controlc.com Open in urlscan Pro
2606:4700:3034::681c:16af Public Scan

Go To Rescan
Add Verdict Report

URL:
https://controlc.com/78e7fdfd
Submission: On September 27 via manual (September 27th 2020, 4:54:15 pm UTC) from GB

Summary HTTP 197 Redirects Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 37 domains to perform 197 HTTP transactions. The main IP is 2606:4700:3034::681c:16af, located in United States and belongs to CLOUDFLARENET, US. The main domain is controlc.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2020. Valid for: a year.

This is the only time controlc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:303... 2606:4700:3034::681c:16af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	23.111.10.144 23.111.10.144	33438 (HIGHWINDS2) (HIGHWINDS2)
24	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
28	99.86.243.3 99.86.243.3	16509 (AMAZON-02) (AMAZON-02)
2 34	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1	40.84.148.247 40.84.148.247	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:821::2010	15169 (GOOGLE) (GOOGLE)
2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	67.202.110.22 67.202.110.22	32748 (STEADFAST) (STEADFAST)
1 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2	104.111.215.135 104.111.215.135	16625 (AKAMAI-AS) (AKAMAI-AS)
3	52.72.161.243 52.72.161.243	14618 (AMAZON-AES) (AMAZON-AES)
2	213.19.147.210 213.19.147.210	26120 (RHYTHMONE) (RHYTHMONE)
2 6	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:206... 2600:9000:206e:e200:5:ee0e:9e80:21	16509 (AMAZON-02) (AMAZON-02)
1	99.86.245.175 99.86.245.175	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:1a00:d:77c3:2dc0:21	16509 (AMAZON-02) (AMAZON-02)
1	52.14.71.94 52.14.71.94	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:b400:1c:386f:ec80:21	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:10:... 2606:4700:10::6814:190b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:5a00:10:3422:3f00:21	16509 (AMAZON-02) (AMAZON-02)
3	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
2	3.224.156.224 3.224.156.224	14618 (AMAZON-AES) (AMAZON-AES)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-) (VCLK-EU-)
1	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.196.104.43 18.196.104.43	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206e:5000:1a:5302:20c0:21	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
3 3	3.126.15.129 3.126.15.129	16509 (AMAZON-02) (AMAZON-02)
1 2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1	208.100.17.185 208.100.17.185	32748 (STEADFAST) (STEADFAST)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
197	43

19 2606:4700:3034::681c:16af (United States)

ASN13335 (CLOUDFLARENET, US)

controlc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.144 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.fancybar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ff4c237f123bfea15fc533c2bb6af73a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
086fe969c5c7532c0d30644252515e72.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
94b9174523f19b2eae2e13a4cc2ca745.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
401ac98cc6e4a7969e86bda475541387.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
367964d5ab8590bf240293b099a2ae36.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 99.86.243.3 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-3.vie50.r.cloudfront.net

yadloop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.84.148.247 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ads3.mthsense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.110.22 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-110.static.steadfastdns.net

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

os4m-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insticator-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.72.161.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-161-243.compute-1.amazonaws.com

x.yieldlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.220.242 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:e200:5:ee0e:9e80:21 (United States)

ASN16509 (AMAZON-02, US)

d3oi8laqsvc6ey.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.245.175 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-245-175.vie50.r.cloudfront.net

d2na2p72vtqyok.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1a00:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2s8wlbatk24s7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.14.71.94 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-14-71-94.us-east-2.compute.amazonaws.com

includemodal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:b400:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)

d3lcz8vpax4lo2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6814:190b (United States)

ASN13335 (CLOUDFLARENET, US)

geoip.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b2c.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:5a00:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)

df80k0z3fi8zg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.156.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-156-224.compute-1.amazonaws.com

pa.rxthdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1460 (Sweden)

ASN41041 (VCLK-EU-, SE)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.210.196.208 (Arlington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:5000:1a:5302:20c0:21 (United States)

ASN16509 (AMAZON-02, US)

dh014lg6uwepv.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.150 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.15.129 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-15-129.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.185 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip185.208-100-17.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com ff4c237f123bfea15fc533c2bb6af73a.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 086fe969c5c7532c0d30644252515e72.safeframe.googlesyndication.com 94b9174523f19b2eae2e13a4cc2ca745.safeframe.googlesyndication.com 401ac98cc6e4a7969e86bda475541387.safeframe.googlesyndication.com 367964d5ab8590bf240293b099a2ae36.safeframe.googlesyndication.com	126 KB
28	yadloop.com yadloop.com	38 KB
28	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	557 KB
19	controlc.com controlc.com	188 KB
11	googletagservices.com www.googletagservices.com	273 KB
8	google.com 1 redirects adservice.google.com www.google.com	873 B
6	cloudfront.net d3oi8laqsvc6ey.cloudfront.net d2na2p72vtqyok.cloudfront.net d2s8wlbatk24s7.cloudfront.net d3lcz8vpax4lo2.cloudfront.net df80k0z3fi8zg.cloudfront.net dh014lg6uwepv.cloudfront.net	160 KB
6	adnxs.com 2 redirects ib.adnxs.com	7 KB
5	ampproject.org cdn.ampproject.org	107 KB
4	insticator.com geoip.insticator.com b2c.insticator.com event.insticator.com	860 B
4	1rx.io 2 redirects tag.1rx.io sync.1rx.io	2 KB
4	openx.net 1 redirects os4m-d.openx.net insticator-d.openx.net eu-u.openx.net us-u.openx.net	1 KB
4	google.de adservice.google.de www.google.de	572 B
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	emxdgt.com 1 redirects hb.emxdgt.com cs.emxdgt.com	715 B
3	fastly.net confiant-integrations.global.ssl.fastly.net	97 KB
3	yieldlift.com x.yieldlift.com	2 KB
2	sonobi.com apex.go.sonobi.com sync.go.sonobi.com	1 KB
2	rxthdr.com pa.rxthdr.com	275 B
2	casalemedia.com htlb.casalemedia.com	511 B
2	rubiconproject.com fastlane.rubiconproject.com	2 KB
2	33across.com ssc.33across.com	692 B
2	lijit.com ap.lijit.com	1 KB
2	google.se adservice.google.se	317 B
2	google-analytics.com www.google-analytics.com	18 KB
1	tynt.com ic.tynt.com	227 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	629 B
1	pubmatic.com hbopenbid.pubmatic.com	57 B
1	aralego.com hb.aralego.com	321 B
1	dotomi.com web.hb.ad.cpe.dotomi.com	372 B
1	includemodal.com includemodal.com	133 B
1	googleapis.com storage.googleapis.com	303 KB
1	mthsense.com ads3.mthsense.com	3 KB
1	fancybar.net cdn.fancybar.net	8 KB
0	districtm.io Failed dmx.districtm.io Failed
0	360yield.com Failed ice.360yield.com Failed
0	gumgum.com Failed g2.gumgum.com Failed
197	37

	Domain	Requested by
28	yadloop.com	controlc.com yadloop.com
24	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net controlc.com yadloop.com
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com controlc.com cdn.ampproject.org confiant-integrations.global.ssl.fastly.net
19	controlc.com	controlc.com
15	pagead2.googlesyndication.com	securepubads.g.doubleclick.net controlc.com
11	www.googletagservices.com	controlc.com securepubads.g.doubleclick.net d3lcz8vpax4lo2.cloudfront.net
6	ib.adnxs.com	2 redirects storage.googleapis.com df80k0z3fi8zg.cloudfront.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	adservice.google.com	securepubads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	confiant-integrations.global.ssl.fastly.net	d3lcz8vpax4lo2.cloudfront.net confiant-integrations.global.ssl.fastly.net
3	x.yieldlift.com	storage.googleapis.com
3	www.google.com	1 redirects controlc.com
3	adservice.google.de	securepubads.g.doubleclick.net
2	367964d5ab8590bf240293b099a2ae36.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cs.emxdgt.com	1 redirects
2	sync.1rx.io	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	event.insticator.com	d3lcz8vpax4lo2.cloudfront.net
2	pa.rxthdr.com	df80k0z3fi8zg.cloudfront.net
2	tag.1rx.io	storage.googleapis.com df80k0z3fi8zg.cloudfront.net
2	htlb.casalemedia.com	storage.googleapis.com df80k0z3fi8zg.cloudfront.net
2	fastlane.rubiconproject.com	storage.googleapis.com df80k0z3fi8zg.cloudfront.net
2	ssc.33across.com	storage.googleapis.com df80k0z3fi8zg.cloudfront.net
2	ap.lijit.com	storage.googleapis.com df80k0z3fi8zg.cloudfront.net
2	94b9174523f19b2eae2e13a4cc2ca745.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.se	securepubads.g.doubleclick.net
2	www.google-analytics.com	controlc.com www.google-analytics.com
1	sync.go.sonobi.com
1	ic.tynt.com
1	sync.targeting.unrulymedia.com	1 redirects
1	us-u.openx.net
1	eu-u.openx.net	1 redirects
1	dh014lg6uwepv.cloudfront.net	controlc.com
1	hb.emxdgt.com	df80k0z3fi8zg.cloudfront.net
1	hbopenbid.pubmatic.com	df80k0z3fi8zg.cloudfront.net
1	hb.aralego.com	df80k0z3fi8zg.cloudfront.net
1	web.hb.ad.cpe.dotomi.com	df80k0z3fi8zg.cloudfront.net
1	insticator-d.openx.net	df80k0z3fi8zg.cloudfront.net
1	apex.go.sonobi.com	df80k0z3fi8zg.cloudfront.net
1	df80k0z3fi8zg.cloudfront.net	d3lcz8vpax4lo2.cloudfront.net
1	b2c.insticator.com	d3lcz8vpax4lo2.cloudfront.net
1	geoip.insticator.com	d3lcz8vpax4lo2.cloudfront.net
1	d3lcz8vpax4lo2.cloudfront.net	d2na2p72vtqyok.cloudfront.net
1	includemodal.com	controlc.com
1	d2s8wlbatk24s7.cloudfront.net	d3oi8laqsvc6ey.cloudfront.net
1	d2na2p72vtqyok.cloudfront.net	controlc.com
1	d3oi8laqsvc6ey.cloudfront.net	securepubads.g.doubleclick.net
1	401ac98cc6e4a7969e86bda475541387.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net	controlc.com
1	os4m-d.openx.net	storage.googleapis.com
1	storage.googleapis.com	ads3.mthsense.com
1	086fe969c5c7532c0d30644252515e72.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ads3.mthsense.com	securepubads.g.doubleclick.net
1	www.google.de	controlc.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ff4c237f123bfea15fc533c2bb6af73a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.fancybar.net	controlc.com
0	dmx.districtm.io Failed	df80k0z3fi8zg.cloudfront.net
0	ice.360yield.com Failed	df80k0z3fi8zg.cloudfront.net
0	g2.gumgum.com Failed	df80k0z3fi8zg.cloudfront.net
197	61

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-13` - `2021-08-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.fancybar.net COMODO RSA Domain Validation Secure Server CA	`2018-09-10` - `2020-09-09`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
yadloop.com Amazon	`2020-09-24` - `2021-10-26`	a year	crt.sh
ads3.mthsense.com Go Daddy Secure Certificate Authority - G2	`2019-09-03` - `2020-11-01`	a year	crt.sh
*.google.se GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.yieldlift.com Amazon	`2020-02-16` - `2021-03-16`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
includemodal.com Amazon	`2019-12-13` - `2021-01-13`	a year	crt.sh
*.insticator.com Sectigo RSA Organization Validation Secure Server CA	`2020-08-24` - `2021-08-24`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.emxdgt.com Amazon	`2020-07-31` - `2021-08-30`	a year	crt.sh
pa.rxthdr.com Amazon	`2020-01-17` - `2021-02-17`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh

This page contains 42 frames:

Primary Page: https://controlc.com/78e7fdfd
Frame ID: 803459A4826DF304C456ED7764132353
Requests: 34 HTTP requests in this frame

Frame: https://controlc.com/78e7fdfd/fullscreen.php?hash=b502f441377b0b2a14e24b366a6c5ccd&linenum=false
Frame ID: A61789E7EFA44E273BA48CD30048CE8B
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5j6lsQk-otdMul5GFaQuWBlpPJPSGbF6Ui2d2WQs2gIEcdBM8zBJJ5c8usbNzA3HLrD4aP_-DTIzkN6tpEsFExXi3PjsX_MV-oRE2mPcWCZxpB1rLgp_D1WG_Wz40topsAaEy-xmLU-b84btJZebsPJ96Qt6ei6D2h7HOhHkDP-sYSnip4jP2V0Sr9QqwbQYK-mdpfWfoPROIOZTZ-NcBRgX_w1UJNI6_Kax_vp0--7syNd_GCO2TWYINm15hVXoYznhc9d4s016NNI95KLH1mqaTAVsuBA&sai=AMfl-YRGqnl_ZcMeo51bGx_ElAHAT3PsDszQL2bZsRUQt0N_BnPlSb-8lFaekhUarpEMmVgQClkd2fqEAQfzbw36Yy3jZnSReyy_Jk3dj1YyiQUj1URRNtNLU6HgS96-V0as&sig=Cg0ArKJSzC2QzfDpTe9ZEAE&urlfix=1&adurl=
Frame ID: D94788C79349F6B661C5BB4A619E2119
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0noi10Qj8voJBtLFZJGcdeW-_7vZALaGwYESGig8m3diabQwiw1_ZrdTJwxZp0jRk1-b7rHEqb-CaF5H3Nimuu1d1xL0ImUOrY6AROIbo7Guggg1jpD3RVZFFV44ZIBVQwFmW_R6ih8JR2VvmhVnk-Trzg30ZNC2VU6UwL6kCwBMRN1O187AVvp9WqW_dFcixqvjOKWqTml9SPicUxoGoIyVxNUcfgwa1OoIRpmvrlBYOpdxN0HZinZdTMn4KAMTdLtlJVyUM1DcJZqM&sai=AMfl-YQWnVofQPPmSCm3tXpqmRj766_xJh8oMsRl6Pu8TSRtBIj8iHVijevdY6NlN24NvV9Gi7Y30Bf8HCk_M2_2a1RahSRxTle8Dm-6VYh6-pk_0UGTr6zjIv-F7x917cXE&sig=Cg0ArKJSzCVpbFTOCFhMEAE&urlfix=1&adurl=
Frame ID: C98EAF3A9101F264BD439936CA755ACB
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7mORlfnMgAgAx_Nxc-gXEVbXneztJQjFz6iKgQTvG0YtrQTIR6TRnF5n5UsUgAIPW2gLL8JadhoupIrFwrKgw73A3wnX-NdzDapIDuNuPlDrLhluSt5_2KsiE3Y49f1NLfp2Plq5W92o8rmap4kd4E6Ig3jbzWlQKaiBAh2bQ4zZIpAviVpYGgVoOdoHyNn5EGAUrqjfsxeczNIeJw_7-Ku9_zvs5J3I1G9SlRvvkmq_bnHe5B8L7UuV0bwRN7JoiM786wCu4u05OpsfK_xmnPz1oaQ&sai=AMfl-YS3owHMyirEL8y9reS2Atg2CTNwo4_TMOzwSN3MEg42G2bh_0kBsXakxlH23b_lbUQRUCDVxMTYy8BjYhRHvrA1Vh11do-eBlEVCA0UzewFK17hIYT17ykr3G-7eJkW&sig=Cg0ArKJSzPajcG-Ykl9GEAE&urlfix=1&adurl=
Frame ID: AF6244037E80D927E59DEC339960C787
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html
Frame ID: E1D6CF7838726DF86B34873DC550722E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: EF5A1BE21A662D93F42D6F54B48EE254
Requests: 10 HTTP requests in this frame

