DBD8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
https://ce.lijit.com/merge?pid=80&3pid=LP1CCHJE-1H-17CQ&gdpr=0

43 B
664 B

465ms
13ms

Image
image/gif

63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LP1CCHJE-1H-17CQ&gdpr=0
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 15:23:33 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LP1CCHJE-1H-17CQ&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
Expires: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 222ms
31ms Preflight
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 15:23:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzY... Show response
ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/ Frame BD44 78 KB
32 KB 62ms
55ms Document
text/html 142.250.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.102 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f6.1e100.net

Software

cafe /

Resource Hash

6bdd776cb16e22b3dd4e315156ff4c68d66d770079fdcdbeb381021529c9c544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.w55c.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 32249
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:23:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9442520355539263991
s0.2mdn.net/simgad/ Frame BD44 71 KB
72 KB 30ms
4ms Image
image/jpeg 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9442520355539263991

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a06df7b2f04d23d7e156a668eb69b238c68bdaecad0e6d954e58fde3e725b5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:33:13 GMT
x-content-type-options: nosniff
age: 64219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72937
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 16:25:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Nov 2024 21:33:13 GMT

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/xfa/ Frame BD44 10 KB
4 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

527718fd2692a8581d7fb4e3d42fed33df4b4dc56632b1cc06344180902e5ef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4282
x-xss-protection: 0
server: cafe
etag: 13218323832899434506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 04:13:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame BD44 11 KB
4 KB 8ms
8ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 13:22:31 GMT

GET
H/1.1 200
OK dvbm.js Show response
cdn.doubleverify.com/ Frame BD44 430 KB
102 KB 852ms
3ms Script
application/javascript 2600:141b:1c00:f::172c:c9da
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbm.js
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9da Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9924f0aee1ecba1673c4e75a3b78b53dc3e63bc7dceadd5a9ae7ccfb1e2c0e3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 15:23:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:21:25 GMT
Server: UploadServer
ETag: "84527e9ec03ed8d9f0114db3e7ba8215"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104112
Expires: Thu, 16 Nov 2023 15:38:33 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD44 0
22 B 64ms
63ms Ping
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=88&version=r20231109&sample=0.01