Frame: https://yadloop.com/send?i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e703&cb=0012691601225639550
Frame ID: 9287AAD2D9C9EBAEC9C47A3433480733
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/counter?i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a37&cb=1562031601225639552
Frame ID: 8757481CE3A0047017F8D64C122A0199
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/user?i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc1&cb=1188131601225639554
Frame ID: C60CCFAF9F8980DFAF1E98BAAF34BA0E
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/user?i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d31&cb=4892411601225639555
Frame ID: 63930B57076C52DA5EAC235A5FA15543
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e75&cb=6029191601225639558
Frame ID: BCFDD98D2929422AA8490928E40EA330
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b1&cb=5754131601225639560
Frame ID: EE6B1A4706BFFEF4C8112F30ED66E2A5
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/counter?i=qwpqn1ipjtdny52xwe&a=09d0930f2b4393c086049204715f636f9&cb=7690471601225639561
Frame ID: 157C3B995D377166E8EF354DCDDC2D36
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/async_usersync?i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d85&cb=3120461601225639562
Frame ID: CBFFF765973D137B06462DDF5703581F
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stats?i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1757&cb=7342301601225639563
Frame ID: 765D15C0B39965100CD7192AB86E400F
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/count?i=qwpqn1ipjtdny52xwe&a=882897f02d8d04f5e2ca7fe9428c3a165&cb=5693541601225639564
Frame ID: BB0796DDC9CA50156E98EFCD1FDA760C
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/async_usersync?i=qwpqn1ipjtdny52xwe&a=4c573560928388de17c545349516a3953&cb=1758521601225639566
Frame ID: 2B0CE999BC0F16CC08755E8C468AE0DE
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260889&cb=9347841601225639567
Frame ID: 569EBAAEA7B66A47F9E08F9ADD00A835
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0B33A63BC842BE272260313995753795
Requests: 11 HTTP requests in this frame

Frame: https://yadloop.com/stats?i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe485&cb=0593911601225639588
Frame ID: 44EC6709A72478D364343E4876A2BF4A
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/syncro?i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab303&cb=8756091601225639590
Frame ID: E5C73E2D524EA480B9FE47E766917406
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/stats?i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba021&cb=6329731601225639591
Frame ID: FB11F364AD2E2616187003395FEB858B
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f7&cb=9556521601225639592
Frame ID: 39C7B51686868171A7D0521627F8CD40
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/count?i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475215&cb=9631831601225639593
Frame ID: 2BCDB13A35A9B644F4B6EFE6EDC2F30B
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/sync?i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a5&cb=5015751601225639595
Frame ID: 6251BA269BAD8757BB0A709D16F02329
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f9&cb=2013601601225639596
Frame ID: A75E82CDEDCBCE3BD739EEDDA91D9EB9
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a97&cb=2910721601225639597
Frame ID: 905DF81055D1D9E898BC327D7E13D4FD
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/usync?i=uml4x413apkiqmcvre&a=85b4506f143331b6cfb4268b28c6782c1&cb=1490801601225639598
Frame ID: EF96E1B46D207E253B2C5801713C9E11
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/send?i=uml4x413apkiqmcvre&a=ff33ef70b2e2b9a48741989d191427915&cb=1679211601225639599
Frame ID: CBA7E7572250F3F86D756BF76926CCB3
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/async_usersync?i=uml4x413apkiqmcvre&a=9792f07ae0a3c3452c98dee5591d78631&cb=6046321601225639601
Frame ID: 5A88DC561F5AB850A2D4F3A614440D35
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb33&cb=8139071601225639602
Frame ID: 7EA0FF72DF7C83E9B08FC90B1E3E204D
Requests: 1 HTTP requests in this frame

Frame: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Frame ID: 331CB2F0AF1C843B03E7B4157825EF37
Requests: 26 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.js
Frame ID: 2F6D0DA24EB0DC3C48A023C421F0AD1D
Requests: 16 HTTP requests in this frame

Frame: https://94b9174523f19b2eae2e13a4cc2ca745.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Frame ID: 691D35B0C4F849C9BEEC87F5A37A06BC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html
Frame ID: FCBEA4D61E94A983E28D1D090EC20CA4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html
Frame ID: 9FBC9A80D15FEE2B98E4787B7356DAD9
Requests: 1 HTTP requests in this frame

Frame: https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Frame ID: FE48D905F49ABF70A406A090D25B4E8D
Requests: 46 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html
Frame ID: CD43CCF18C45D9C9F2060A735DBD2B6A
Requests: 1 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 2FD004DFC91C7C05C165B7F406DC6AAB
Requests: 1 HTTP requests in this frame

Frame: https://367964d5ab8590bf240293b099a2ae36.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Frame ID: EB271B1A88E1C202C429349717169AFC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html
Frame ID: 0D022F5E791A000B0AD940854B018844
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

197
Requests

98 %
HTTPS

43 %
IPv6

37
Domains

61
Subdomains

43
IPs

6
Countries

1897 kB
Transfer

4849 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 178

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJVXBnRs4xSQASewTpyynsw&google_cver=1

Request Chain 179

https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-379ead06-b3af-4147-a5aa-e96e3e893cef-003&rndcb=3476529857 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-379ead06-b3af-4147-a5aa-e96e3e893cef-003&rndcb=3476529857 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=29a6145a-df3f-43f1-9412-7d60d8b48c89&google_hm=MjlhNjE0NWEtZGYzZi00M2YxLTk0MTItN2Q2MGQ4YjQ4Yzg5 HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELovOS-DMJiI75qmvYxv6iM&google_cver=1&ssp=adconductor&bsw_param=29a6145a-df3f-43f1-9412-7d60d8b48c89 HTTP 302
https://sync.1rx.io/usersync/bidswitch/29a6145a-df3f-43f1-9412-7d60d8b48c89?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-379ead06-b3af-4147-a5aa-e96e3e893cef-003?redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3DRX-379ead06-b3af-4147-a5aa-e96e3e893cef-003 HTTP 302
https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-379ead06-b3af-4147-a5aa-e96e3e893cef-003

Request Chain 180

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=5426024513097824831

Request Chain 181

https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24EMXUID HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=5426024513097824831&redirect=https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$EMXUID

197 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 78e7fdfd Show response
controlc.com/ 10 KB
4 KB 84ms
66ms Document
text/html 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: dc5e458dcc21cfe34d27361f3491be84fb9a5da80ea1e1442ca87997d7d3c9f8

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /78e7fdfd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 27 Sep 2020 16:53:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d989d91d059f795f299413c27bf469c451601225638; expires=Tue, 27-Oct-20 16:53:58 GMT; path=/; domain=.controlc.com; HttpOnly; SameSite=Lax PHPSESSID=c05f9c139008aaebf2388b608d7c2e9a; path=/ tinychat_box=1601225638; expires=Mon, 28-Sep-2020 16:53:58 GMT; Max-Age=86400; path=/; domain=.tinypaste.com
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0572155b130000d72d6f06a200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d96be71be3cd72d-FRA
content-encoding: br

GET
H2 200 global.css
controlc.com/public/css/ 12 KB
3 KB 17ms
14ms Stylesheet
text/css 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/global.css
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 5468
cf-polished: origSize=15109
status: 200
cf-request-id: 0572155b5e0000d72d6f070200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-3b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5d96be723f6cd72d-FRA
cf-bgj: minify

GET
H2 200 bootstrap.css
controlc.com/public/css/ 80 KB
13 KB 23ms
19ms Stylesheet
text/css 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/bootstrap.css
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 5468
cf-polished: origSize=99036
status: 200
cf-request-id: 0572155b5e0000d72d6f071200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-182dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5d96be723f70d72d-FRA
cf-bgj: minify

GET
H2 200 bootstrap-responsive.css
controlc.com/public/css/ 10 KB
2 KB 16ms
13ms Stylesheet
text/css 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/bootstrap-responsive.css
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 5468
cf-polished: origSize=14308
status: 200
cf-request-id: 0572155b5e0000d72d6f072200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-37e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5d96be723f73d72d-FRA
cf-bgj: minify

GET
H2 200 view.css
controlc.com/public/css/ 598 B
438 B 15ms
12ms Stylesheet
text/css 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/view.css
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 467b1db9776e63a47ad4b041976647f292a3ce02da70383613325e4dea1ef734

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 3097
cf-polished: origSize=752
status: 200
cf-request-id: 0572155b5e0000d72d6f073200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-2f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5d96be723f74d72d-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
controlc.com/public/js/ 148 KB
30 KB 23ms
21ms Script
application/javascript 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/jquery.js
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 5262
cf-polished: origSize=153534
status: 200
cf-request-id: 0572155b5e0000d72d6f074200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-257be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5d96be723f75d72d-FRA
cf-bgj: minify

GET
H2 200 view.js Show response
controlc.com/public/js/ 2 KB
724 B 46ms
43ms Script
application/javascript 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/view.js?x=1601225638
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb1720927d146fe5dc6901717017a7b373a4a55acbb15ed36677cfa5d2abcb08

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-7f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5d96be723f76d72d-FRA
cf-request-id: 0572155b600000d72d6f075200000001

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 53 KB
18 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0f03f670f5c16e9b22d787443db512d649c1c8ba0c87ce91e030fa06d752797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "645 / 592 of 1000 / last-modified: 1601071781"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17838
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:58 GMT

GET
H2 200 getpaid.png
controlc.com/public/images/ 6 KB
6 KB 19ms
19ms Image
image/png 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/getpaid.png
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:58 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 5468
etag: "555139ee-196e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d96be728837d72d-FRA
content-length: 6510
cf-request-id: 0572155b920000d72d6f07c200000001

GET
H2 200 logo.png
controlc.com/public/images/ 12 KB
12 KB 23ms
23ms Image
image/png 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/logo.png
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:58 GMT
cf-cache-status: HIT
last-modified: Thu, 19 Sep 2019 14:03:25 GMT
server: cloudflare
age: 5468
etag: "5d838aad-2f2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d96be72883ad72d-FRA
content-length: 12078
cf-request-id: 0572155b920000d72d6f07d200000001

GET
H/1.1 200
OK fancybar.js Show response
cdn.fancybar.net/ac/ 21 KB
8 KB 252ms
59ms Script
application/javascript 23.111.10.144
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fancybar.net/ac/fancybar.js?zoneid=1502&serve=C6ADVKE&placement=tinypaste
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.10.144 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f5a1212852709b2be58bf29e94fb8b53575c6596d744b192d2979474b062c4b3

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 27 Sep 2020 16:53:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 14:20:27 GMT
Server: NetDNA-cache/2.2
ETag: W/"5362-5900057953202"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 ab.png
controlc.com/ 67 KB
67 KB 14ms
14ms Image
image/png 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/ab.png
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 249a47240c54580905210bdba65667fee54315dc6ed4c35c080569b2526ac056

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:58 GMT
cf-cache-status: HIT
last-modified: Mon, 30 Mar 2020 10:19:31 GMT
server: cloudflare
age: 1359
etag: "5e81c7b3-10a35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d96be738a8bd72d-FRA
content-length: 68149
cf-request-id: 0572155c320000d72d6f087200000001

GET
H2 200 pubads_impl_2020091601.js Show response
securepubads.g.doubleclick.net/gpt/ 263 KB
92 KB 72ms
71ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 27 Sep 2020 16:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Sep 2020 08:40:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94378
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:58 GMT

GET
H2 200 bg.png
controlc.com/public/images/ 987 B
1 KB 15ms
15ms Image
image/png 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/bg.png
Requested by: Host: controlc.com
URL: https://controlc.com/public/css/bootstrap.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6

Request headers

Referer: https://controlc.com/public/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:58 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 5467
etag: "555139ee-3db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d96be73aac5d72d-FRA
content-length: 987
cf-request-id: 0572155c460000d72d6f089200000001

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 417 B
265 B 216ms
143ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3310163629507787&correlator=2133243008014921&output=ldjh&impl=fif&eid=21067118%2C21067200%2C21067397&vrg=2020091601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200927&iu_parts=1025874%2CPasted_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1601225638&dt=1601225638991&dlt=1601225638743&idt=227&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=0&adks=765271295&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&dssz=9&icsg=4010&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=351749556.1601225639&ga_sid=1601225639&ga_hid=1781650309&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

ed3d32260e0e8d830de9ab5f9dae226e810cbc3b23ce9c4e4a743ac45999d06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 224
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ff4c237f123bfea15fc533c2bb6af73a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 72ms
39ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ff4c237f123bfea15fc533c2bb6af73a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 163ms
116ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3310163629507787&correlator=2133243008014921&output=ldjh&impl=fif&eid=21067118%2C21067200%2C21067397&vrg=2020091601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200927&iu_parts=1025874%2CPasted_728x90_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1601225639&dt=1601225639022&dlt=1601225638743&idt=227&frm=20&biw=1600&bih=1200&oid=3&adxs=50&adys=163&adks=1406371575&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&dssz=13&icsg=64162&std=0&csl=89&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1500x90&msz=1500x90&ga_vid=351749556.1601225639&ga_sid=1601225639&ga_hid=1781650309&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

82e53fb879c382307f35880c9fbe5339ce8e90bb925c446163e9bb37db53933f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2824
x-xss-protection: 0
google-lineitem-id: 5214351027
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293538274
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ab.js Show response
controlc.com/ 5 KB
2 KB 14ms
14ms Script
application/javascript 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/ab.js
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 29 Mar 2020 09:43:08 GMT
server: cloudflare
age: 3325
etag: W/"5e806dac-1285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5d96be73fb69d72d-FRA
cf-request-id: 0572155c790000d72d6f08c200000001
cf-bgj: minify

GET
H2 200 fullscreen.php Show response
controlc.com/78e7fdfd/ Frame A617 2 KB
941 B 90ms
90ms Document
text/html 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/78e7fdfd/fullscreen.php?hash=b502f441377b0b2a14e24b366a6c5ccd&linenum=false
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 70c7d1e53c9c8dd120a4f74faf719b5bb087508446ba9479e2d3e363ef5dd679

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /78e7fdfd/fullscreen.php?hash=b502f441377b0b2a14e24b366a6c5ccd&linenum=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d989d91d059f795f299413c27bf469c451601225638; PHPSESSID=c05f9c139008aaebf2388b608d7c2e9a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
date: Sun, 27 Sep 2020 16:53:59 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0572155c790000d72d6f08d200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d96be73fb6bd72d-FRA
content-encoding: br

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 155ms
121ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3310163629507787&correlator=2133243008014921&output=ldjh&impl=fif&eid=21067118%2C21067200%2C21067397&vrg=2020091601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200927&iu_parts=1025874%2CPasted_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1601225639&dt=1601225639036&dlt=1601225638743&idt=227&frm=20&biw=1600&bih=1200&oid=3&adxs=1390&adys=109&adks=2762401180&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&dssz=18&icsg=1026762&std=0&csl=87&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=160x600&ga_vid=351749556.1601225639&ga_sid=1601225639&ga_hid=1781650309&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

a11935264f19ad1aae8868e716448f8e94c679b59f457fb69b071257384927ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2865
x-xss-protection: 0
google-lineitem-id: 5215140857
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293261120
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 146ms
118ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3310163629507787&correlator=2133243008014921&output=ldjh&impl=fif&eid=21067118%2C21067200%2C21067397&vrg=2020091601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200927&iu_parts=1025874%2CPasted_728x90_Bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1601225639&dt=1601225639041&dlt=1601225638743&idt=227&frm=20&biw=1600&bih=1200&oid=3&adxs=50&adys=740&adks=2507290776&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&dssz=22&icsg=4107050&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1520x723&msz=728x-1&ga_vid=351749556.1601225639&ga_sid=1601225639&ga_hid=1781650309&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

df5fea3a51a4e8e842e2e03b6fc81c69e83318f11a7e237af309c4245376b6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2559
x-xss-protection: 0
google-lineitem-id: 4655064465
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232062346
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 glyphicons-halflings.png
controlc.com/img/ 14 KB
14 KB 11ms
11ms Image
image/png 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/img/glyphicons-halflings.png
Requested by: Host: controlc.com
URL: https://controlc.com/public/css/bootstrap.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced