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD44 203 KB
64 KB 39ms
38ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:23:32 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BD44 0
0 101ms
87ms Fetch
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrdk-q2t7ZOkQBYmDbYq0sQmIjeZP1lwH-fBxUoNKGQodGoRmeKe8Y444FIKr3xGTrXLEJMfgRzWX6fCnYRr9i4x6qsy4vqVpVe-E6-X-7-ioFBMVkETjz63Pv7skxJV42A771lssZMLczyriZN7KYsO2wGLzo9shFykQ6ePWJxWIApdRM5b4LmMF7HQ&sai=AMfl-YQAEkMhEt_jqDfKTx_2QG_snJ3V3chlLZN0D8iZIINKnqWrhE9i5ZVfu6ZzDD2iUAItUPWj0TRMkITrFQxXYfN7Sk_ci_iRNw7FDA&sig=Cg0ArKJSzOCqbNxDH083EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=0&cisv=r20231109.66844&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BD44 8 KB
6 KB 33ms
32ms XHR
application/json 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc6f237c59aa6b0f45874b67ecdafc85249bd1f870a4507afa225f8010141012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5926
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame BD44 41 KB
14 KB 13ms
13ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:55:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 20:55:44 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BD44 0
0 87ms
80ms Fetch
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrdk-q2t7ZOkQBYmDbYq0sQmIjeZP1lwH-fBxUoNKGQodGoRmeKe8Y444FIKr3xGTrXLEJMfgRzWX6fCnYRr9i4x6qsy4vqVpVe-E6-X-7-ioFBMVkETjz63Pv7skxJV42A771lssZMLczyriZN7KYsO2wGLzo9shFykQ6ePWJxWIApdRM5b4LmMF7HQ&sai=AMfl-YQAEkMhEt_jqDfKTx_2QG_snJ3V3chlLZN0D8iZIINKnqWrhE9i5ZVfu6ZzDD2iUAItUPWj0TRMkITrFQxXYfN7Sk_ci_iRNw7FDA&sig=Cg0ArKJSzOCqbNxDH083EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=13&vt=11&dtpt=9&dett=2&cstd=0&cisv=r20231109.66844&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C082 38 KB
13 KB 33ms
12ms Document
text/html 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 66474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 20:55:39 GMT
expires: Thu, 14 Nov 2024 20:55:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5D70 42 B
64 B 77ms
76ms Fetch
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcdmSbQ5AO0EnFVxPdUO-1N4-keK_POo3F-hYfZsUd4T0V7iZhEdQ0VV2pg5yJqEY7Xo6AaNUe3_EROvChbp726Jt2Y_u6llaqZpgkzlmjStvOwrfT6osuZsOFBh6hUMyNVhEYW6fNV0qTP_1KcSWGWk9sJDt4ROWYBxtruUyRL29dYx3fQZBHLws7aaGI8QX3QLhCEbFWyaT7ojHzv5trI0346T5xKD70n-twGhw-q6UVNft9F5yQIZyfm4oUKiD-ZH0sZ-aZaa-xUTyQYtWpQs8VykwdvLw8BshfEVuz3vjnjNGroIyqQ4lgCmFhRu_c31sKQDQzIoGXuLL1wLFbBPqMoVztO-BOV_-hYjLkIsm3vqeBxLXXoOE55xxySOKav7b4QLoNJNXsGj6DuEksu0ZT0BDF_uQS2ZRsVfcYHUTrt2ScEBH-kHQTMU892DQm_ei-SrDrcAhywuJMQ5qBcS3jVF2lpC0AROarN2DJ2UFcYvdVj58WjcKBVjnhYXztTtYPsJCepr19QurQZO3-XglyiQ_VP06KUfLmc5JS6-MJrrNL2zosDQ0-qp-eHKF_I1wjGs2A2zhXpt5VBFl14ocJ0I41YzcT5GIO4fAv9p0M0MNVeNl9rqUKsp-bmRlcWFCVRU63ovWFnoRIg2PE0pf8pnZIBQHIvQgNBPjE4gJsdlgGmer4FLCVX-JsL2P8DE_h9ue7xhgGTO7oAEjso6rPt76hUoXDjFCMkXiuR3CySYt7gs-LBzPG8OlYuG8JDUkcdPBrWgypRKvnewwzVMraUpp-nJMF97tZ-tYOXY6djEOx7lmubl6UMOItn24l6MHxOrqZMjX1jWmgxS01zW41kncQ3Yq8ab9RCQ8YYrJQQ3z-LWG8dK1XDYtSxgJxzcy5P_-Kh8T4PDyvbnzh1uRwG1HMYkDJdc8LuuEcQ_zggg1giaJjrrHMeL3DhEOZ24Hu5LNKJS-UhObSjGL90Gu6wpfVvpYl1rSkGU1ao9t3DL6o2wPkJ5Pi7vVQxCX4WvwmoadO6iMRm1tv0E6Zm5YSoLDCdhoSB-gWu-3G7RYKkIPG1-TRi1ziebDogyAuUBgSJ1JUDxfuG63DfrWUjM78F8llWFjoD4K-9UIRXDcQufcxiAHbkABAcqQUMbdKCORIwx0ppIwwNRVvNJrHMm9H6Dvsp-aES7U-87NT1K1PUb5sEgE0sqPRVzY6LFyGFEEK-vCAmVggKqKlt0rhBIB1g-d55hlpFvsbsMoy_tBu_l4zfMC114B0Bg9lBO3ooPFqUcgy_DBIW0bvfSOVIDXwBcr2EbZaONEA0LlxN0hGn8GfN8FqWpbKcW3vLBVywAFutYYNHqFoi1_ZxoM&sai=AMfl-YQDwpYJg8pvpkDEslryxNB-9vHNtt0kTTCDiVhy0jlUDxqnPyQ-cSubJkbgxsdyPQqjaNN_SFK752YJz1RkGJL4mMKqreeTTzdyrpfyTFDIYIEfqHsE8E9fsiES03D4UY9SQVs4xhRi&sig=Cg0ArKJSzN6-gHi49h4rEAE&cid=CAQSOwDICaaNqeMK65r53D-41zrzhfB14uhgprVqfT_Z8vOo6lz6W7cFLzzzMwnDZiOBbsm9TGC_JZ2KxbPvGAE&id=lidar2&mcvt=1000&p=1074,200,1324,1400&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&vu=1&app=0&itpl=22&adk=3743414737&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700148211392&rpt=353&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame BD44 450 B
580 B 117ms
32ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?ctx=29864238&cmp=30675526&sid=8798372&plc=378029753&crt=202045356&advid=12827303&adsrv=1&mon=1&blk=1&dvp_cawf=crtwrp&cm360cw=1&unit=970x90&adid=&app=&dup=&gmnpo=&isdvvid=&supplySource=&tagtype=&aUrlD=0&brid=3&bridua=3&brver=119.0.6045.159&brh=2&vavbkt=&lvvn=28&fcifrms=14&winh=90&winw=970&chro=1&noc=4&wouh=1200&wouw=1600&htmlmsging=1&refD=3&scah=1200&scaw=1600&jsver=4946&uid=1700148213141483&srcurlD=2&ttfrms=57&num=6&dvp_isOnHead=0&flvr=1&ver=4946&jsCallback=__verify_callback_1700148213141483&jsTagObjCallback=__tagObject_callback_1700148213141483&ssl=1&prndr=1&m1=13&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=12882666.737840181&ee_dp_sukv=12882666.737840181&dvp_tukv=53414301585.05837&ee_dp_tukv=53414301585.05837&ee_dp_dvtpurl=https%3A%2F%2Fcdn.doubleverify.com%2Fdvbm.js&dvp_strhd=1.0999984741210938&dvpx_strhd=1.0999984741210938&eparams=DC4FC%3Dl9EEADTbpTauTau45%3F%5DHdd4%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau42AE492%5D3%40ETar9EEADTbpTauTau42AE492%5D3%40ETar9EEADTbpTauTau45%3F%5DHdd4%5D%3F6ETar9EEADTbpTauTau25%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&referrer=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN6046.3886140ROKUONEVIEW2%2FB30675526.378029753%3Bdc_ver%3D99.292%3Bsz%3D970x90%3Bu_sd%3D1%3Bgdpr_consent%3Dtcunavailable%3Bdc_adk%3D1203382665%3Bord%3Dd3nmfz%3Bclick%3Dhttps%253A%252F%252Fi.w55c.net%252Fcl%253Ft%253D1%2526btid%253DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%2526ei%253DRUBICON%2526tpc%253D%2526rurl%253D%3Buach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%3Bdc_rfl%3D2%2Chttps%253A%252F%252Fcaptcha.bot%242%2Chttps%253A%252F%252Fcaptcha.bot%252F%240%3Bxdt%3D1%3Bcrlt%3DwNB*fvZvF!%3Bcmpl%3D8%3Bgcsr%3Da%3Bstc%3D1%3Bchaa%3D1%3Bsttr%3D1506%3Bprcl%3Ds
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: cf2350a7ba804e2c8e117ac52a185bbc5b4ae59e50b6cebfd5d77fd3eaebd24c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 15:23:33 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/15/2023 15:23:33

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame C082 39 KB
15 KB 5ms
5ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 13:12:21 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame BD44 694 B
730 B 1007ms
34ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=1&ttmms=25&ttfrms=57&brid=3&brver=119.0.6045.159&bridua=3&bds=1&tstype=128&prndr=1&eparams=DC4FC%3Dl9EEADTbpTauTau45%3F%5DHdd4%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau42AE492%5D3%40ETar9EEADTbpTauTau42AE492%5D3%40ETar9EEADTbpTauTau45%3F%5DHdd4%5D%3F6ETar9EEADTbpTauTau25%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=2&aUrlD=0&ssl=https:&dfs=243&ddur=861&uid=1700148213141483&jsCallback=dvCallback_1700148213141971&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4946&tgjsver=4946&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN6046.3886140ROKUONEVIEW2%2FB30675526.378029753%3Bdc_ver%3D99.292%3Bsz%3D970x90%3Bu_sd%3D1%3Bgdpr_consent%3Dtcunavailable%3Bdc_adk%3D1203382665%3Bord%3Dd3nmfz%3Bclick%3Dhttps%253A%252F%252Fi.w55c.net%252Fcl%253Ft%253D1%2526btid%253DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%2526ei%253DRUBICON%2526tpc%253D%2526rurl%253D%3Buach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%3Bdc_rfl%3D2%2Chttps%253A%252F%252Fcaptcha.bot%242%2Chttps%253A%252F%252Fcaptcha.bot%252F%240%3Bxdt%3D1%3Bcrlt%3DwNB*fvZvF!%3Bcmpl%3D8%3Bgcsr%3Da%3Bstc%3D1%3Bchaa%3D1%3Bsttr%3D1506%3Bprcl%3Ds&fcifrms=14&brh=2&dvp_epl=211&noc=4&nav_pltfrm=Win32&ctx=29864238&cmp=30675526&sid=8798372&plc=378029753&crt=202045356&adsrv=1&advid=12827303&unit=970x90&bsimpid=f6acc465f72a426d8fedd70f759fa35e&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&mon=1&blk=1&dvp_cawf=crtwrp&cm360cw=1&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=12882666.737840181&ee_dp_sukv=12882666.737840181&dvp_tukv=53414301585.05837&ee_dp_tukv=53414301585.05837&ee_dp_dvtpurl=https%3A%2F%2Fcdn.doubleverify.com%2Fdvbm.js&dvp_strhd=1.0999984741210938&dvpx_strhd=1.0999984741210938&dvp_tuid=73318042799&jurtd=2790745991
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3430da2fac67c2a866dc7463500c2637eacdb6c3abeab65347f02317adbc2b3e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 15:23:34 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/15/2023 15:23:34

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C082 0
22 B 67ms
66ms Image
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B4rsv9DNWZYaOB76ioPMPit6-uAMAAAAAOAHgBAI&bg=!SEulSwTNAAZxrfrxUa07ADQBe5WfONXr-CrRTVJwJvQh4JFMdKfR1rDBuaj3TEFPP8bfj-JXgU3cuJ9rx7QlWnpXAtWJAgAAAFlSAAAAB2gBB5kDAGZH4iEQtSnBCflsqHYMfDo-jvZviQZDuO52QHZgyZH6z4hUnwm0Jf2FFcI7CLsEQzhhGyM3HX05xBXwd8TziQjrNAa0ZiFhXzZTwjqk2tfatobhGDTfurZUdRI-HmP2v4rIVM4oydZot6IhxD6nrTXil4ivKoYXPk1Q3hLecbxmXvvAlvyrmt2OhaWyqgnzgq0PeMH1OkQq48Gt10CtpHf_1uZ-0y0cCDvewN8uIETbMTPy591NWlMmkOGr-fD8CURrp94L9jtu3NXoj_41lUFiso9HVulSFKDA5sAr2QdAzVjzp0LaU07Q00UvKXDfP2AF3zgMJufzPNtarHKEOZif2li6NH2tKaVIm7oTO1eQT3-coFZzM_5_epGO0PW-v8X2LOv3-dsxe9L7G2ANxxvbGew54z3zre0ZZlcARF5eC72X6fX7wNrPigUEBMc8I4SHzoSUJWeIA8y9eltIPSHm83rJcFlRMLBvPwQy3MnqD6qTrtfaDdKfHsMPon5h6KGHf6sKLJqJ58s9h4_GqpxX5RyI6QHFfjtGfB9d04DXFRJhS5QtTUiDKiKIqHaB8uzViWC_jky8lp8XfcWbyqTOlh24ZQHOSlQFZaFDthqSSKQWxzVlUxzbQVd1mJPkWYhN9GvhHk097M3LyvUUfkVpW3KuqUSdh2vefhF-kQVw8ILGX1usBRoozNwZRemGj4pOSIpvsVqoJguo5wtXuYhz5imhY6ipAUFy7bOPuCELo9SsSuXogj3SQHuPXsI3So3AiAwnhoPIgjhkcEYpVv80O6c9G8UAM9VptHlj9B3EdnqtlYBQ1wJyvpTiDb51UdtbFZQW6AQpPDNnki2wEnao5kWoJuYHwASOledakc0bKNF7uIaSSTSDbDbGGrQvv69bun2j6oXoTu1HM1GxGDsxUK2gATV55hNBsHjFOxiJkp2k8ciN0NRpxqb0TYzWuvC1mNBEb6ShA4PkbeDjtPjQ67YLp1V7nBeNEuR3JpjXf_bpA25r7BheMaRkHfgifg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 15:23:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BD44 17 KB
6 KB 45ms
44ms Script
text/javascript 2607:f8b0:4020:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 15:23:34 GMT

GET
H2 200 COMMON.css
c.evidon.com/a/ Frame F9FD 2 KB
976 B 4ms
4ms Stylesheet
text/css 23.44.111.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/COMMON.css?r=0.22135588724318
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r230822
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:34 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2017 16:26:10 GMT
server: AkamaiNetStorage
etag: "c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: text/css
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
accept-ranges: bytes
access-control-allow-headers: *
content-length: 715

GET
H2 200 6.css
c.evidon.com/a/ Frame F9FD 898 B
649 B 4ms
3ms Stylesheet
text/css 23.44.111.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/6.css?r=0.09560524937246706
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r230822
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d4be3ac72f80e7f9de3f25f566fe693f2ff4ca40467d0ebb0f2ace003f2eed98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:34 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2016 22:23:43 GMT
server: AkamaiNetStorage
etag: "0201e098f4bf4dfb5200e1da0993359c:1461104623"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: text/css
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
accept-ranges: bytes
access-control-allow-headers: *
content-length: 388

GET
H2 200 box_19_top-right.png
c.evidon.com/icon/ Frame F9FD 109 B
392 B 6ms
4ms Image
image/png 23.44.111.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/box_19_top-right.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:34 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:18 GMT
server: AkamaiNetStorage
etag: "8c7c476ac28727b21040351fa3006c59:1360189518"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: image/png
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 118

GET
H2 200 ci.png
c.evidon.com/icon/ Frame F9FD 581 B
880 B 5ms
3ms Image
image/png 23.44.111.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/ci.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:34 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:44 GMT
server: AkamaiNetStorage
etag: "2697f4b848d2400cd051312585a6bf42:1360189544"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: image/png
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 604