Request headers

Referer: https://controlc.com/public/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 5741
etag: "555139ee-3602"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d96be740b98d72d-FRA
content-length: 13826
cf-request-id: 0572155c860000d72d6f091200000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 5899
date: Sun, 27 Sep 2020 15:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Sun, 27 Sep 2020 17:15:40 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
64 B 14ms
14ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1781650309&t=pageview&_s=1&dl=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&ul=en-us&de=UTF-8&dt=Liliana%20Heart%20-%2078e7fdfd&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=60323812&gjid=215479943&cid=351749556.1601225639&tid=UA-62963607-1&_gid=1184822173.1601225639&_r=1&_slc=1&z=445554639

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:53:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://controlc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-62963607-1&cid=351749556.1601225639&jid=60323812&gjid=215479943&_gid=1184822173.1601225639&_u=IAhAAEAAAAAAAC~&z=135219214

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 27 Sep 2020 16:53:59 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://controlc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 29ms
28ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-62963607-1&cid=351749556.1601225639&jid=60323812&_u=IAhAAEAAAAAAAC~&z=239741461

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:53:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 29ms
29ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-62963607-1&cid=351749556.1601225639&jid=60323812&_u=IAhAAEAAAAAAAC~&z=239741461

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:53:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 global.css
controlc.com/public/css/ Frame A617 12 KB
3 KB 49ms
48ms Stylesheet
text/css 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/global.css
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd/fullscreen.php?hash=b502f441377b0b2a14e24b366a6c5ccd&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

Referer: https://controlc.com/78e7fdfd/fullscreen.php?hash=b502f441377b0b2a14e24b366a6c5ccd&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 5469
cf-polished: origSize=15109
status: 200
cf-request-id: 0572155cd80000d72d6f098200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-3b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5d96be748cafd72d-FRA
cf-bgj: minify

GET
H2 200 fullscreen.css
controlc.com/public/css/ Frame A617 312 B
342 B 14ms
13ms Stylesheet
text/css 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/fullscreen.css
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd/fullscreen.php?hash=b502f441377b0b2a14e24b366a6c5ccd&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b

Request headers

Referer: https://controlc.com/78e7fdfd/fullscreen.php?hash=b502f441377b0b2a14e24b366a6c5ccd&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 2626
cf-polished: origSize=426
status: 200
cf-request-id: 0572155cd80000d72d6f099200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-1aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5d96be748cb3d72d-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
controlc.com/public/js/ Frame A617 148 KB
30 KB 19ms
19ms Script
application/javascript 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/jquery.js
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd/fullscreen.php?hash=b502f441377b0b2a14e24b366a6c5ccd&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

Referer: https://controlc.com/78e7fdfd/fullscreen.php?hash=b502f441377b0b2a14e24b366a6c5ccd&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 5263
cf-polished: origSize=153534
status: 200
cf-request-id: 0572155cd80000d72d6f09a200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-257be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5d96be748cb5d72d-FRA
cf-bgj: minify

GET
H2 200 tinypaste.js Show response
controlc.com/public/js/ Frame A617 3 KB
1 KB 29ms
28ms Script
application/javascript 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/tinypaste.js
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd/fullscreen.php?hash=b502f441377b0b2a14e24b366a6c5ccd&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9

Request headers

Referer: https://controlc.com/78e7fdfd/fullscreen.php?hash=b502f441377b0b2a14e24b366a6c5ccd&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 1857
cf-polished: origSize=3335
status: 200
cf-request-id: 0572155cd80000d72d6f09b200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-d07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5d96be748cb7d72d-FRA
cf-bgj: minify

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame D947 0
0 100ms
99ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5j6lsQk-otdMul5GFaQuWBlpPJPSGbF6Ui2d2WQs2gIEcdBM8zBJJ5c8usbNzA3HLrD4aP_-DTIzkN6tpEsFExXi3PjsX_MV-oRE2mPcWCZxpB1rLgp_D1WG_Wz40topsAaEy-xmLU-b84btJZebsPJ96Qt6ei6D2h7HOhHkDP-sYSnip4jP2V0Sr9QqwbQYK-mdpfWfoPROIOZTZ-NcBRgX_w1UJNI6_Kax_vp0--7syNd_GCO2TWYINm15hVXoYznhc9d4s016NNI95KLH1mqaTAVsuBA&sai=AMfl-YRGqnl_ZcMeo51bGx_ElAHAT3PsDszQL2bZsRUQt0N_BnPlSb-8lFaekhUarpEMmVgQClkd2fqEAQfzbw36Yy3jZnSReyy_Jk3dj1YyiQUj1URRNtNLU6HgS96-V0as&sig=Cg0ArKJSzC2QzfDpTe9ZEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:53:59 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:59 GMT

GET
H2 200 t.js Show response
yadloop.com/ Frame D947 18 KB
18 KB 339ms
181ms Script
application/javascript 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash: b76fe86c6c98fb89fab2540d581a26218462a7bad1b6126fc9e2785c22764286

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 27 Sep 2020 16:53:59 GMT
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: XZ4cu3WOCxpULO2vZl4Mbwq8dv_Wm-bXU78-QYKFhNRugGAIqQcktg==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame D947 74 KB
28 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

762ec355f24c740559b048460b5a40aeb9965a70c883fdf5c454119d0c1e5e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28870
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:59 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f4becf7aa4520a267deefcfb80ed580800fa75b8c968d6bfd2ea9e14d65b642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:59 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 17ms
16ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020091601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8a9a8b91526efa6067283fcf4277853c7a78d460c6a25aac1cbe822b10fdd70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6380
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C98E 0
0 101ms
100ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0noi10Qj8voJBtLFZJGcdeW-_7vZALaGwYESGig8m3diabQwiw1_ZrdTJwxZp0jRk1-b7rHEqb-CaF5H3Nimuu1d1xL0ImUOrY6AROIbo7Guggg1jpD3RVZFFV44ZIBVQwFmW_R6ih8JR2VvmhVnk-Trzg30ZNC2VU6UwL6kCwBMRN1O187AVvp9WqW_dFcixqvjOKWqTml9SPicUxoGoIyVxNUcfgwa1OoIRpmvrlBYOpdxN0HZinZdTMn4KAMTdLtlJVyUM1DcJZqM&sai=AMfl-YQWnVofQPPmSCm3tXpqmRj766_xJh8oMsRl6Pu8TSRtBIj8iHVijevdY6NlN24NvV9Gi7Y30Bf8HCk_M2_2a1RahSRxTle8Dm-6VYh6-pk_0UGTr6zjIv-F7x917cXE&sig=Cg0ArKJSzCVpbFTOCFhMEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:53:59 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:59 GMT

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame C98E 8 KB
3 KB 692ms
176ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.mthsense.com/RenderAd.aspx?id=14896&width=728&height=90
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c99008a8943fed0f67f8f309c2873e0d006b3c91e9e76fb474123f86688eba51

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 27 Sep 2020 16:53:59 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 2865

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C98E 74 KB
28 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

762ec355f24c740559b048460b5a40aeb9965a70c883fdf5c454119d0c1e5e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28870
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:59 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AF62 0
0 99ms
99ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7mORlfnMgAgAx_Nxc-gXEVbXneztJQjFz6iKgQTvG0YtrQTIR6TRnF5n5UsUgAIPW2gLL8JadhoupIrFwrKgw73A3wnX-NdzDapIDuNuPlDrLhluSt5_2KsiE3Y49f1NLfp2Plq5W92o8rmap4kd4E6Ig3jbzWlQKaiBAh2bQ4zZIpAviVpYGgVoOdoHyNn5EGAUrqjfsxeczNIeJw_7-Ku9_zvs5J3I1G9SlRvvkmq_bnHe5B8L7UuV0bwRN7JoiM786wCu4u05OpsfK_xmnPz1oaQ&sai=AMfl-YS3owHMyirEL8y9reS2Atg2CTNwo4_TMOzwSN3MEg42G2bh_0kBsXakxlH23b_lbUQRUCDVxMTYy8BjYhRHvrA1Vh11do-eBlEVCA0UzewFK17hIYT17ykr3G-7eJkW&sig=Cg0ArKJSzPajcG-Ykl9GEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:53:59 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:59 GMT

GET
H2 200 t.js Show response
yadloop.com/ Frame AF62 18 KB
18 KB 332ms
193ms Script
application/javascript 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash: 02dabb341cdbba4ef141dcf8f8804a22e6a9ad62dbc49ee379bc891c8528bd23

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 27 Sep 2020 16:53:59 GMT
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: webmqS2pgBuDVctA2oy7XOvL51be3b_h_EH1JunrtbjQxZrt4anLjg==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF62 74 KB
28 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

762ec355f24c740559b048460b5a40aeb9965a70c883fdf5c454119d0c1e5e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28870
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:59 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 62ms
49ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600730918364481"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:59 GMT

GET
DATA 200
OK truncated
/ Frame D947 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e72787910d0126f2c705ff41ebef2cf6b9e4dcc5f6ade5ecc9dbd3bbbedd8b25

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AF62 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b70122e8423c5efaf49267085346cd58a29204107062227685012f7327a067e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/216/ Frame E1D6 0
0 6ms
6ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/216/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4674
date: Sun, 27 Sep 2020 16:02:58 GMT
expires: Mon, 27 Sep 2021 16:02:58 GMT
last-modified: Mon, 21 Sep 2020 21:29:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3061
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
51 B 15ms
15ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gpt_2020091601&jk=3310163629507787&bg=!6eql6vJYpkequJJqDSYCAAAAUFIAAAALCgIOX9auByoqSA4-FpAN8wzCynNYW-e5ki4R77zAFG0S8feVAoljkcCEFWCFphlvoFae4RVSPVR7b1y04mf3ZfhSd5PYC6cpLrXDlhmizOhOvWjNQmTvnW9-QEhNKcC5iUv5-1xBx-v5ETjKliVePdcrhUoX4DaRfSHKpLrYetx1d_vM4h2m34bw4B3wS1UNWfmL2JkfocNWAMEEagTVMQrjdkKnZ_n7IGaHOsDkUqI6sTaM9zMYX9_tetJslHnomrVW39Z6cMWv2vi6Eu1eN2a6dH1sGXMH1Ir-5yx9xX4NWTC-33FZ5MaFlsNpkPwlu13CFRlffaWb0lLPHL0y3pM_ur3HsAfzxeosOPKMGOY9S-VcNz2KgstWqtI6nwR2qFTfFukKXBQIjEiy5Ibapadw1T9pyZF1exLI2megEMVJfuHtRBN9Gum_BGSymuT22vk7ToV-mp0OFKMgUdR04PqpMOW1Y7itRXM37EBTKYqJ4d36sQdrrokM5ZxGSYw-RSC1-3ijoXcHnPa3hHvOMibXquVsmXZaYXy8UtN0CAVR0pH7wFtOiZSkYh5yIrW3i_toz5a9Yy93XAo8-UjGUhrKbJGHvUgTGZ7332FsFTmdkX_zfhYwl_1WqHkDt18cbOyGjyd0jvXVXfW1UBWSxb4yvbQu-kFik4QRwqSp1Bl3mZksVwswLboChmQUuTP3ZZkBpSrHtFcQr0odXsVQjwo4nQDz8WFnWTuo43WZ-n3FJ5yPRou9iSGUAOkjGary1ViF3ARPpuW_fswVrqkmZiaN-oRZqZdyarTEY9qeRGgzBZ3fJezNf4RO1aDT--B13xMh-O_eQS74YcpW1buxcASilyjZoNDK4CdP0gEyIOSP-lrH8rsdh0gBAPimSaqgu8lnjYQbXtJM_LCVkH2gsnxbeEArwiEPe4oxTs2fxPwtM1ajUZib_tTiXNOQLnyhLzpDySZi0g-bBwXRigLAW_5BozzvB7KZHjAwIm232x9ME0ANJKENhQHtwmf063Qn4ZOsjVQVJsimfDFGwEKViCD5NW5Pp7nRt8O9LORe9I3Rs8mqwzNtVXUUGbkO9TFrUiMDy7Squ3rdeBclp1HLwdL3iEpJSNVxVx4PGdUaJAVmdzmDBJfrlRVQ4xYMxhUDeozT4hNRLspkRgiCNDhTokSSg49LfJ98KuZw1QVDDvtCMuFe4O7xeBh1RBYvFX4vF4ObR5-XV5JcxL8uwzN8GPqSS0vfwPLIEafOuQl9tXIAW-x4Sma_vn0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:53:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EF5A 53 KB
18 KB 74ms
74ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

faaacf2ef87630111303bdc29528bd65f2957ed6c6306966aa7850210affbed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "645 / 278 of 1000 / last-modified: 1601071877"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17839
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:59 GMT

GET
H2 200 send
yadloop.com/ Frame 9287 0
0 126ms
125ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/send?i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e703&cb=0012691601225639550
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /send?i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e703&cb=0012691601225639550
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: OTXXQHOIViNO6pwKIYyOFiwMg-SGtrbd_Z3ikTVHa5i2n8MVb6bOXw==

GET
H2 200 counter
yadloop.com/ Frame 8757 0
0 122ms
122ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/counter?i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a37&cb=1562031601225639552
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /counter?i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a37&cb=1562031601225639552
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: PgrXFYZiDrgPg7TGEywfe9XQh_9Ojk4tz3cwa5s-P-VeU0vCEG9W9A==

GET
H2 200 user
yadloop.com/ Frame C60C 0
0 124ms
124ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/user?i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc1&cb=1188131601225639554
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /user?i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc1&cb=1188131601225639554
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: Bz_q2XmfaeUWjq3YCRrzUTFT7wjeeZBFEKbSA4-4MwY4q0JUGLOXsA==

GET
H2 200 user
yadloop.com/ Frame 6393 0
0 166ms
166ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/user?i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d31&cb=4892411601225639555
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /user?i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d31&cb=4892411601225639555
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: ukufD1OKFHM7d2xQk4woLct7Emho8peaqIWMPc1NQaPoaeTeovxVCw==

GET
H2 200 usersync
yadloop.com/ Frame BCFD 0
0 174ms
173ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e75&cb=6029191601225639558
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usersync?i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e75&cb=6029191601225639558
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: EMoZAII7Yj7MljXSZyAijP-asngsh4m0elFEQm0YP3JtIPfLH9TIUg==

GET
H2 200 usersync
yadloop.com/ Frame EE6B 0
0 164ms
164ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b1&cb=5754131601225639560
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usersync?i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b1&cb=5754131601225639560
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1719
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: a-DwzPHgEMyyOy4uVkfq3PG7jQ6A3XGenhuLCC-ItLRQZ5-KloDFJQ==

GET
H2 200 counter
yadloop.com/ Frame 157C 0
0 176ms
176ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/counter?i=qwpqn1ipjtdny52xwe&a=09d0930f2b4393c086049204715f636f9&cb=7690471601225639561
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /counter?i=qwpqn1ipjtdny52xwe&a=09d0930f2b4393c086049204715f636f9&cb=7690471601225639561
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: c6hKiQfuEFvzlSd0UdPrKvJuc-uYY4l2f9htqZ47xTaUaefwKe5Vzg==

GET
H2 200 async_usersync
yadloop.com/ Frame CBFF 0
0 177ms
177ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/async_usersync?i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d85&cb=3120461601225639562
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /async_usersync?i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d85&cb=3120461601225639562
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: b22uxgOGqX15ZLb9r96XEp27GOwt8D7dhlqaR7W9YTkMlpu7-gy2tA==

GET
H2 200 stats
yadloop.com/ Frame 765D 0
0 162ms
162ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1757&cb=7342301601225639563
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1757&cb=7342301601225639563
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1633
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: LiOEPoi5-iBRKUspSWhD82u1M0fwPUKVi1qxGDJVl0zK4ZL5q9W05A==

GET
H2 200 count
yadloop.com/ Frame BB07 0
0 180ms
180ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/count?i=qwpqn1ipjtdny52xwe&a=882897f02d8d04f5e2ca7fe9428c3a165&cb=5693541601225639564
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /count?i=qwpqn1ipjtdny52xwe&a=882897f02d8d04f5e2ca7fe9428c3a165&cb=5693541601225639564
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: H1RzFwtPl4oMQ23CYdAfGdLuRCvgf6nYQ2j65719NezidXNTrv5vqA==

GET
H2 200 async_usersync
yadloop.com/ Frame 2B0C 0
0 184ms
183ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/async_usersync?i=qwpqn1ipjtdny52xwe&a=4c573560928388de17c545349516a3953&cb=1758521601225639566
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /async_usersync?i=qwpqn1ipjtdny52xwe&a=4c573560928388de17c545349516a3953&cb=1758521601225639566
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: _yhVTcUr-qE3KdfrjUAqXgrMZssDFvR8hq151_g0-omNV7m3CYPgmQ==

GET
H2 200 usersync
yadloop.com/ Frame 569E 0
0 192ms
192ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usersync?i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260889&cb=9347841601225639567
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usersync?i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260889&cb=9347841601225639567
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: uQFae8oR74nRPsn4wUFrgOLmSPyh6c5o_rvdYEz5qcszGXNeX7nsMA==

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame D947 0
21 B 100ms
100ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZ3V-j92_W5ILB9AEo94Ub0xGWS8E9iLW-YF_8Va3xFRlZKUsqBIUdWkkhIHWoDXkOkAV5IrLfISklVJ_GEa4htvHF8hOOaWNWFy48T3A1wBlQVvPb26KFAfiHsavI_VDS2LIAq_NN4PogEtoNb1h5U6mS8h9u2SNBKv2r7xqT-PSb6Y3RGbxACFZF7TlkHLIs-iD3NmOIYD33ECI79WM-e0ojO-xKoDBlsq5BD_BUrreVPkSnVvbvMMtJXbPNexEBpuy8sgs8WToWBA&sai=AMfl-YTJ8WJPWqdzoQj8kG4f98kYVl-UzycIatICBzBg8YXOHYdRkFFXwmdLWQWE0rjX6W77weXTqqNWUblS_Xr2orqRoMowlMJkVwxfYxRGM9Ng_ugPMnOkNEWCbP1LXtU8&sig=Cg0ArKJSzBgt_h1FkAhjEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:53:59 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0B33 53 KB
18 KB 74ms
74ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

206ad0e2c8cb0b55245e3bcf54bc5cd57fc7284b8f94aef1955eae5574acdf48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "645 / 31 of 1000 / last-modified: 1601071781"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=21600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17834
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:59 GMT

GET
H2 200 stats
yadloop.com/ Frame 44EC 0
0 172ms
171ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe485&cb=0593911601225639588
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe485&cb=0593911601225639588
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: S8PZtSC7a0EXJEXh4JsjLaSIfyvgk06NZudon3hcQqi-e8Cr8RudaA==

GET
H2 200 syncro
yadloop.com/ Frame E5C7 0
0 174ms
174ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/syncro?i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab303&cb=8756091601225639590
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /syncro?i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab303&cb=8756091601225639590
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1667
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: Zu-ZMMeu3_QjDUjjDuyqzn6UKUDt12TKdQfT6vl36ZWl0iRsVy2Icg==

GET
H2 200 stats
yadloop.com/ Frame FB11 0
0 175ms
175ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/stats?i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba021&cb=6329731601225639591
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /stats?i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba021&cb=6329731601225639591
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1874
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: C5J1xh9lMKCThLfo1uYke-6gxsAwneQmI7RcowFvd6hcZHVz71EQiA==

GET
H2 200 user
yadloop.com/ Frame 39C7 0
0 173ms
173ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f7&cb=9556521601225639592
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /user?i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f7&cb=9556521601225639592
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1633
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: qPiDX0meA4xonsLUfAgRivUHeefSVBhpravKlpDGFqOqL1IqbzvDWQ==

GET
H2 200 count
yadloop.com/ Frame 2BCD 0
0 169ms
169ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/count?i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475215&cb=9631831601225639593
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /count?i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475215&cb=9631831601225639593
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 3GepIKDOeknyYniDD7EJMP1EdbH-0ji24TMl4yXXcXwlQt5sYLxEQA==

GET
H2 200 sync
yadloop.com/ Frame 6251 0
0 173ms
173ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/sync?i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a5&cb=5015751601225639595
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /sync?i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a5&cb=5015751601225639595
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: W12TXWpiPLOcJNrPy1cDP9mFkdmHo-_COZbC94Y-8x8QGr3qKarEPw==

GET
H2 200 user
yadloop.com/ Frame A75E 0
0 173ms
173ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f9&cb=2013601601225639596
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /user?i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f9&cb=2013601601225639596
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1722
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: ZIWGgc9XRVYCzKn55T57lVLABgKRy32mFbFnp8OlSvNqI242Sm5esg==

GET
H2 200 user
yadloop.com/ Frame 905D 0
0 176ms
176ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a97&cb=2910721601225639597
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /user?i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a97&cb=2910721601225639597
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: SKF8Wx7AEJCgKh2CYKwn88fEg_-w_4cXBj9m8BxGRDQGVA6edzoJxw==

GET
H2 200 usync
yadloop.com/ Frame EF96 0
0 174ms
173ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/usync?i=uml4x413apkiqmcvre&a=85b4506f143331b6cfb4268b28c6782c1&cb=1490801601225639598
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /usync?i=uml4x413apkiqmcvre&a=85b4506f143331b6cfb4268b28c6782c1&cb=1490801601225639598
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: XCToyAO1uIA-JAbFedpkVuRDyvLd3ObvVLlQRBCIicdJYWrLasDSpg==

GET
H2 200 send
yadloop.com/ Frame CBA7 0
0 178ms
178ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/send?i=uml4x413apkiqmcvre&a=ff33ef70b2e2b9a48741989d191427915&cb=1679211601225639599
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /send?i=uml4x413apkiqmcvre&a=ff33ef70b2e2b9a48741989d191427915&cb=1679211601225639599
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: XlRP0uRqqfB1FY7WoWBaC-dYYDY2cc1AObwBVR5p49PRO2die5-FXA==

GET
H2 200 async_usersync
yadloop.com/ Frame 5A88 0
0 191ms
191ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/async_usersync?i=uml4x413apkiqmcvre&a=9792f07ae0a3c3452c98dee5591d78631&cb=6046321601225639601
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /async_usersync?i=uml4x413apkiqmcvre&a=9792f07ae0a3c3452c98dee5591d78631&cb=6046321601225639601
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: f7MF_PFn3WqyagHeOJeT2EjWFXQ3TinAuTjdJDpB6jmlI5M9-7S1bg==

GET
H2 200 user
yadloop.com/ Frame 7EA0 0
0 173ms
173ms Document
text/html 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/user?i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb33&cb=8139071601225639602
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /user?i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb33&cb=8139071601225639602
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=502dc6a8b490e34638def26ff04043907d086c49
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 1710
date: Sun, 27 Sep 2020 16:53:59 GMT
x-cache: Miss from cloudfront
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: Vr0XpPUmTeBxklBM6nhxZEnLaHGSr7nXv-ze7c05UH8vAcGFHy_3BQ==

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AF62 0
169 B 104ms
103ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst45JFF_zmzd1_z3xkbIAX1OS9LKrp5GbXiuMI3lKOh1BuIq2kRPy2146kfW36NaknyzlPD6-JiDTlRGoYppkflrw8q5r-eHA6ayhFlNHDiTIDSSdJOEyN2CE7YbWcFYkGAPyLtybocBWukSAs1hbmhDAPMQX_9VWIe5I02-0OFp2QH9UkdxTnFDdFNyKs29l4UoFFpSUV3bqxyWceWD0rz08x87x60sJqaFYF1ma8WGnePMFhkI9-F5IS8LGsYz0YTxWsA9kesJQ&sai=AMfl-YSC_trDdu9IqU34nKlOhaGsJaoHBA-ozEx2fEoLQiMAmnhFmiRcX219ncw9PAhxTFWKbpC2UDZpAmsSTqzMqUg7OuRIeV_2uei-Lb9LaHegj2OPqA9cgEMsewukJHPP&sig=Cg0ArKJSzBVLWpwBsoGCEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:53:59 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 pubads_impl_2020091601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame EF5A 263 KB
92 KB 74ms
74ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067551

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Sep 2020 08:40:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94378
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:59 GMT

GET
H2 200 pxl.jpg
yadloop.com/ Frame D947 597 B
832 B 125ms
125ms Image
image/jpeg 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yadloop.com/pxl.jpg?i=qwpqn1ipjtdny52xwe&s=781&p=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&rstk=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&h=0301251601225639670
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8
status: 200
content-length: 597
x-amz-cf-id: 6DIkupEPoTjvcjqXTWSeIiLJDavsANJ2IblwXEbV3eX9UZ0fxFk3QQ==

GET
H3-Q050 200 pubads_impl_2020091601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0B33 263 KB
92 KB 80ms
79ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Sep 2020 08:40:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94378
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:59 GMT

GET
H2 200 pxl.jpg
yadloop.com/ Frame AF62 597 B
831 B 154ms
154ms Image
image/jpeg 99.86.243.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yadloop.com/pxl.jpg?i=uml4x413apkiqmcvre&s=781&p=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&rstk=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&h=7484701601225639704
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-3.vie50.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8
status: 200
content-length: 597
x-amz-cf-id: 5a3CWS4OC_4_-2nL8DK-HqDTdZGyBAa9gDeAp-6Stw9XxbrUyK6f5w==

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ Frame EF5A 109 B
168 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame EF5A 109 B
149 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067551

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EF5A 41 KB
11 KB 379ms
378ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=240289277647433&correlator=94098040287026&output=ldjh&impl=fifs&eid=21067551&vrg=2020091601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200927&iu_parts=21671350435%2C728x90-controlc.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3Df633de96969be4a1-221f5518e7b800de%3AT%3D1601225639%3AS%3DALNI_MY-FPZOT1eRym_WXtbwnMd0Skt_-A&cdm=controlc.com&bc=31&abxe=1&lmt=1601225639&dt=1601225639778&dlt=1601225639546&idt=214&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=50&adys=163&adks=1088513110&ucis=u9xscmrbhmu1&ifi=1&ifk=2697026611&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&top=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=351749556.1601225639&ga_sid=1601225640&ga_hid=2041402828&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067551

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

359f2125b04f87bfcf8364bd209b0c79e2751b257cba4a306a7722d50249b94d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10456
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
086fe969c5c7532c0d30644252515e72.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame EF5A 0
0 73ms
56ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://086fe969c5c7532c0d30644252515e72.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067551
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame EF5A 0
0 9ms
7ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067551
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.se/adsid/ Frame 0B33 109 B
149 B 18ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0B33 109 B
126 B 16ms
14ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0B33 14 KB
8 KB 346ms
344ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=861542994968961&correlator=2759257694167673&output=ldjh&impl=fifs&eid=21066094%2C21065725%2C21066705&vrg=2020091601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200927&iu_parts=21671350435%2C160x600-controlc.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&cookie=ID%3Df633de96969be4a1-221f5518e7b800de%3AT%3D1601225639%3AS%3DALNI_MY-FPZOT1eRym_WXtbwnMd0Skt_-A&cdm=controlc.com&bc=31&abxe=1&lmt=1601225639&dt=1601225639865&dlt=1601225639585&idt=224&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adxs=1390&adys=178&adks=2407567311&ucis=c8dhv736cz5z&ifi=1&ifk=3037308619&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&top=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=160x-1&ga_vid=351749556.1601225639&ga_sid=1601225640&ga_hid=1359896395&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

1b917aa4401313d98a7bf37b5d0575fdb97b34c4c9f04d2f53edfd3c453c9b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8390
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
94b9174523f19b2eae2e13a4cc2ca745.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0B33 0
0 89ms
72ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://94b9174523f19b2eae2e13a4cc2ca745.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 0B33 0
0 8ms
6ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 prebid4.7.0.js Show response
storage.googleapis.com/rs-static/ Frame 331C 302 KB
303 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:821::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by: Host: ads3.mthsense.com
URL: https://ads3.mthsense.com/RenderAd.aspx?id=14896&width=728&height=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:02:09 GMT
age: 3110
x-guploader-uploadid: ABg5-UwS24tcYy-OWlcEVIDLY057ZZ8jyU-I_jAFrZTtQKUUSTAJ9dn1wocj_eMmgz7OD9ZGa4D1S3YRSdcP-gRATIA
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 309272
last-modified: Tue, 15 Sep 2020 19:30:03 GMT
server: UploadServer
etag: "6093877422c034fe300df8ed44d1e948"
x-goog-hash: crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation: 1600198203919898
cache-control: public, max-age=3600
x-goog-stored-content-length: 309272
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 27 Sep 2020 17:02:09 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 331C 52 KB
17 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d705cafd8b5cb02ac3330cc69cacb5ca72572b3a92699e3744ebe92c5b0249d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "645 / 464 of 1000 / last-modified: 1601071877"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17597
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:53:59 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C98E 0
44 B 103ms
103ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUO9MU5pYdS0cLYauGufPQojUu1HzNPZDhz_K08zK344XqpSJK4aKcp12cxXMvGjLmVq2QB4C4I9qv1PQVn4gvv-MRcFab8JfX17f-_7Mh712U9qC0e0MGLulvbVC5AvX_frrpzELPsKdZLGQyuK3_w3TJXFPEOyV1V7K57vCH9lKKXNja5Jd6-MvGAYIzDQY1fb26Va6r9T4sEJdCwW0JJbu57ZCUs8AunttEdEO-1otvgAwzsJrNVEWul9bhYA1kqTFUbkOhFaM6lmtzEQ&sai=AMfl-YSUmLhUzmPMPrfb_5KIgh4S_hTYsRXDt-cKIAz5E39djkyO-v4jaGWNMwebYQaeObK_O8luAdqEENEL3RK42uOnJawb35otN-eFXvocCFVZZrEKPXUWT7LHTATDcusU&sig=Cg0ArKJSzH9cQf7XJ_RLEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:54:00 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C98E 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f5eb04ed0f9e26a1696e86b9f8b3c0bddbc00043fb9019911501e018de27683

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 pubads_impl_2020091702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 331C 264 KB
93 KB 75ms
75ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

bf854a7b7ea523eaf0e05e333f6768d66af9f3430b9e2770edc995a169e24167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Sep 2020 18:00:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94763
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:54:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 331C 24 B
629 B 192ms
72ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.7.0
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 87969dac371aa412dac668003413d71de607ca1d2e6bb74c0d599bb0048cfb38

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Sep 2020 16:54:00 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://controlc.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 331C 65 B
350 B 488ms
182ms XHR
application/json 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bFNDkc19ir6ikyaKkGJozW
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: / 33Across
Resource Hash: 022179df5567437df44056a6008594f1dcbe3484485b92c2fe0ead9334f72210

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Sep 2020 16:54:00 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controlc.com
access-control-allow-credentials: true

GET
H2 200 arj Show response
os4m-d.openx.net/w/1.0/ Frame 331C 173 B
556 B 187ms
92ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b81ccefa-5b65-460e-b10e-7c81e48edc66&nocache=1601225640074&aus=728x90&divIds=URL_Pasted_728x90_BTF__86&auid=540529560&aumfs=300
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: ca480dc81738cf67ab726a8a18e8b1b98f2f0ae631c0567646c67426151ddce7