GET
H2 204 pixel.gif
l.betrad.com/ct/0_0_0_2532/us/0/1/0/0/0/0/970/90/242/292/0/ Frame F9FD 0
122 B 50ms
11ms Image
text/plain 107.22.177.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/ct/0_0_0_2532/us/0/1/0/0/0/0/970/90/242/292/0/pixel.gif?v=2_1&ttid=2&d=cdn.w55c.net&r=0.8335512508124496
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.177.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-177-112.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:23:34 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame BF9E 39 KB
15 KB 6ms
6ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 13:12:21 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-ue1.doubleverify.com/ Frame BD44 0
299 B 35ms
21ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ue1.doubleverify.com/bsevent.gif?impid=f6acc465f72a426d8fedd70f759fa35e&flavor=1&gdpr=&gdpr_consent=&tgdur=861&vfdur=119&vfsz=568&tuveims=59&tuveems=179&eoid=1&ttfurm=3155
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://ad.doubleclick.net
Pragma: no-cache
Date: Thu, 16 Nov 2023 15:23:36 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-11-15T15:23:36

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdQuhHqh7TuJaLKoLMyJL2ujjuoIsxhQn_XDVYD2d1ERaseDeWPkmTW9qntFu8IG0HY81A3X05T8DfBCE8xF4_3iMzxxuAYz6R7YT7wXxch8cCTX0n0J4Fid_uKUjZ7Y5z48iBte8SpQ&sig=Cg0ArKJSzNdZRgArVekBEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231115&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3743414737&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1700148209608&rpt=392&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1nrv9_9pBcLBzMoTvkm0Ll85jw1yZPK8MkoTL5T4kF_HEIbEsvRgn8DttsSTFRBTPT5dUB0P27jr2hAFuO8PBsvOb5oFRG87qHmqd8mtyA5bNT3X0pqmA2n_37DBB19fVRKicf_-kkw&sig=Cg0ArKJSzL1CiiI3JiHmEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231115&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3743414737&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1700148210320&rpt=160&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: px.britepool.com
URL: https://px.britepool.com/sync?partner_id=dx&ppid=psLFSugY1R3Edk5

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=6465&uid=psLFSugY1R3Edk5&img=1