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:00 GMT
content-encoding: gzip
server: OXGW/16.193.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://controlc.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 331C 281 B
1 KB 283ms
88ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=62568&zone_id=710558&size_id=2&rf=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&tk_flint=pbjs_lite_v4.7.0&x_source.tid=b81ccefa-5b65-460e-b10e-7c81e48edc66&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.552477561603866
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2fe7796822e2b38be3b4d8089b9156edaf5a0e5c51858ae2a4cd225dedd26b60

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Sep 2020 16:54:00 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 281
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 331C 24 B
255 B 282ms
153ms XHR
application/json 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=303653&v=7.2&r=%7B%22id%22%3A%229add617a7c3e28%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210a0b14f0453f38%22%2C%22ext%22%3A%7B%22siteID%22%3A%22303653%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcontrolc.com%2F78e7fdfd%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 194e7fd40f3eba1265b9de18b2fc51f0a86cac208c0ce657aca517a8db13559d

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:00 GMT
content-encoding: gzip
server: Apache
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://controlc.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
expires: Sun, 27 Sep 2020 16:54:00 GMT

POST
H/1.1 200
OK auction Show response
x.yieldlift.com/ Frame 331C 3 KB
996 B 1079ms
296ms XHR
application/json 52.72.161.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://x.yieldlift.com/auction
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.161.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-161-243.compute-1.amazonaws.com
Software: /
Resource Hash: 34c7fcd2866c5196e83395a04b44cee9dd2673cec63220884b1fb682d257141b

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
Content-Type: application/json;charset=utf-8
access-control-allow-origin: https://controlc.com
Accept: application/json
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Server-Timing: intid;desc=292bd54abceeef51
Connection: keep-alive
Content-Length: 619
Expires: 0

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/74190/0/ Frame 331C 0
269 B 382ms
92ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/74190/0/mvo?z=1r&hbv=4.7,2.1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://controlc.com
Pragma: no-cache
Date: Sun, 27 Sep 2020 16:54:00 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 331C 145 B
1 KB 210ms
88ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

383ac3617e9a800a482b64a05eaa17e3904bd50158fb93525945298277317964

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Sep 2020 16:54:00 GMT
X-Proxy-Origin: 37.120.209.220; 37.120.209.220; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.177:80
AN-X-Request-Uuid: 0ded4ae1-37a9-4cc7-bba7-205d98fb4def
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012009190410000/ Frame 2F6D 206 KB
56 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8887246fdae6a5bde33313c306ca108fbb99f4bd5fc82eab0d675a4162105b4f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 171910
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57293
x-xss-protection: 0
server: sffe
date: Fri, 25 Sep 2020 17:08:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40f11599aebc3d57"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Sep 2021 17:08:50 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame 2F6D 16 KB
6 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d66a122d9849ec2d6665a9b55df6ac3fef29e50b712588ab729aaab7b6e949a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 293953
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
server: sffe
date: Thu, 24 Sep 2020 07:14:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a50d2865a1d0cb41"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Sep 2021 07:14:47 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame 2F6D 95 KB
29 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e922793ef5dbb2417f3143a2e24b33be1fd6b3ba412df3a31e0173ca46f021c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 171910
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29338
x-xss-protection: 0
server: sffe
date: Fri, 25 Sep 2020 17:08:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a163175640c67d70"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Sep 2021 17:08:50 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame 2F6D 4 KB
2 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be33982ff67c790e285661853e12db59cb0cc76f417f924715f366ee1e269881

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 281229
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1802
x-xss-protection: 0
server: sffe
date: Thu, 24 Sep 2020 10:46:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "beb17f489aa4c72c"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Sep 2021 10:46:51 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012009190410000/v0/ Frame 2F6D 47 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009190410000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ad474fa92add6794702b5c0858699fcd140b0e4f25439c8292ec815818fd1cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 293953
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14594
x-xss-protection: 0
server: sffe
date: Thu, 24 Sep 2020 07:14:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "17bfff787eec95f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Sep 2021 07:14:47 GMT

GET
DATA 200
OK truncated
/ Frame 2F6D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a4f4b6ad461cb13154faa2b9eb2b3c375ecf23df47ada55d7a0370aa37ab990

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 6440172947412764359
tpc.googlesyndication.com/simgad/ Frame 2F6D 29 KB
29 KB 11ms
10ms Image
image/gif 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6440172947412764359

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d2c70b18e19b7a7aba12f1b90d2c3eded8657ec69860ca6b1d2544f4f6578f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 09:54:16 GMT
x-content-type-options: nosniff
age: 284384
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29890
x-xss-protection: 0
last-modified: Tue, 17 Mar 2020 09:41:43 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Sep 2021 09:54:16 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F6D 2 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 20702
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 28 Sep 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F6D 295 B
388 B 10ms
10ms Image
image/png 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Sep 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 70022
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 27 Sep 2020 21:26:58 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 2F6D 0
0 15ms
14ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1vC8DvxzgkRR3lPE7AItSRfODlZMik5rD6raQwET6W3-ItXWlhg6WiSH9eUevT4O4-X0qZFk-hJEMRoaq7qdqFbDQTg
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2F6D 0
0 81ms
81ms Image
text/html 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CamtMp8NwX6OKNMmYgQfqt6aABMiM6dhd2OSfj8kLrcr93wUQASDW5sVYYPGt_IWkH6ABm63gogPIAQOpAqXrmdUtaH0-4AIAqAMByAMIqgTXAU_Q2ILTu6NQEwm2B0_91ktyeU0Dn5NkQN0XXd5erGSJlrjq6dggcpUhAel5pMOrmr99b7sEpTyyj7rxJCi7G7eTZ2ikWBn6Bx_3bVSSnR4yINUQUgRaLk97Z8JbfmxIIgWcnnQdB2OcIT0vL_fnPHBu_c7vTheu6I8b_yYPzNN8dm5iPNgqnWwTzK6c1czPbCgdbmOzo-M_xN3g6VHvK7l2K3fQXJ5ysfxx_FUNrWdOvJkaYTYlaF5YJDHIQT_XYmYa2CCgv_QHGkydtJFALZmuXARcs-aGwATN9d2-7QHgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGA4AHzdKfXagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCauh7SCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTkyOTM0NDc1OTA3MDY5OTGACgPICwGyDBRwdWItMjEyODc1NzE2NzgxMjY2M9gTDQ&sigh=KDPlNQWUaew&tpd=AGWhJmsR0XNw-iONu6bG8oQWfGMioWxKWalqRajVRKGlkgDyOw
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EF5A 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020091601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067551

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69d62a251ebba0b6eae49bc11cee3af8a1363ed716324f8a2c41e21ac7c2362c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6371
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EF5A 16 KB
6 KB 102ms
91ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067551

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600730918364481"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:54:00 GMT

GET
H3-Q050 200 container.html
94b9174523f19b2eae2e13a4cc2ca745.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 691D 0
0 88ms
74ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94b9174523f19b2eae2e13a4cc2ca745.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 94b9174523f19b2eae2e13a4cc2ca745.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sun, 27 Sep 2020 16:53:59 GMT
expires: Mon, 27 Sep 2021 16:53:59 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B33 72 KB
27 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f4becf7aa4520a267deefcfb80ed580800fa75b8c968d6bfd2ea9e14d65b642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:54:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0B33 9 KB
7 KB 18ms
17ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020091601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e0b06857b724cd21b3fb285774e574faf839065efce32b4b738fbf5e701be1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6677
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0B33 16 KB
6 KB 99ms
94ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600730918364481"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:54:00 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 2F6D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

90ms
89ms

Image
text/html

2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 27 Sep 2020 16:54:00 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 6440172947412764359
tpc.googlesyndication.com/simgad/ Frame 2F6D 29 KB
29 KB 19ms
7ms Image
image/gif 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6440172947412764359

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d2c70b18e19b7a7aba12f1b90d2c3eded8657ec69860ca6b1d2544f4f6578f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 09:54:16 GMT
x-content-type-options: nosniff
age: 284384
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29890
x-xss-protection: 0
last-modified: Tue, 17 Mar 2020 09:41:43 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Sep 2021 09:54:16 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F6D 2 KB
2 KB 20ms
7ms Image
image/png 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 20702
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 28 Sep 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F6D 295 B
319 B 20ms
8ms Image
image/png 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Sep 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 70022
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 27 Sep 2020 21:26:58 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/216/ Frame FCBE 0
0 10ms
6ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/216/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4674
date: Sun, 27 Sep 2020 16:02:58 GMT
expires: Mon, 27 Sep 2021 16:02:58 GMT
last-modified: Mon, 21 Sep 2020 21:29:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3062
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/216/ Frame 9FBC 0
0 10ms
6ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/216/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4674
date: Sun, 27 Sep 2020 16:02:58 GMT
expires: Mon, 27 Sep 2021 16:02:58 GMT
last-modified: Mon, 21 Sep 2020 21:29:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3062
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AF62 42 B
70 B 15ms
14ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1A_vSxjg-ohLBjgCtOHB5_0GtFmPkYZMGPO9Uj5ZEOTBWIxejSZ3vAtD5zMhxIpJRqznxgNQLnuIuSHPNkD0avmGNp0mFbo63-IUaK5E&sig=Cg0ArKJSzEpK4juUKS9rEAE&adk=2762401180&tt=-1&bs=1600%2C1200&mtos=1065,1065,1065,1065,1065&tos=1065,0,0,0,0&p=178,1390,778,1550&mcvt=1065&rs=3&ht=0&tfs=428&tls=1493&mc=1&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=327&niot_cbk=331&md=2&btr=0&cpmav=0&lm=2&rst=1601225639219&dlt&rpt=66&isd=0&msd=0&xdi=0&ps=1600%2C966&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-9-3-8-8-0-0-0&tvt=1492&is=160%2C600&iframe_loc=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&r=v&id=osdim&vs=4&uc=9&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200925

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D947 42 B
65 B 14ms
14ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6pqnhfW_WS8DLM5-s_E77NPqTEvaCqVtESQAXuOZpYeLGecrmrl2g2lWMWu30-InEX7xlZykPUHbJ57Ghw9b4OLO0d-ADKR5gDHy706k&sig=Cg0ArKJSzK8V2yqjhFKkEAE&adk=1406371575&tt=-1&bs=1600%2C1200&mtos=1098,1098,1098,1098,1098&tos=1098,0,0,0,0&p=163,50,253,778&mcvt=1098&rs=0&ht=0&tfs=434&tls=1532&mc=1&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=329&niot_cbk=366&md=2&btr=0&cpmav=0&lm=2&rst=1601225639200&dlt&rpt=377&isd=0&msd=0&xdi=0&ps=1600%2C966&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-10-5-9-9-0-0-0&tvt=1529&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&r=v&id=osdim&vs=4&uc=10&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200925

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 331C 109 B
149 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 331C 109 B
126 B 88ms
87ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 331C 5 KB
3 KB 125ms
119ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1312439670963053&correlator=2127249071828467&output=ldjh&impl=fifs&eid=21067516%2C21064367%2C21067201%2C21067397&vrg=2020091702&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200927&iu_parts=289026909%2CYieldLift%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=hb_name%3DURL_Pasted_728x90_BTF__86%26passback_pb%3D0.20%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie=ID%3Df633de96969be4a1%3AT%3D1601225639%3AS%3DALNI_MaHO6Ugtebpml06JG3eCdcbZ-lT_Q&cdm=controlc.com&bc=31&abxe=1&lmt=1601225641&dt=1601225641178&dlt=1601225639962&idt=239&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=50&adys=740&adks=554702876&ucis=c5y1gjvfoggz&ifi=1&ifk=2697026611&u_tz=120&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&top=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&dssz=11&icsg=554&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=351749556.1601225639&ga_sid=1601225641&ga_hid=1959431478&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

8ec82f03a4c81c1d2afacfa86193f095b914aadae77a16788370a56ada9867ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2838
x-xss-protection: 0
google-lineitem-id: 4756980902
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138240399983
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
401ac98cc6e4a7969e86bda475541387.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 331C 0
0 96ms
78ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://401ac98cc6e4a7969e86bda475541387.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 331C 0
0 14ms
6ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C98E 42 B
88 B 84ms
82ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKs3jAZmI5ttJw0oNTZAeaIU-MRqvctJfrUgk5aFZcJ9iRRkW9R4S2lQXS-wcwzY6zYxrjDERCWyKZm8GuNpBcEJMLFIZtJBF8ZSVb8_A&sig=Cg0ArKJSzNKtFDcPi4CdEAE&adk=2507290776&tt=-1&bs=1600%2C1200&mtos=0,1110,1110,1110,1110&tos=0,1110,0,0,0&p=740,50,834,778&mcvt=1110&rs=0&ht=0&tfs=193&tls=1303&mc=0.95&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=3&niot_cbk=9&md=2&btr=0&cpmav=0&lm=2&rst=1601225639212&dlt&rpt=762&isd=0&msd=0&xdi=0&ps=1600%2C966&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-10-3-9-9-0-0-0&tvt=1301&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&r=v&id=osdim&vs=4&uc=10&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200925

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pw.js Show response
d3oi8laqsvc6ey.cloudfront.net/ Frame FE48 83 KB
27 KB 129ms
25ms Script
application/javascript 2600:9000:206e:e200:5:ee0e:9e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:e200:5:ee0e:9e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85a39b2febc8f8dc2a7ee1e3c4e8a23bcbe10f8250614d32efdd4b4d4bd40df8

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 01:03:22 GMT
content-encoding: gzip
last-modified: Thu, 19 Mar 2020 14:03:51 GMT
server: AmazonS3
age: 57040
etag: W/"d0854b8502ea96f99f33cad6229947a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: LleukWQCeA4C1ooCQiGAwO3eccMhcNamLoy40Qmi0uW1Bvpfv2NdzA==
via: 1.1 108e63109879954f4e720db50559f788.cloudfront.net (CloudFront)

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame FE48 0
0 105ms
101ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXXF_PW1N3WEBaMYu00orh0P__KcB4mlHKc-ibkrfz3xVLndMStZVcOPm7uVcc8pjqQvelT4lvT-sGKxxUGmKQpFQz05wwgaPfJW26aIQONxiyXqQgqR_bkXqzeuM-X_iN_7Unrgxg6fDixUDrauRXkkIlhf3hoxmLstCxxnxbH_nM4UJ7NsrxsF0tSxkag6Bov7hbG89hcxijVQsOPKCSyA5JjuR6xNJmfdKzDeBUwOcxmzDzngtkvFW0u6PxGDDU4XlFF-59k1jHDUKLd46sU5mdBF-rJO-X4jAikCAgidFI&sig=Cg0ArKJSzDpAZOtVYJY6EAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:54:01 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 136953cb-88f9-48b3-9417-8f28d8a3cf54.js Show response
d2na2p72vtqyok.cloudfront.net/client-embed/ Frame FE48 5 KB
2 KB 313ms
111ms Script
application/javascript 99.86.245.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/136953cb-88f9-48b3-9417-8f28d8a3cf54.js
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.245.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-245-175.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fe731c4c64abb6076bd1db3ad8901bc4debf65d4ea909a2d5ce87c9bb529d42

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Q._sIZQgDZhC2J6.P86ns68e4pempmGj
Content-Encoding: gzip
ETag: "2663646f665a66981cc8b509385a528e"
Age: 57633
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 22:19:13 GMT
Server: AmazonS3
Date: Sun, 27 Sep 2020 00:53:29 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 e6726d8c260dc6d0bdf74050840f4b1b.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: QM2eGkl7NNJaQtJIRKZZj-yiWWfsp3pprTi2FJhV4TM-nCITSxXgIA==

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE48 74 KB
28 KB 47ms
43ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

762ec355f24c740559b048460b5a40aeb9965a70c883fdf5c454119d0c1e5e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28870
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:54:01 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 331C 72 KB
27 KB 100ms
96ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f4becf7aa4520a267deefcfb80ed580800fa75b8c968d6bfd2ea9e14d65b642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:54:01 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 331C 8 KB
6 KB 21ms
18ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020091702&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbdf8d3dc69e0b4674cb2a518fd8cb9fa088f5903165c79981ce2e4c22d9426f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6313
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 331C 16 KB
6 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091702.js?21067516