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

96 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cdn.fuseplatform.net/	1970-01-20 16:59:00	Name: akacd_captchabot Value: 1702740206~rv=16~id=ed2d57698377f4b714907230bf38f457
.captcha.bot/	1970-01-21 01:51:48	Name: _ga_VT1JT14S09 Value: GS1.1.1700148207.1.0.1700148207.60.0.0
.captcha.bot/	1970-01-21 01:51:48	Name: _ga Value: GA1.1.1030093738.1700148207
.captcha.bot/	1970-01-21 01:01:24	Name: cf_clearance Value: D43YXCZIfgmPazZuIOQvzfRLZBwxh0uNIo.xmM1BU8U-1700148207-0-1-1217726.c9026b81.e835628b-0.2.1700148207
.adnxs.com/	1970-01-20 18:25:24	Name: icu Value: ChkInNGFARAKGAEgASgBMPDn2KoGOAFAAUgBEPDn2KoGGAA.
.adnxs.com/	1970-01-20 18:25:24	Name: uuid2 Value: 3127847580981328433
.crwdcntrl.net/	1970-01-20 22:44:35	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 22:44:35	Name: _cc_id Value: b249f4b46c177426835555d67a740b4a
.3lift.com/	1970-01-20 18:25:24	Name: tluid Value: 1434109839600411096621
.captcha.bot/	1970-01-20 22:44:36	Name: _cc_id Value: b249f4b46c177426835555d67a740b4a
.captcha.bot/	1970-01-20 16:17:14	Name: panoramaId_expiry Value: 1700234608548
.criteo.com/	1970-01-21 01:37:24	Name: uid Value: ba331bcf-9eaa-4513-8211-3ae5f43eb307
.smartadserver.com/	1970-01-21 01:02:50	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 536838=5719163
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-21 01:02:50	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 16:17:14	Name: sasd Value: %24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D152_0_0t%3B%24dma%3D501
.smartadserver.com/	1970-01-21 01:02:50	Name: pid Value: 2831371484337470390
.smartadserver.com/	1970-01-20 16:17:14	Name: sasd2 Value: q=%24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D152_0_0t%3B%24dma%3D501&c=1&l=908530559&lo=-1530083348&lt=638357450085973333&o=1
.rubiconproject.com/	1970-01-21 01:01:24	Name: khaos Value: LP1CCHJE-1H-17CQ
.captcha.bot/	1970-01-21 01:37:24	Name: cto_bundle Value: tnh24V9ieTJncDhZSW92eiUyQk5uVVc0S0tZZFYzMGJFbkV3ZlIlMkIyQkg4ZDF2WmU2RCUyRlNhYUkxTDBHRXVQOHJJUmJvVzdnYkxhN2s0OTdaYU8zZWxWT0Ftc2dSdVhnMXdXUXJ0M25ZcXozJTJCUlhxSDMzSmdTcjB6MDlqdHhWRmdsQUMzUHluSkQwT2EzQ0ZRS212JTJGZGdaTjhvN2h3JTNEJTNE
.captcha.bot/	1970-01-21 01:37:24	Name: __gads Value: ID=46bc5e9458bf6f55:T=1700148208:RT=1700148208:S=ALNI_MbIJYE-JKAAMrCyQrBxKQ-UMyNMDw
.captcha.bot/	1970-01-21 01:37:24	Name: __gpi Value: UID=00000a0053d5c6ac:T=1700148208:RT=1700148208:S=ALNI_MZu1Oz511-cDZ4fCVwbtKJ8OrNGog
.doubleclick.net/	1970-01-21 01:51:48	Name: IDE Value: AHWqTUmUI85Sja4AunJ2lQbhdoYlepMKvwqBjBXIfHqEet1nhZtYsn2a1O-yBRCsCUA
.doubleclick.net/	1970-01-20 16:15:51	Name: DSID Value: NO_DATA
.w55c.net/	1970-01-21 01:46:02	Name: wfivefivec Value: psLFSugY1R3Edk5
.go.sonobi.com/	1970-01-20 16:59:00	Name: __uis Value: 5338f273-4bc0-4612-a525-3b8fad1e3d4e
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86132\|ZVYz9
.quantserve.com/	1970-01-20 18:25:24	Name: d Value: EAoBCQG4KoEA
.quantserve.com/	1970-01-21 01:46:02	Name: mc Value: 655633f3-b0614-23ca4-e5d0e
.w55c.net/	1970-01-20 16:59:00	Name: matchbp Value: 1
.ctnsnet.com/	1970-01-21 01:01:24	Name: cid_78f509bc8bb84438a1eedf86f8e0ce55 Value: 1
.ctnsnet.com/	1970-01-21 01:01:24	Name: gid_CAESELw4bpZz7t5KjIBnm1cfcH4 Value: 1
.lijit.com/	1970-01-21 01:01:24	Name: ljt_reader Value: Hqp7iGZHKQ-vjOoIRYWZs8mP
.casalemedia.com/	1970-01-21 01:01:24	Name: CMID Value: ZVYz8zi7JB4riHXINOFDBgAA
.casalemedia.com/	1970-01-20 18:25:24	Name: CMPS Value: 1439
.casalemedia.com/	1970-01-20 18:25:24	Name: CMPRO Value: 1439
.yahoo.com/	1970-01-21 01:01:45	Name: A3 Value: d=AQABBPMzVmUCEO9edmkiNIeXltrmkY68jqMFEgEBAQGFV2VgZdwt0iMA_eMAAA&S=AQAAAtHg5K8-5KQyZj3OxOZpxzc
.tapad.com/	1970-01-20 17:42:12	Name: TapAd_TS Value: 1700148211803
.tapad.com/	1970-01-20 17:42:12	Name: TapAd_DID Value: f6062374-b0c5-427e-a433-ca5fb6862304
.rlcdn.com/	1970-01-21 01:01:24	Name: rlas3 Value: Eq85tDMd39yNS626wa7DP1qd4avl3EjtubguncfBGnk=
.krxd.net/	1970-01-20 20:35:00	Name: _kuid_ Value: P62Yi6h5
.demdex.net/	1970-01-20 20:35:00	Name: demdex Value: 72486236448098387573537290136385370032
.ads.stickyadstv.com/	1970-01-20 16:59:00	Name: UID Value: 95326b9dc2c2b1aa54674d76a26377
.ads.stickyadstv.com/	1970-01-20 17:42:12	Name: uid-bp-23329 Value: psLFSugY1R3Edk5
.w55c.net/	1970-01-20 16:59:00	Name: matchan Value: 1
.w55c.net/	1970-01-20 16:23:00	Name: matchtapad Value: 1
.w55c.net/	1970-01-20 16:59:00	Name: matchkrux Value: 1
.w55c.net/	1970-01-20 16:59:00	Name: matchfreewheel Value: 1
.dpm.demdex.net/	1970-01-20 20:35:00	Name: dpm Value: 72486236448098387573537290136385370032
.w55c.net/	1970-01-20 16:59:00	Name: matchdemdex Value: 1
.w55c.net/	1970-01-20 16:59:00	Name: matchcasale Value: 1
.w55c.net/	1970-01-20 16:59:00	Name: matchspotx Value: 1
.rlcdn.com/	1970-01-20 17:42:12	Name: pxrc Value: CPPn2KoGEgUI6AcQABIFCOhHEAA=
.w55c.net/	1970-01-20 16:59:00	Name: matchtargus Value: 1
.adsrvr.org/	1970-01-21 01:02:50	Name: TDID Value: 5b2d22ff-3381-4f15-a7fa-f78470f9c0fd
.bluekai.com/	1970-01-20 20:37:53	Name: bku Value: k9L99w1pPZDw+qWQ
.bluekai.com/	1970-01-20 20:37:53	Name: bkpa Value: KJy9cxeid02pSUHknp/8BMxdSVx2zcB1HkBNjNAhDMBajsLN9yYJ7QAr
.w55c.net/	1970-01-20 16:59:00	Name: matchbluekai Value: 1
.w55c.net/	1970-01-20 16:59:00	Name: matchtremor Value: 1
.w55c.net/	1970-01-20 16:59:00	Name: matchgoogle Value: 1
.adsrvr.org/	1970-01-21 01:02:50	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCJqv7eXAsLM8EAUYBSABKAIyCwi-t9eS17CzPBAFOAE.
.pippio.com/	1970-01-21 01:01:24	Name: did Value: zV9nNhbwhHDdzLfk
.pippio.com/	1970-01-21 01:01:24	Name: didts Value: 1700148211
.pippio.com/	1970-01-20 17:42:12	Name: nnls Value:
.pippio.com/	1970-01-20 17:42:12	Name: pxrc Value: CPPn2KoGEgYIgr0rEAA=
.amazon-adsystem.com/	1970-01-21 01:51:48	Name: ad-privacy Value: 0
.bidr.io/	1970-01-21 01:44:18	Name: bito Value: AABja07KrGgAABOLtnH04g
.bidr.io/	1970-01-21 01:44:18	Name: bitoIsSecure Value: ok
.linkedin.com/	1970-01-20 18:25:24	Name: li_sugr Value: 95a5f5b1-9e1e-49c1-9f32-dfb37c48377d
.linkedin.com/	1970-01-20 16:17:14	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3148:u=1:x=1:i=1700148212:t=1700234612:v=2:sig=AQHMTWoEpMox0EubQzSBb0HXxO3j0I1e"
.linkedin.com/	1970-01-21 01:01:24	Name: bcookie Value: "v=2&10b26e06-221d-44f5-82c4-99f7c9b6e5d5"
.doubleclick.net/	1970-01-20 20:35:00	Name: APC Value: AfxxVi74QVVa4EHgHIATr_P_w0pcQ5Nx6hQje93TLdIobMok5AA8_A
.googleadservices.com/	1970-01-20 18:25:24	Name: ar_debug Value: 1
.ipredictive.com/	1970-01-21 01:01:24	Name: cu Value: dc5e457b-d108-4ca1-82ba-6772903d3ba7\|1700148212208
.w55c.net/	1970-01-20 16:59:00	Name: matchrubicon Value: 1
.send.microad.jp/	1970-01-20 18:25:24	Name: TR Value: 5ebc02e709635e50542f41234eed63b6950188531ab43966
.amazon-adsystem.com/	1970-01-20 21:44:07	Name: ad-id Value: A6e_BGZkw0IckusPtBZcoYk
.prebid.a-mo.net/	1970-01-20 16:17:14	Name: _sv3_7 Value: 1
.a-mo.net/	1970-01-21 01:01:24	Name: amuid2 Value: 23825073-3152-471b-be18-7320ab037821
.prebid.a-mo.net/	1970-01-21 01:01:24	Name: sd_amuid2 Value: 23825073-3152-471b-be18-7320ab037821
.adnxs.com/	1970-01-20 18:25:24	Name: anj Value: dTM7k!M4/rF7/.XF']wIg2In>w8Ti#!]tau8i_j0PU`qM*SseYS)CV?LHJz5_#qyC[TMb`5hi4X3If)y3M7g`[!h4>%5A[C6bma8aey+_pWkrS$:Bo3[%z5WCnY3O=L0Z+
.adnxs.com/	1970-01-20 18:25:24	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQMUNDSEpFLTFILTE3Q1EiLCJleHBpcmVzIjoiMjAyNC0wMi0xNFQxNToyMzozMloifX0sImJpcnRoZGF5IjoiMjAyMy0xMS0xNlQxNToyMzozMloifQ==
.analytics.yahoo.com/	1970-01-21 01:01:24	Name: IDSYNC Value: "17my~2f33:18vk~2f33:19e0~2f33"
.lijit.com/	1970-01-21 01:01:24	Name: _ljtrtb_80 Value: LP1CCHJE-1H-17CQ
.primis.tech/	1970-01-20 16:51:48	Name: csuuid Value: 655633f50b965
.hb.yahoo.net/	1970-01-20 20:35:00	Name: visitor-id Value: 3431498130813273000V10
.hb.yahoo.net/	1970-01-21 01:01:24	Name: data-mag Value: LP1CCHJE-1H-17CQ~~63
.intentiq.com/	1970-01-21 01:51:48	Name: IQver Value: 1.9
.intentiq.com/	1970-01-21 01:51:48	Name: intentIQ Value: 7Ql6xOGvbT
.rubiconproject.com/	1970-01-21 01:01:24	Name: audit Value: 1\|i7WLabMcVxII7Kwqh1ucpFMG4C6D/t+3x5H4/Al95QUGfQznKejYyDTJ8/763XY+Goppw8J0UWflrv5VkzQulZzU4JWreVW/X/BqjHngba2ma+WVcS1g3g==
.intentiq.com/	1970-01-21 01:51:48	Name: CSDT Value: UEQ6MTUxMDZfMCZUdm1xZGlk
.intentiq.com/	1970-01-21 01:51:48	Name: intentIQCDate Value: 1700148213226
.intentiq.com/	1970-01-21 01:51:48	Name: IQPData Value: 95808132#1700148213218#0#1700148213218
.intentiq.com/	1970-01-21 01:51:48	Name: ASDT Value: 0
.everesttech.net/	1970-01-21 01:01:24	Name: everest_g_v2 Value: g_surferid~ZVYz9QAAGnj0cAAM