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600730918364481"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:54:01 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EF5A 0
22 B 19ms
15ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gpt_2020091601&jk=240289277647433&bg=!-Pul--NYirKeZ5zyCz0CAAACXVIAAAAoCgH_O7yvWJiqj1WoC49bZ2iUrV4LxdCVVXSQYwy2sAazES_cCMIm8lTSX3LiTxUXh1fHU78DCG2XsDR58NzTCOICLkpx7AORfVf7cZc2qbdJg5KiCNeWCMOJOOZudxuyQMVwI4g4t91XxwLvdyOUVLuLOIowhKERV0RTs63NMfzXsWUqpqiptLLXf3wjBmp2BjrLaXcuR7_yYQf9yRATP3GKP5fgd5VJPa4qRYn0bYnTy3oAG5cVsstP-W3B24TAm_I7B9xb3nmo9M27S9zbEHFMmqjcWpfFRx1_J7nQlVUpwd2julGKrTX3M1-80fmR2Xw5Qeq7blwR-ScO1JIApQXseTSGcdcobl-GPzwh3nm9Z3EzMWBafS7D7seeJGbb_SmU9xs74l2BIlmTwxK0sAl-7I0-N9V4gbPHV_wdPmLB0uTLiArnPQMugfuXJ6L-xT2Uhw_NPWoQb36ZdseEarHaEtD8OUlRG4ae8FvbuXhdI2FRwb8SteCvFLoLQYtZ_dMm2KgECUXPjqEsEhcwQT86gE5mRQx7AjuwOzCrUlO5R85waeF2Oo2jloJgQXt_hYmCJ9pcCwDtlkw51oyXGonL7nV2n4jT0rRpOXA4r3vvtffNo-PfP0SeErjHs0p2FDuIRFaoMSi0yD11u-O0j1JzuwfbMJQffl9dTlXgx4sHDpkBwQY6bqmYbX8D9-DEhCvpvL73BRcptOZC7ouUJBaOSrap1XD7rCtc0QKokeMgWF4Jehz3CvfPkrptaluR36G6c-J-2092Q6EH6-joN2iwnNOtBBrtS8nFqjI7_XQ8qkfwShqyLM48hQJ_HAZUxc3GfUNw2ecGWkM_0t2fsr2PiCvXY1HNzBjrhIesi_B2rdLQWItXSn1Bl30F_wrt-r2kzF74q0Vaozzkd2Il5yUZLMmoa3mQL3FJLMUzu5ONS5HrdimGmTaGRNoiSd9nBPDW2uVYpXH2_p_jwDKAWOalQH2UuYJKLY7_rK8DPHViwpiplkvCl0BmDm2fE3o_5vxu9r4iqwv04W0LXsiIvFu4f2MpxWYDdKS3Pw9p7G5HW6hBcvPW62kSE_CgkIb3uzYW4hz6PHvipO1boX4b0JObOy8T2jYizzVBCzgDMpJ3DVnYj__SGr64EcVF4S1qbXawhejCCtjXx-WO9VrlgTHg5XNmSHDT_7tARwEz2MiiXOd9OJ43QJvvrQkUccLbmzL8Wi264WM-za9C-GH7g8sCsYZNqlyo1aMpfS_qFL-DRFE9tvNjrtMbxGV9RFLKSJh_jz1f

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FE48 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52e1b409fe7138df9807d4b1429bd5d65fb0da6fa3d5262d0d35f1a9363e9592

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/216/ Frame CD43 0
0 7ms
5ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/216/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4674
date: Sun, 27 Sep 2020 16:02:58 GMT
expires: Mon, 27 Sep 2021 16:02:58 GMT
last-modified: Mon, 21 Sep 2020 21:29:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3063
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 21bc8503-7806-41da-b650-37b6eedc566f.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame FE48 44 KB
14 KB 105ms
10ms XHR
application/javascript 2600:9000:2057:1a00:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/21bc8503-7806-41da-b650-37b6eedc566f.js
Requested by: Host: d3oi8laqsvc6ey.cloudfront.net
URL: https://d3oi8laqsvc6ey.cloudfront.net/pw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ed1d1a7225a5b7fb969296f7b3b1a1068d7f492632dbf4165ac7cd98ebd26be9

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 13:03:13 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 13848
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
server: nginx/1.10.3 (Ubuntu)
access-control-max-age: 14400
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: *
x-amz-cf-id: Jn1HNIXddAOfB8kg9zAeWAeEQVtWyH8E5odsDKpFr-2enhVdJ4UwxQ==

GET
H2 200 /
includemodal.com/service/imp/21bc8503-7806-41da-b650-37b6eedc566f/ Frame FE48 42 B
133 B 1512ms
159ms Image
image/gif 52.14.71.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/21bc8503-7806-41da-b650-37b6eedc566f/?rand=7605813&referer=https://controlc.com/78e7fdfd
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.71.94 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-14-71-94.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 27 Sep 2020 16:54:03 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2F6D 42 B
65 B 88ms
88ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPOv3KWHRm2kxXadyFnderhVvWd-yiz-TPmVYtEXT5SwiiNLWomcTL4BaRuzJYp-khu5jtxN-Ksf39tpemnRiD_cs0OxK-utMldjR5iVanyYUVbWzV5OLWepTuwQ&sai=AMfl-YSUR97B1v_2f0Y3UJkq7J-zwn0ji_Iw2sLJcKWmBDfxx7gLBRAQyMtHn_yfwRO39Uh1J3XnUovJ_Zy9-C8dYfhkye3QyAvXjzSa-g5y3oGQMUbl1sv4O5R6SLGq&sig=Cg0ArKJSzOG7RQ_FlZaFEAE&cid=CAASF-RoRqnZk2VBmd_fT1TQti3bV4i33NYy&id=ampim&o=50,163&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1081&mtos=0,0,1081,1081,1081&tos=0,0,1081,0,0&tfs=322&tls=1403&g=100&h=100&tt=1403&r=v&avms=ampa&adk=1088513110

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js Show response
d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/ Frame FE48 274 KB
30 KB 96ms
10ms Script
application/javascript 2600:9000:214f:b400:1c:386f:ec80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/136953cb-88f9-48b3-9417-8f28d8a3cf54.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:b400:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9192eb8a771e36bdc5163dedc00a24d495d85aa0dc83aa72f4e9e6a681b302d6

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:02:59 GMT
content-encoding: gzip
last-modified: Thu, 24 Sep 2020 22:19:13 GMT
server: AmazonS3
age: 3063
etag: W/"6a1751c823aed0797a8b3d50c40bffb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 6a.75pzet1HD_G.0jH6NuU9s8lISZLSq
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: ptIZwvL5VFpxXA9Dz5waFxb-HBfHssaCO0XuJZUcF2m8b38Rr7JEnw==
via: 1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B33 0
22 B 16ms
15ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gpt_2020091601&jk=861542994968961&bg=!Tk2lTVVYohSdnHM8IHICAAACvVIAAAAgCgFfB4ntcGT-WcidkS-RDT-srYoZdD-HQloqEkHO0Ge9TRsPnABs2ePGrPkqme85fA7oh4hStrgsub-Gzuu2oHZ2KYqst3mkzVsSZmDxtlY7xntW8LMqTFYwrIZoBsTlgL8UbcmsXUZLBlpBhpIf68nv-tb9SZb5pSV2MLsf7J6G9G6_SyR8iTjPKxZjcwfS79rpZp3P0rp5IuXfuGRV73gRhk_KdbrhY8P8vOlbIj6Dy0E2zTgRVhMAx4bwOV6-jZ2OcP7s2BpMWD3FPEEb40-qciJK9Bt6HDzX1yOnPsJBRIEuaqwT_NxkxetpJwH2-_DuFBfheD63Ed6KvcM9c_1EllVYEBRiA7oHA0G0gPVmDPF2YWo7So_rWbLzrjycQasErFGc05ORI86OZaR2c4DcBhxOPiUA3Cnm5y-cme62zRnSAK-yf2a6e16YPfNTxlPVonAgKSB6ZdmlmOyJ2ivOmQHQiHE6ctutDoeTERaz9N8qUzM7f95fTnigKH90Pom1_9vfuayYTZikB70BRvc2MthEKzPo8m6zW0BJRMeJ2xzGea71hszb8u5ufeDPMAp1jkqkKNqnDam3k8Zf-WgpNkyk2BR9mKh03WvrQJuYm89kQhzZ3i5hdPMreb6udFt1iuntOhnh1YkzlmyKcuo7oXkeLPDtKL-8lD7esFvQlHwchb-FH9VMijhJBBDNTfgZx0n46o08yLl8T3yWEsjdLIErN6Czx0yETlJ2fzQIqI6UEy45k5EFpbxxksGKZEEyWwY1Yh28S_FvrVGK7MiHNFH_Er8tJUUpggaR7qLmpqrKjFnQDYJN314U-oULsXs2ny5nXPzQBDS2gv8eEKx5sEEZK8aImliYeIT-ESKYeoRJonfvoa9SuyR62SFtJJdYkVl0ax17x8toobMkpGK12Khap54UVHtdoTHhiqBfvW8tdh2lBjIfzFykcvqc1fyh4MEMrP_HheueOpO8LadMxfDThy2MxUoE6pfbFgPnaGAAhAT9qSpGd0sq94CRu-JD2GCNdFgTn229BR7AfU2_ePE7iLb6O6xG2SLmqH7VG53jQOLTlJmNLLeQYnTDmaZj5OQ

Requested by

Host: controlc.com
URL: https://controlc.com/78e7fdfd

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
geoip.insticator.com/json/ Frame FE48 249 B
689 B 229ms
160ms XHR
application/json 2606:4700:10::6814:190b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.insticator.com/json/
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e773bcc07d0c9a3b997fbdda2f816ceea6763146bba391ce3d910dffae77b7a5

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:02 GMT
via: 1.1 vegur
vary: Origin
cf-cache-status: DYNAMIC
status: 200
x-database-date: Sun, 27 Sep 2020 01:39:04 GMT
content-encoding: gzip
cf-request-id: 05721568020000177e1a9ad200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 9999
content-type: application/json
access-control-allow-origin: https://controlc.com
access-control-allow-credentials: true
x-ratelimit-reset: 3600
x-ratelimit-limit: 10000
cf-ray: 5d96be866959177e-FRA

GET
H2 200 usertracking
b2c.insticator.com/v3/pages/ Frame 2FD0 0
0 415ms
393ms Document
text/html 2606:4700:10::6814:190b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b2c.insticator.com/v3/pages/usertracking
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: b2c.insticator.com
:scheme: https
:path: /v3/pages/usertracking
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
date: Sun, 27 Sep 2020 16:54:02 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d9b0f3207753078098488e2aca84466c41601225642; expires=Tue, 27-Oct-20 16:54:02 GMT; path=/; domain=.insticator.com; HttpOnly; SameSite=Lax
vary: Accept-Encoding,Origin
pragma: max-age=3600
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-request-id: 057215680800002b163234e200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d96be867e712b16-FRA
content-encoding: gzip

GET
H2 200 instbid-2.44.5-21-gb90761d.js Show response
df80k0z3fi8zg.cloudfront.net/files/ Frame FE48 275 KB
86 KB 29ms
7ms Script
application/javascript 2600:9000:2057:5a00:10:3422:3f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ba502ecab0bd6b9bfdff438ee33ff556ef77484c3a6da888d264d25f082252a

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 15:26:16 GMT
content-encoding: gzip
last-modified: Tue, 22 Sep 2020 19:11:14 GMT
server: AmazonS3
age: 5266
etag: W/"1a3ed0c46fb2b952e1f12a357f6bbf98"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: cWKL1CE2Z137GTm2CJeaWcUT1SRXQoe0
status: 200
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: JYyahmuhVfuVa-R_IJwRiKSKjYr_L9UMBazyfnfdzRac_oMuFdbnig==
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ Frame FE48 125 KB
24 KB 4482ms
331ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bda9d40ba62ecca3cfb1eb57016ee562eac7d69a20e9b4e520ceb8e2c6d3c5fd

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 27 Sep 2020 16:54:06 GMT
Content-Encoding: gzip
Age: 0
X-Cache: HIT
Connection: keep-alive
Content-Length: 24207
x-amz-id-2: efygYlT0aFrTgjs2Mu1j+ELEOnufq3HhqnxHvwKk94t5A8CpiVhKZZ8ASZT+Evb++7QUunN2MlM=
X-Served-By: cache-hhn4058-HHN
Last-Modified: Sun, 27 Sep 2020 16:19:00 GMT
Server: AmazonS3
X-Timer: S1601225646.145744,VS0,VE275
ETag: "ad86f2333ca8f37b4f19d6d9fa562f1f"
x-amz-request-id: 02582BF5BFA7A64A
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 1

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 331C 0
22 B 16ms
15ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gpt_2020091702&jk=1312439670963053&bg=!nJ-ln4dY865IFYRIuLcCAAAA9lIAAAAtCgFPIHqNSwhz8R63Da477ONmkxji1ZSWphbVWBv-Vkm-U7xb9gWmlV0fCGYzqpNETA2nckitPBJbOaWmKSWXXddceeGmMxf28Pah9AthkdGxCuF92finY1voQHj7lKjoDFBWZN37xx1zHw8DmB0DZqm5txHvBx99QKUNstbQTUSJKBsuFK6cOaG7Ewgm1ODnCADnxvpoinRz5d3GaNXNpDA2QWubrjqf6FtSc6JuFfJeWZkyN7LyD-NQHzbEUpURyjkxBHwu3W4BIxap3a1ixhfPvsuxKbzsrSC8sp-g5mqi3Q4AzWykz21p5cwwBhvMK3WhshFeCnb040E7RmHskxPTaD8_hy0ig1KerpR1uD9pIHm_ZSCFswzP2SLxAkyp_a_vIij4ZvviYcWJPmE8w6mal6Hjx1FZP8W2qlfMc2RB8iAEpK3SiC0x5aZdH32y9uOZAcFPxo27eP-k3QwfZ3uqJbftpkPfmWJtYoUhs882Tlc9pSfbsSP97gPcBu9DSipem3yKZ4VnXJM20KcnxZaCHaewEY_2hJL2qx_EzSH2CVyLjOgQMEiTtvFAL6_oslrPOjqo06fgiFIKmO3cztqroNmCxx2EIn2aq11VRuIWUBU6EuM2e0FXe3TDQIwaW_Kh-nhlNb8-0cAlEPPdozMTttj-uI7VS36km0l1FqoslsC9Pw8Sl0zqD474FfPV5vxvti6AJzfluqtuW8GgiN3ytnmS2RCsSgkacVpcRJI-CyfC4pbm31zrRj0KXxxxsmSxB2wJgbPz4XhwSdtNPUOalVsSrs-0zoJBG-2rNdPjoxAvhyIcoalItCJgaTMG3T10DqYeEbapwdHrp2XoW-J3N4fi7G6YVrTIQThjp55SbYThu8phIUgIvgrDEj83_Zvn6ZJwTwQsvm3wH4gQqexlOOxHl9YWQAj52VHPBwrXym5cewU3Lf1oEfHaBahY4CEHfXzgf4QaZt4GTAaG6p5oRdP-bNJAz7ALMbpMVmVtLHmfmwyumDhRhAasoWk8lqSyC_RZWTdzciYiT4fZMZdw63h_iw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 c
pa.rxthdr.com/v3/ Frame 0
0 416ms
139ms Other 3.224.156.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/c?publisherId=77361626-29f3-4a0b-acf4-156a20f0699f&host=wral.com
Protocol: H2
Server: 3.224.156.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-156-224.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://controlc.com
Sec-Fetch-Mode: cors