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=9a9HNZdiJVpu3L7bUN318jvG-VF6AuCJNbHfJe4MN5IRtb5PzEZd7S-cEosq5pl_M0NWbGFVCXQPVDnOvPTosMtNGEkyoAFLUcK3Ks_2fuLJvhLE7O484C1r Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://px.britepool.com/sync?partner_id=dx&ppid=psLFSugY1R3Edk5 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=6465&uid=psLFSugY1R3Edk5&img=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 104) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.stickyadstv.com
aid.send.microad.jp
analytics.google.com
ap.lijit.com
api.btloader.com
api.hcaptcha.com
bcp.crwdcntrl.net
beacon-iad3.rubiconproject.com
beacon.krxd.net
bidder.criteo.com
btloader.com
c.evidon.com
captcha.bot
cdn.ampproject.org
cdn.doubleverify.com
cdn.fuseplatform.net
cdn.jsdelivr.net
cdn.w55c.net
ce.lijit.com
challenges.cloudflare.com
cm.g.doubleclick.net
cmp.inmobi.com
cmp.quantcast.com
cms.quantserve.com
cti.w55c.net
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
i.w55c.net
ib.adnxs.com
idsync.rlcdn.com
ius.ctnsnet.com
js.chargebee.com
js.hcaptcha.com
l.betrad.com
live.primis.tech
login3.bot-captcha-verify.online
match.adsrvr.org
match.prod.bidr.io
mts0.google.com
mug.criteo.com
newassets.hcaptcha.com
pagead2.googlesyndication.com
partners.tremorhub.com
pippio.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg8.smartadserver.com
privygg.chargebeestaticv2.com
px.ads.linkedin.com
px.britepool.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssc.33across.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.search.spotxchange.com
sync1.intentiq.com
tags.bluekai.com
tags.crwdcntrl.net
tags.w55c.net
tapestry.tapad.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
ups.analytics.yahoo.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
px.britepool.com
sync.search.spotxchange.com
104.19.218.90
104.36.115.111
107.178.254.65
107.20.214.81
107.22.177.112
107.23.92.235
108.139.29.114
13.224.214.10
13.224.214.86
130.211.23.194
142.250.80.102
142.251.40.226
147.135.94.209
147.28.129.37
151.101.2.49
172.217.13.194
172.64.151.101
18.238.4.47
202.233.84.1
23.203.105.107
23.44.111.54
23.55.235.176
23.62.105.110
2600:141b:1c00:7::1728:b3ba
2600:141b:1c00:f::172c:c9da
2600:1f18:4e9:5a02:520a:c711:865a:bf81
2600:1f18:612b:4216:d296:b4ab:44c7:4070
2600:9000:2073:9000:1b:6b7d:2300:93a1
2600:9000:20ed:b400:3:4706:a6c0:93a1
2600:9000:2209:a800:9:46dc:4700:93a1
2600:9000:2512:5200:1a:5235:f980:93a1
2600:9000:25c8:4800:1b:cadc:ef40:93a1
2602:803:c002:300::36
2602:803:c002:300::98
2606:4700:10::ac43:293c
2606:4700:20::681a:246
2606:4700:20::681a:66e
2606:4700:3037::6815:41a
2606:4700::6810:3965
2606:4700::6811:2b8
2607:f8b0:4004:c0b::9a
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::200e
2607:f8b0:4006:816::2006
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::2004
2607:f8b0:4006:81c::2001
2607:f8b0:4020:804::2001
2607:f8b0:4020:804::2003
2607:f8b0:4020:804::2008
2607:f8b0:4020:805::2001
2607:f8b0:4020:805::2003
2607:f8b0:4020:806::2002
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::200a
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2a04:4e42:600::485
3.225.218.10
34.111.113.62
34.117.228.201
34.149.20.76
35.186.193.173
35.190.60.146
35.71.131.137
35.71.139.29
52.205.7.147
52.23.71.199
52.3.191.242
52.45.78.169
52.46.155.104
52.70.105.17
54.146.35.112
54.172.84.140
54.230.163.124
54.88.23.27
63.251.28.133
63.251.86.50
67.220.228.202
68.67.181.211
69.166.1.35
74.119.119.139
8.43.72.97
8.43.72.98
017e92684f9301c6edc3504af22d04183982c21b1b3ae04221140b6746baaba8
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06483d1af09fe201d80ff4fc8f93895e3898b5b3e2629af9bc9d85fcd30f57a4
064a3112be6d2f55331306cf2edd1ccc2a63cb9e3453a735861daba634d75188
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08a184bb8e17a3028350b402628040f572e5e6b2a57a5959c5acd78bfb1f5f9a
0a06df7b2f04d23d7e156a668eb69b238c68bdaecad0e6d954e58fde3e725b5e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c79e8606b6cce8b1d3d3fd72e2b4e5ab1a19bdc00501d407cbeb8d40c09d4a9
1162f1c47f371d5ca4192e405bb3059b3d582df339ce66b15ed7da465367dc80
1206a0fff7f8e27074b00ac3c9abece94df9312c7aba4ad8c8b44666f141c3ff
12ac786dd7d2df1c24377488b0cd75aa969d139420d5ac295be1e93f8fde493c
16584d00bde34db36e3c3fd2d68804f1a05ef12abe8570531e561134e1fec73d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1a87310dacb8e83018f2cbb037552a79868dafb9214613d442581b3f3eeea914
1a91cc53d98054493697f3fa81e2fbefa695bdd4e122524bf59e57d50719dc42
1ea50329b826918b0b803777e2f5ac48a3570aa1f9c06bc92b6a1731ae37654a
22caa2f838449dff34cf4b2e3d693ea3605903c403032431d294eef8d894da0e
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32b756bfa32d3c2a0a584ebaa8d5050f9db464fe5a7c7ca25bd54ebfea5b15fd
3430da2fac67c2a866dc7463500c2637eacdb6c3abeab65347f02317adbc2b3e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3677a201ab63c88c0d56d83e946665e5fb5d93bca0d4b7a7ff0588b7e0107f85
36a33ebf73afc5f7a6cdee51f0d2f70c15a844e424a74c5fcc25e425bd9a4dc8
36eb960a0f696bcea2ff0f7e1c190497b0434dc69b5f08e5ef966bf8a5fdb62e
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
398aaea091a54352bcde7ee272823fae32d2ec9cbf1d7547ec07e97f800192e7
3a2762ba48e0ce21f54e4b545f937fe83de3dd840d291134103d889dbb28d86e
3b45b26a597954e058c5af5f2e15ef7e315bd4571dbb86241fe47cd5395744ca
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3cd29fcd28558f2d1a4273dcca8b904b79b4ad2c19c0ce9d096da1e89f292546
3dd6334bbbdabc6a816851f5c2c4a71193190a0569359d4f8834e45b57e10dfb
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4383437e4c7973582c6fa37a8693ce3d30e4026a462995671533ef885b0a130a
43fe9baf723ed950dda46d8675f1123142eab8360bf5d71f3126de4978e5e74f
45081b381b2448cac81c3cc81ed427d216719a54890a2242e691ab7608a0ada8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48bed48790300a86a8b38be367b9fc7e124007d87d3ae1a1b5f9a05349dcf9a5
4b5a1c328f781b61a764d17923f440cc970d6f699849bcc236e894a0d51c72bd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7
51f4dc64108e838c8879494af7e51ff28088766f95b52b7d3444b1f4e0e77d0b
527718fd2692a8581d7fb4e3d42fed33df4b4dc56632b1cc06344180902e5ef3
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187
5369907163ac4f204bd871d3db2537d401ac4bf2cb034da05bcc0af1271eb5f9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e01dbd445b3e609dba673bd82bdf1969b350936a70c9e1a234ad3cddec16de