Response headers

status: 204
date: Sun, 27 Sep 2020 16:54:02 GMT
server: nginx
access-control-allow-origin: https://controlc.com
access-control-allow-methods: POST, GET
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
cache-control: no-cache, private

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FE48 144 B
1 KB 91ms
91ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

df615d048a64d8ee6d6c99845b743056bb3da0b49b5ec4ef3ace259165f3c7f8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Sep 2020 16:54:02 GMT
X-Proxy-Origin: 37.120.209.220; 37.120.209.220; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.69:80
AN-X-Request-Uuid: 343cdaa9-3641-4724-a211-ac4320dfaeb1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame FE48 94 B
703 B 274ms
107ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224f1543d5970746%22%3A%2276795fc5b7de0e74fce0%7C728x90%22%7D&ref=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&s=8d3d55f8-5b20-4355-80dc-e07db3640ede&pv=31bde56b-3b48-4929-a250-9366b08ec38c&vp=mobile&lib_name=prebid&lib_v=2.44.7&us=3&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224cd377bb-c455-40c0-9c7a-667505450792%22%2C%22hp%22%3A1%7D%5D%7D&

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

e7b92bc74d9e430c6b3b0288f412916bed6d3cdd5139d87a660a271f92e65d37

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Sep 2020 16:54:02 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 119
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 arj Show response
insticator-d.openx.net/w/1.0/ Frame FE48 172 B
360 B 80ms
73ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=372dfcf2-a665-4ef1-90fe-146d27cb4b53&nocache=1601225642079&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&aus=728x90&divIds=div-insticator-ad-4&auid=540833000&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: f6f81305968789058b1aa5d223022f19460cff7b256e6f088bc07be52282e924

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:02 GMT
content-encoding: gzip
server: OXGW/16.193.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://controlc.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame FE48 190 B
372 B 38ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 8b33b576d76d1e749f284f8445eac121c6eb07c6c5ae5400906d9b2d1111b4b5

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:02 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://controlc.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 190
expires: 0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame FE48 0
321 B 2094ms
179ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&host=controlc.com&u=https%3A%2F%2Fcontrolc.com%2F&ru=&adid=ad-8A2A7A833A3866BB099D4B6286ED748&w=728&h=90&tdid=&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&fp=&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://controlc.com
date: Sun, 27 Sep 2020 16:54:04 GMT
access-control-allow-credentials: true
connection: close

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame FE48 66 B
342 B 157ms
157ms XHR
application/json 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: / 33Across
Resource Hash: 404f81b15c1b80f29a851b13c8ef9b7c2192199ba62c50f2cf26e7015a9ae516

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Sep 2020 16:54:02 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controlc.com
access-control-allow-credentials: true

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/74418/0/ Frame FE48 0
269 B 70ms
70ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/74418/0/mvo?z=1r&hbv=2.44.7,2.1
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://controlc.com
Pragma: no-cache
Date: Sun, 27 Sep 2020 16:54:02 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

GET imp
g2.gumgum.com/hbid/ Frame FE48 0
0

GET hb
ice.360yield.com/ Frame FE48 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame FE48 0
57 B 76ms
75ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 27 Sep 2020 16:54:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://controlc.com

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ Frame FE48 0
304 B 1269ms
89ms XHR
text/html 18.196.104.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1601225642087&src=pbjs
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Sep 2020 16:54:03 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame FE48 24 B
629 B 60ms
59ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.44.7
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: c839ddb42f1c27a6fd9b1400b679364978efda3df1c27b2e4328ad7391a4d18c

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Sep 2020 16:54:02 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://controlc.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST v1
dmx.districtm.io/b/ Frame FE48 0
0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame FE48 25 B
256 B 124ms
124ms XHR
application/json 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=297143&v=7.2&r=%7B%22id%22%3A%2227564a4187b226c%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22284bf1be1b9b51c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22297143%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcontrolc.com%2F78e7fdfd%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224cd377bb-c455-40c0-9c7a-667505450792%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d1016337a70809175073950947a7e34b584d2c0dfc50e092e23f215a1bba0564

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:02 GMT
content-encoding: gzip
server: Apache
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://controlc.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
expires: Sun, 27 Sep 2020 16:54:02 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FE48 145 B
1 KB 110ms
110ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

8353e604862c858a7ce86eb953f85436737d1b8169b7b8babae478d680ea2c90

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Sep 2020 16:54:02 GMT
X-Proxy-Origin: 37.120.209.220; 37.120.209.220; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid: 718f5e93-8c8a-409e-814e-d4a84d659f9d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FE48 145 B
1 KB 116ms
116ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

50c9da59056a1fdc98808b4e483ba1e3065b106b926d282776d6e086daae5028

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Sep 2020 16:54:02 GMT
X-Proxy-Origin: 37.120.209.220; 37.120.209.220; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.78:80
AN-X-Request-Uuid: 186b856a-30f8-4ee2-92a8-b4aa54bbc023
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame FE48 301 B
777 B 68ms
67ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=156734&zone_id=747340&size_id=2&alt_size_ids=1&rp_schain=1.0,1!insticator.com,4cd377bb-c455-40c0-9c7a-667505450792,1,,,&rf=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&tk_flint=pbjs_lite_v2.44.7&x_source.tid=506caf8e-9fe4-480c-8b99-12a6255c4b30&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.014145815977371523
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a48a0b3b82b881fb6229d0f924c5a65ebd94c2fcd4fcfa428d20808998d2138c

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Sep 2020 16:54:02 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 301
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 c Show response
pa.rxthdr.com/v3/ Frame FE48 47 B
275 B 428ms
143ms XHR
application/json 3.224.156.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/c?publisherId=77361626-29f3-4a0b-acf4-156a20f0699f&host=wral.com
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid-2.44.5-21-gb90761d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.156.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-156-224.compute-1.amazonaws.com
Software: nginx /
Resource Hash: af22b7b8b927999e453225a1bbb00a6a4894a38f2df58f10c96e01bcafea8bc5

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/json

Response headers

date: Sun, 27 Sep 2020 16:54:02 GMT
server: nginx
status: 200
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://controlc.com
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 200 pixel.gif
dh014lg6uwepv.cloudfront.net/ Frame FE48 35 B
346 B 211ms
142ms Image
image/gif 2600:9000:206e:5000:1a:5302:20c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1601225642059&site_uuid=136953cb-88f9-48b3-9417-8f28d8a3cf54&hostname=controlc.com&ad_unit=wral.com_Web_728x90_1&impression_type=il&device=desktop&country_code=UNKNOWN
Requested by: Host: controlc.com
URL: https://controlc.com/78e7fdfd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5000:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:03 GMT
via: 1.1 f78fee2989d34e40cb45ddfbcb9ba346.cloudfront.net (CloudFront)
last-modified: Tue, 10 Sep 2019 16:08:28 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C1
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: RefreshHit from cloudfront
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 35
x-amz-cf-id: A83uqYrrLsPgEcpdwq7C1974uo_OO5WwWcaxuAk9uo-ElPRfGxYHgw==

POST
H2 201 event Show response
event.insticator.com/v1/ Frame FE48 0
171 B 417ms
417ms XHR
text/plain 2606:4700:10::6814:190b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.insticator.com/v1/event?event_name=event_pageview
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

date: Sun, 27 Sep 2020 16:54:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 201
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-origin: https://controlc.com
access-control-allow-credentials: true
cf-ray: 5d96be8d3a16177e-FRA
content-length: 0
cf-request-id: 0572156c3e0000177e1a9f3200000001

OPTIONS
H2 200 event
event.insticator.com/v1/ Frame 0
0 150ms
143ms Other 2606:4700:10::6814:190b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.insticator.com/v1/event?event_name=event_pageview
Protocol: H2
Server: 2606:4700:10::6814:190b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type
Origin: https://controlc.com
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Sun, 27 Sep 2020 16:54:03 GMT
content-length: 0
vary: Origin
access-control-max-age: 3600
access-control-allow-origin: https://controlc.com
access-control-allow-headers: access-control-allow-origin,content-type
access-control-allow-methods: POST
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
cf-request-id: 0572156bac0000177e1a9e9200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d96be8c4fc4177e-FRA

POST
H2 200 view.php Show response
controlc.com/api/tinypaste/ 15 B
132 B 50ms
50ms XHR
text/html 2606:4700:3034::681c:16af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/api/tinypaste/view.php
Requested by: Host: controlc.com
URL: https://controlc.com/public/js/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:16af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 131d6875ed61d5ee2bef34a882f4edfa6cd9bd1b90ffff06b05dcdbd86adb234

Request headers

Accept: */*
Referer: https://controlc.com/78e7fdfd
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 27 Sep 2020 16:54:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.5.38
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 5d96be937b84d72d-FRA
cf-request-id: 05721570280000d72d6f22b200000001

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 331C
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJVXBnRs4xSQASewTpyynsw&google_cver=1

43 B
114 B

62ms
61ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJVXBnRs4xSQASewTpyynsw&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:04 GMT
via: 1.1 google
server: OXGW/16.193.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:04 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJVXBnRs4xSQASewTpyynsw&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
x.yieldlift.com/ Frame 331C
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-379ead06-b3af-4147-a5aa-e96e3e893cef-003&rndcb=3476529857
https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-379ead06-b3af-4147-a5aa-e96e3e893cef-003&rndcb=3476529857
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=29a6145a-df3f-43f1-9412-7d60d8b48c89&google_hm=MjlhNjE0NWEtZGYzZi00M2YxLTk0MTItN2Q2MGQ4YjQ4...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELovOS-DMJiI75qmvYxv6iM&google_cver=1&ssp=adconductor&bsw_param=29a6145a-df3f-43f1-9412-7d60d8b48c89
https://sync.1rx.io/usersync/bidswitch/29a6145a-df3f-43f1-9412-7d60d8b48c89?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-379ead06-b3af-4147-a5aa-e96e3e893cef-003?redir=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-379ead06-b3af-4147-a5aa-e96e3e893cef-003

0
654 B

140ms
139ms

Image
application/json

52.72.161.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-379ead06-b3af-4147-a5aa-e96e3e893cef-003
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.161.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-161-243.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Type: application/json;charset=utf-8
Accept: application/json
Cache-Control: no-cache, no-store, must-revalidate
Server-Timing: intid;desc=c53a531be5db5e9d
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Date: Sun, 27 Sep 2020 16:54:06 GMT
Server: Tengine
ETag: RX379ead06b3af4147a5aae96e3e893cef003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://x.yieldlift.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-379ead06-b3af-4147-a5aa-e96e3e893cef-003
Connection: keep-alive
Content-Type: text/html

GET
H/1.1

200
OK

setuid
x.yieldlift.com/ Frame 331C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=5426024513097824831

0
618 B

140ms
139ms

Image
application/json

52.72.161.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=5426024513097824831
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.161.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-161-243.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Type: application/json;charset=utf-8
Accept: application/json
Cache-Control: no-cache, no-store, must-revalidate
Server-Timing: intid;desc=03e7e61afa4f2e99
Connection: keep-alive
Content-Length: 0
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 27 Sep 2020 16:54:04 GMT
X-Proxy-Origin: 37.120.209.220; 37.120.209.220; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.78:80
AN-X-Request-Uuid: de5e13ed-1cd3-4fe7-ab50-5805418f28d3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://x.yieldlift.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&uid=5426024513097824831
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

umcheck
cs.emxdgt.com/ Frame 331C
Redirect Chain

https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24E...
https://cs.emxdgt.com/umcheck?apnxid=5426024513097824831&redirect=https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$EMXUID

43 B
97 B

59ms
59ms

Image
image/gif

18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/umcheck?apnxid=5426024513097824831&redirect=https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$EMXUID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 27 Sep 2020 16:54:05 GMT
content-length: 43
x-nosync: na;
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sun, 27 Sep 2020 16:54:05 GMT
X-Proxy-Origin: 37.120.209.220; 37.120.209.220; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.181:80
AN-X-Request-Uuid: bcafae7e-013a-4695-b4ad-5e068b70beae
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cs.emxdgt.com/umcheck?apnxid=5426024513097824831&redirect=https://x.yieldlift.com/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&uid=$EMXUID
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 d
ic.tynt.com/r/ Frame 331C 0
227 B 2476ms
156ms Image
text/plain 208.100.17.185
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dttx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.185 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip185.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Sun, 27 Sep 2020 16:54:06 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK us.gif
sync.go.sonobi.com/ Frame 331C 49 B
509 B 1840ms
55ms Image
image/gif 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Sep 2020 16:54:05 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame FE48 53 KB
18 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0daa535ffae565a816869d7d75b4baea36945d43ee41d690620bdc4c6df4707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "645 / 736 of 1000 / last-modified: 1601071877"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17838
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:54:05 GMT

GET
H3-Q050 200 pubads_impl_2020091601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame FE48 263 KB
92 KB 72ms
71ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067560

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Sep 2020 08:40:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94378
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:54:05 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame FE48 109 B
149 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067560

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame FE48 109 B
126 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067560

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FE48 81 KB
29 KB 437ms
437ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=583104236896959&correlator=1367797137087675&output=ldjh&impl=fif&eid=21067560%2C21065139%2C21065516%2C21065975%2C21067200%2C21067397&vrg=2020091601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200927&iu_parts=27794161%2Cwral.com_Web_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=h%3D16%26shb%3D1%26tg%3D0%26p%3DBTF%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&cookie=ID%3Df633de96969be4a1%3AT%3D1601225639%3AS%3DALNI_MaHO6Ugtebpml06JG3eCdcbZ-lT_Q&cdm=controlc.com&bc=31&abxe=1&lmt=1601225645&dt=1601225645255&dlt=1601225641395&idt=3826&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=50&adys=740&adks=1627582656&ucis=u3zm8nh83lk8&ifi=1&ifk=1736603070&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&top=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&dssz=17&icsg=524962&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=351749556.1601225639&ga_sid=1601225645&ga_hid=408021108&ga_fc=true&fws=256&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067560

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e8ee88841929f79ad84a66aa288b17c9b731225cd17ea9ab22f3665c5fb9a74c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29502
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
367964d5ab8590bf240293b099a2ae36.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame FE48 0
0 71ms
56ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://367964d5ab8590bf240293b099a2ae36.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067560
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame FE48 0
0 6ms
6ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067560
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
367964d5ab8590bf240293b099a2ae36.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame EB27 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://367964d5ab8590bf240293b099a2ae36.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 367964d5ab8590bf240293b099a2ae36.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sun, 27 Sep 2020 16:54:05 GMT
expires: Mon, 27 Sep 2021 16:54:05 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE48 72 KB
27 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067560

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f4becf7aa4520a267deefcfb80ed580800fa75b8c968d6bfd2ea9e14d65b642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:54:05 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202009241526/ Frame FE48 156 KB
51 KB 1181ms
56ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202009241526/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b4e202f1d3388754c2cea940e1c86612f0f9bb61886973d97ade599adab7ac

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 27 Sep 2020 16:54:07 GMT
Content-Encoding: gzip
Age: 584
X-Cache: HIT
Connection: keep-alive
Content-Length: 51646
x-amz-id-2: p+wuEDCuJWr/8g50ujRY0kJmZ67J5pCT3cG1BU4TtsLkzkLodZ048l88/CkWR5VjxdDGf/hlD+s=
X-Served-By: cache-hhn4047-HHN
Last-Modified: Thu, 24 Sep 2020 20:30:39 GMT
Server: AmazonS3
X-Timer: S1601225648.643741,VS0,VE0
ETag: "0cea574dd501306c77b63eac3cf917a9"
x-amz-request-id: 6CC5A2650350B3B1
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 1103

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202009241526/ Frame FE48 62 KB
22 KB 1307ms
56ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202009241526/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bef0496bcfb29ed7195b5688e1ed12d05351c7ab6a99d4bdc2bc3671a373c9ba