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5b489849f86636e88d98772735af2416b3c3e85076f7135b4ca14a08764e4774
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d
60dc3bb507df5e166862248771d6a0c2597f7dd318613c7c4478c9faeba80840
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e69f1c3711825b5166ddcbd07539e556ce7068917ad7701a5af5b4814f33
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
62d056f363b8b39fd0f85690a31012fcb6f1f0cef642bb247fc8ae627e33ac6d
64b5c64d8600b52c7750278da76ec7cb2ae1b6ac40831ef3e7f3402e970f9525
64f168455859b28f4a27d3f9c07063c7011cb6b4ab0e75dbad02869067884b8d
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6707a3c68df726150faa7897909a1052309a6d021c0c699d1261a0a0945f10e4
6800d363cb5a534231c868a110cc4762d636d4df062c41a407c1c091e959e96f
6bdd776cb16e22b3dd4e315156ff4c68d66d770079fdcdbeb381021529c9c544
729193687b34515324d1c9020777b3d86b9f42d1fdbcb5998824944c601bcd54
75f60b8ba8974945a0ffcd6f2e93258cdac42a785b9d478ec3786881e2abcbee
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7a36cfe069f3a0762652d5b30060d711b1c3261ea54ad353241a265db227812c
7a929bcd8cce2585ea3be49e84b6735c35debe93e48f62f5dd7e4fc4b33825e5
7c305b7ad1d78bd67cd5af248ce383aa062d4d09e779b2add0c732469d32badb
7d1ceb94e880da6a9d0d5dbc9bca2163e767f3eb9c4c9a6583a2ce64255a83cd
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8109cf8ec5546bd1865b1850b83ce3ee5cc358cc0bfdc14d52b5f5cb59a93d71
81c68e93b5bad4332a72ee44e13adf8f0ad4a709f0ff5b93f37d985485ff903b
8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8e4186bd2cfa76f7a48100c5d1edb1909b37f68f1e33508f92edb72017a40406
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
90344adeb8e502c0a5582900ed8480f49e834970830b5f7fccdef17f68cb75fa
915a4f4841a2fc128f33bac8815a6b9e041a16a07e328aa6c22041167cb31987
92ca1736ee4a07da4aec1bf75f1cf294129e25ba87ea6198627837448e9b1f5e
93dc5afee0d7c64a418ee3804bb76f9855e7ff5a501a26ed29cd544f066bb6d3
950487041eb8b857d86436c10b487f194b9b97a4205366978d9b945de8164ccb
98174e30b9f1468b96f8d317978ded9f514e77d8903f5c1a95463bc43c51f298
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9924f0aee1ecba1673c4e75a3b78b53dc3e63bc7dceadd5a9ae7ccfb1e2c0e3a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be1ff5169a3fc6334c134a96df76938723501a00fe5ad2d152f10a573595d7e
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e424ab30e57e903c77ed203fd48b8e240c9333d18eada751c7a5744ad5ac5f7
9e6dab1cacda3a4a07e374d1364e01aa182806cafee7421cc7bccf5ca347f3de
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a13bba05bc65835222eb71040bba525c75e73845a2b3f10b7ccbe7fc35e130ae
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1cb10406a6a28655351f567b6851b114056e8b2b2b773d0aca26cb3da966143
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907
a6778aac1a3b22c7997c1b8d951e2fe5224a2b45f3133294e908d43e6d84e394
a71902890d932247a4c1a8f83c6f0b8dd7a6e7a12d64524559aa158c9a19f1db
a8642b2144f5f3473de287de8bf9960e40c66bacb4845580accdd400c52a7fa7
a872bbbb6742e0d8756d7e5c7ad9f117ea78f7985fbbd6861adfced3648fd774
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac029ed357e9abcb27b7afb2c5e3ffd7b0877924f8707c32c0a094e9a2027b2d
ad4e421119302e89d2ef10d7461de4fd4d6318c1529c36ee973c4c17ea3e31d9
ad74a7f477d4dbe1cecfc7591f728f9d7236efb402e337634cd3d14c321c1ac7
b013c2c47077742878ed5169c4f564d0d5278a480d7aac99ef7df75a783359e9
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25fabbdd4608ade7c022b666c1cc2e631a9d403fc29535df2789ed0bca96817
b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b9eab613f27dc9efb747630f963208741cc088b586edfbfdaaebf7d733dc2d63
bba3a253608d50cff0174ea1102b3ff4e93993be25d07c0e0223f20f19c37382
beea121e5188b863d6e08e80e8b9744ecebf9cdd37f201a9b2b4000fd6af900f
bf2251fa0d25ff7169dc9c75e11526578a71434eb9b25487dc2228f13bfc2bf2
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
bf690803e1fc3c3d03595643914712996adb559fb7846cf6c69b8f83275d47b6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c427820d10fd65f85b3f4165edd9586dedb7050815e868589fa5053427141ad0
c54eb47c8ffc83c5ceeff7a5f3bb3544c4eec6c92091f3ee37f36ab36b09fd88
c5cc340c08cd853d82cd532d2f58de982e0c8fc015b7116f837202d52b129508
c6026b5e35c99959ff49bb57e086263c3145cf10054c10448b944348d7a3d2ab
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c85bf82b1839f7ce776633ba44f9bafe42b7bece4581e008e641274134810f4d
c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd
ca73ce16bf82732ed93a9b6087c7bc63ac2d76e285ca5d7a34411b47ee49995f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc6f237c59aa6b0f45874b67ecdafc85249bd1f870a4507afa225f8010141012
cd594deba343e24788a95c61f98cecd9e107ddbc82ac9c95033a71aa4dc22a64
ce32ae882f40c9033f5d7fc2704b9be9cee32aa7d53023f20fdb966ab3e01119
cf2350a7ba804e2c8e117ac52a185bbc5b4ae59e50b6cebfd5d77fd3eaebd24c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d26f0552bbcdf57b802dc4fb481f0623f6bad3129c35da64310e5c50ef1d44a9
d4be3ac72f80e7f9de3f25f566fe693f2ff4ca40467d0ebb0f2ace003f2eed98
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64
e2a0ebb4c1e2bfeb215c6d41bb6c4fb0fac5a228fddf6a4bc77ef08e7f2e7477
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d1a7e5a7458fab350938e5d27ac4a5715e3c27e00e4d0287e406721cebd8db
e686f777af902c3b49e5143f9205136effcd04b661d8c863a8380e75a0d3a97d
e7d966b93453ecd66f4633ebf4cfa77e88a8fd891507ee213a6fa8f836a992e1
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eed41569c5406a72f15d1cf51192eb8f2ee0fc44e64cbc97b50cf7f7f5437e3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1541501090897e0804ad3205d903eb61d4fed83ed28d2a903272f614ee894b7
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f8f69294cb3228695da3ba9b677db613089da1f680cc7daba635881b6e6554af

captcha.bot Open in urlscan Pro 2606:4700:20::681a:66e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

271 Requests

86 %HTTPS

44 %IPv6

64 Domains

96 Subdomains

73 IPs

5 Countries

4147 kBTransfer

11155 kBSize

96 Cookies

5 Outgoing links

Page URL History

Redirected requests

271 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

captcha.bot Open in urlscan Pro
2606:4700:20::681a:66e Public Scan

Screenshot
Live screenshot

Full Image

271
Requests

86 %
HTTPS

44 %
IPv6

64
Domains

96
Subdomains

73
IPs

5
Countries

4147 kB
Transfer

11155 kB
Size

96
Cookies

271 HTTP transactions
11 data transactions