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 27 Sep 2020 16:54:07 GMT
Content-Encoding: gzip
Age: 770
X-Cache: HIT
Connection: keep-alive
Content-Length: 21494
x-amz-id-2: ubZHN3qi4wjiGJSQ1CV75bFuwX/Vqb7Vbfk/VrezZXoudZz2VkOfGsYuU8Hmklf4exXgi4Ij76A=
X-Served-By: cache-hhn4047-HHN
Last-Modified: Thu, 24 Sep 2020 20:30:40 GMT
Server: AmazonS3
X-Timer: S1601225648.768342,VS0,VE0
ETag: "fbeceb2f6a4b4e85b160899f8c158053"
x-amz-request-id: 3EC04FF312F2319D
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 1202

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame FE48 0
44 B 99ms
99ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6BAKmV05LV0J7RkL56ibGRgLnoforQHIi3kQtrJqUzAfmc8lSyrnds66Wx6aJBsgfbV9Y-FhaxtyhEtvJyQnk5lCuFAHibGQrKzGzu-59L2UAN2t8tz1QXrLvLUKV122Lwx3h0REc6OhxNLwBAUKsJbUoynsBUrFYyXtfmy0zXzc0LBX2Yf09xKWn9rK0hw_fvI25UCj0oQbbHLpdeYsvYZCBURvpcoI2_QPb6eS_pQIXPl3D3aGQ2AWIF5cpcbz1d8xKV6mC4YFlcEJU3V0IrnpnNB_m&sig=Cg0ArKJSzCBdz2d4FnyREAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:54:07 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FE48 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020091601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js?21067560

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cbba8342f19be6bf3cd8ce71ca488f69c68c33f7b9657b54ee9006fc2852644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Sep 2020 16:54:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6370
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FE48 16 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202009241526/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 16:54:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600730918364481"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0
expires: Sun, 27 Sep 2020 16:54:07 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/216/ Frame 0D02 0
0 6ms
5ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202009241526/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/216/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/78e7fdfd
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/78e7fdfd

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4674
date: Sun, 27 Sep 2020 16:02:58 GMT
expires: Mon, 27 Sep 2021 16:02:58 GMT
last-modified: Mon, 21 Sep 2020 21:29:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3069
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE48 0
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gpt_2020091601&jk=583104236896959&bg=!Y2ClYHhYT0FTy1t8FqoCAAAAaVIAAAARCgHL5vSqdN_YvKOGJlcIGbDtPsqQoJgNb7elx5MtvtiqVU8OZFL5CArn9dLxxPfvaq4yGGrD4RsQnG9d7GSXhg7-K2JtY-MEbQskAKrftIafmnZzY1pWqlotOJoIpmbGuQnb1qiWqbx9gDuOneDQMwKHvFsQ61K5JZ4Yrl_5hUDvpZ1lMBLC7mS5HWbZZMY5D-k3TD9SG6Yv69i2o2vS9GswThbm9Mqx12KeDgVQ2mEitNTLJIsRX8nK6hgOfVtlUvWD2cxBJBjSmExoK2Fm376dI_Pw7wGmkeSe5YacNVhsjK072IuJbJlpALZQBfA06fRmgPxI4sXqmJH7isaZN_kTFLNasSfKzn9EUtzoUjLxFa5r4zdph86pgah_gjKdpjCf3Yk9g-7fF-vyf3X7QDaqLv3TS6hCOXazDIGu79lr43SputZtdERLbQyZovIFAqAuOqwkp54Ce53NEFSLK7GIKRuVzdJ-W2N8sVC-PzLhCSSkE32UpRVgRyKkuO2yIs1IlVHcyCY8TkzVg4TgcxfWL6eCTDsb2DaDAuxLMjhJhuIxDzEhwDIS4b4-JjMAiCZTDEbUoceYryyAxTvk4QEoWkOss1htS81IGCksmQHHBtxBNheSzAnFce3GwDluHqVhAOaFKNKlCpbWF6lj-rtHrNZQv2kgoELGktNax8WvKTric4xNmkQ0sk3gaBabm5pm_ssJgd5x5SWE6mhlIJB2AqhAsya7wm-YGIFGV8mqwId7HNXFmIM2TVZCNPCD3cQgqkgZ9B4ovbGJEdRiRHNTBFHBThB_krPN8ZPh5_Ft0SviOmHGtVSUPIPa-2AKSi-Z18YLxoAkFRxlPCdKvySG1Wk_F0PpckpZgGgV6EXsZbiClNFTILFBTGJSwvbxYAT4-QSrCr6EPcFM8rOL3UTYw3CtR4ZNp_dh3qZhCNSoeLoyPAElBeisyP85xhIcf2tbtAJHQAewhWrSYXmY5bmMDlESz1y7R_8UhZNrT-qJOd4EphMyOZYIwHSFqcW0ywcR8IEttdPJWA7DOld_846P4XWZhK2KJS2FdaOTO_Qy7qGSajoddAtgZP18PZt4OVF9n0No9NLadvl8DX0_M0pQ7-zucjdjCGVx125Mhogrf78L38MxFwG1q4_0t31igQjARW9US_tDYjGHjv0UaIndhFSw8f2WwqNfSeJyb8r3Fa5C8QQGoxhbt6B4GPRI4TuRlP3YRsM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FE48 42 B
69 B 15ms
14ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPtH-RQ__aJlM2MkLZ2sN7F3UKB4JJbVzH_xTrfDLNZEcgRovKx86KYtBUCXdWVBl4tkxa-l7PqQ21VM-KdX2Xe-CrklamsGcl_NQfWlA&sig=Cg0ArKJSzLZv3sNZOmeaEAE&adk=554702876&tt=-1&bs=1600%2C1200&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&p=0,0,90,728&mcvt=1009&rs=0&ht=0&tfs=6348&tls=7357&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=6247&niot_cbk=6251&md=2&btr=0&cpmav=0&lm=2&rst=1601225641462&dlt&rpt=6350&isd=0&msd&xdi=0&ps=1600%2C966&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=7355&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200925

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/78e7fdfd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Sep 2020 16:54:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/hbid/imp?si=18045&pi=3&schain=1.0%2C1!insticator.com%2C4cd377bb-c455-40c0-9c7a-667505450792%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcontrolc.com%2F78e7fdfd&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9626&

Domain: ice.360yield.com
URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235bf6c8a538d233%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fcontrolc.com%2F78e7fdfd%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224cd377bb-c455-40c0-9c7a-667505450792%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218a6f7f0a61d269%22%2C%22pid%22%3A%2222111523%22%2C%22tid%22%3A%22597916e4-8bd7-424c-99f3-5f4900f5e108%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.controlc.com/	1970-01-19 12:48:32	Name: _gid Value: GA1.2.1184822173.1601225639
.controlc.com/	1970-01-19 12:47:05	Name: _gat Value: 1
.controlc.com/	1970-01-20 06:18:17	Name: _ga Value: GA1.2.351749556.1601225639
controlc.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: c05f9c139008aaebf2388b608d7c2e9a
.controlc.com/	1970-01-19 13:30:17	Name: __cfduid Value: d989d91d059f795f299413c27bf469c451601225638

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/doubleclick-gpt/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	log	URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=6902521601225639199(Line 30) Message: %c [object HTMLImageElement]
console-api	log	URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=1505431601225639219(Line 30) Message: %c [object HTMLImageElement]
console-api	info	URL: https://cdn.ampproject.org/rtv/012009190410000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2009190410000 https://controlc.com/78e7fdfd
console-api	warning	(Line 1) Message: NO prebid responses1
console-api	log	URL: https://d3oi8laqsvc6ey.cloudfront.net/pw.js(Line 2) Message: Scanner Online
console-api	log	URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 162) Message: dom ready!
console-api	log	URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 451) Message: topFrame: [object Object]
console-api	log	URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 212) Message: params: [object URLSearchParams]
console-api	log	URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 331) Message: Cookie enabled, set cookie
console-api	log	URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 297) Message: session: [object Object]
console-api	log	URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 407) Message: Send pageview now
console-api	log	URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/136953cb-88f9-48b3-9417-8f28d8a3cf54/9e6fa088-3ce1-4007-a79c-afe1fd9fa0d8.js(Line 412) Message: formatedPageview: {"timestamp":"2020-09-27T16:54:01.915Z","user_data":{"session_details":{"id":"70f2f549-5054-4466-92d5-3b97e8e06835","referrer":"","campaign":{"source":null,"medium":null,"campaign":null,"term":null,"content":null}}},"embed_context":{"site":{"id":"136953cb-88f9-48b3-9417-8f28d8a3cf54","page_url":"https://controlc.com/78e7fdfd","hostname":"controlc.com"},"environment":{"device":"DESKTOP"}},"event_data":{"type":"load","data":{"pageview_type":"AD_ONLY","integration_type":"DFP_WITHOUT_SAFEFRAME","ads":["div-insticator-ad-4"],"embed":[],"header_code_version":"STANDARD-VAdX_3_9_H-2020-09-24 22:19:12","test_group":"0"}}}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

086fe969c5c7532c0d30644252515e72.safeframe.googlesyndication.com
367964d5ab8590bf240293b099a2ae36.safeframe.googlesyndication.com
401ac98cc6e4a7969e86bda475541387.safeframe.googlesyndication.com
94b9174523f19b2eae2e13a4cc2ca745.safeframe.googlesyndication.com
ads3.mthsense.com
adservice.google.com
adservice.google.de
adservice.google.se
ap.lijit.com
apex.go.sonobi.com
b2c.insticator.com
cdn.ampproject.org
cdn.fancybar.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
controlc.com
cs.emxdgt.com
d2na2p72vtqyok.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d3oi8laqsvc6ey.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dh014lg6uwepv.cloudfront.net
dmx.districtm.io
eu-u.openx.net
event.insticator.com
fastlane.rubiconproject.com
ff4c237f123bfea15fc533c2bb6af73a.safeframe.googlesyndication.com
g2.gumgum.com
geoip.insticator.com
googleads.g.doubleclick.net
hb.aralego.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ic.tynt.com
ice.360yield.com
includemodal.com
insticator-d.openx.net
os4m-d.openx.net
pa.rxthdr.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
ssc.33across.com
stats.g.doubleclick.net
storage.googleapis.com
sync.1rx.io
sync.go.sonobi.com
sync.targeting.unrulymedia.com
tag.1rx.io
tpc.googlesyndication.com
us-u.openx.net
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
yadloop.com
dmx.districtm.io
g2.gumgum.com
ice.360yield.com
104.111.215.135
151.101.113.194
162.210.196.208
172.217.23.162
178.162.133.149
178.162.133.150
18.195.155.181
18.196.104.43
185.33.220.242
185.64.189.112
208.100.17.185
213.19.147.150
213.19.147.210
23.111.10.144
2600:9000:2057:1a00:d:77c3:2dc0:21
2600:9000:2057:5a00:10:3422:3f00:21
2600:9000:206e:5000:1a:5302:20c0:21
2600:9000:206e:e200:5:ee0e:9e80:21
2600:9000:214f:b400:1c:386f:ec80:21
2606:4700:10::6814:190b
2606:4700:3034::681c:16af
2a00:1450:4001:808::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:816::2002
2a00:1450:4001:817::2001
2a00:1450:4001:819::2004
2a00:1450:4001:81e::2002
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:4001:821::2010
2a00:1450:400c:c0c::9d
2a02:fa8:8806:16::1460
3.126.15.129
3.224.156.224
35.244.159.8
40.84.148.247
52.14.71.94
52.72.161.243
67.202.110.22
69.173.144.141
72.251.249.13
99.86.243.3
99.86.245.175
022179df5567437df44056a6008594f1dcbe3484485b92c2fe0ead9334f72210
02dabb341cdbba4ef141dcf8f8804a22e6a9ad62dbc49ee379bc891c8528bd23
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea
0f4becf7aa4520a267deefcfb80ed580800fa75b8c968d6bfd2ea9e14d65b642
10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2
12b4e202f1d3388754c2cea940e1c86612f0f9bb61886973d97ade599adab7ac
131d6875ed61d5ee2bef34a882f4edfa6cd9bd1b90ffff06b05dcdbd86adb234
194e7fd40f3eba1265b9de18b2fc51f0a86cac208c0ce657aca517a8db13559d
1b917aa4401313d98a7bf37b5d0575fdb97b34c4c9f04d2f53edfd3c453c9b70
1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47
206ad0e2c8cb0b55245e3bcf54bc5cd57fc7284b8f94aef1955eae5574acdf48
249a47240c54580905210bdba65667fee54315dc6ed4c35c080569b2526ac056
2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6
2fe7796822e2b38be3b4d8089b9156edaf5a0e5c51858ae2a4cd225dedd26b60
34c7fcd2866c5196e83395a04b44cee9dd2673cec63220884b1fb682d257141b
359f2125b04f87bfcf8364bd209b0c79e2751b257cba4a306a7722d50249b94d
35d2c70b18e19b7a7aba12f1b90d2c3eded8657ec69860ca6b1d2544f4f6578f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
383ac3617e9a800a482b64a05eaa17e3904bd50158fb93525945298277317964
3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070
404f81b15c1b80f29a851b13c8ef9b7c2192199ba62c50f2cf26e7015a9ae516
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573
439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986
467b1db9776e63a47ad4b041976647f292a3ce02da70383613325e4dea1ef734
4ba502ecab0bd6b9bfdff438ee33ff556ef77484c3a6da888d264d25f082252a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50c9da59056a1fdc98808b4e483ba1e3065b106b926d282776d6e086daae5028
52e1b409fe7138df9807d4b1429bd5d65fb0da6fa3d5262d0d35f1a9363e9592
5fe731c4c64abb6076bd1db3ad8901bc4debf65d4ea909a2d5ce87c9bb529d42
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
69d62a251ebba0b6eae49bc11cee3af8a1363ed716324f8a2c41e21ac7c2362c
6e922793ef5dbb2417f3143a2e24b33be1fd6b3ba412df3a31e0173ca46f021c
6f5eb04ed0f9e26a1696e86b9f8b3c0bddbc00043fb9019911501e018de27683
70c7d1e53c9c8dd120a4f74faf719b5bb087508446ba9479e2d3e363ef5dd679
72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9
762ec355f24c740559b048460b5a40aeb9965a70c883fdf5c454119d0c1e5e55
770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718
7ad474fa92add6794702b5c0858699fcd140b0e4f25439c8292ec815818fd1cb
7e0b06857b724cd21b3fb285774e574faf839065efce32b4b738fbf5e701be1d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82e53fb879c382307f35880c9fbe5339ce8e90bb925c446163e9bb37db53933f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8353e604862c858a7ce86eb953f85436737d1b8169b7b8babae478d680ea2c90
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a39b2febc8f8dc2a7ee1e3c4e8a23bcbe10f8250614d32efdd4b4d4bd40df8
86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced
87969dac371aa412dac668003413d71de607ca1d2e6bb74c0d599bb0048cfb38
8887246fdae6a5bde33313c306ca108fbb99f4bd5fc82eab0d675a4162105b4f
8b33b576d76d1e749f284f8445eac121c6eb07c6c5ae5400906d9b2d1111b4b5
8ec82f03a4c81c1d2afacfa86193f095b914aadae77a16788370a56ada9867ee
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9192eb8a771e36bdc5163dedc00a24d495d85aa0dc83aa72f4e9e6a681b302d6
9a4f4b6ad461cb13154faa2b9eb2b3c375ecf23df47ada55d7a0370aa37ab990
9cbba8342f19be6bf3cd8ce71ca488f69c68c33f7b9657b54ee9006fc2852644
9d66a122d9849ec2d6665a9b55df6ac3fef29e50b712588ab729aaab7b6e949a
a0f03f670f5c16e9b22d787443db512d649c1c8ba0c87ce91e030fa06d752797
a11935264f19ad1aae8868e716448f8e94c679b59f457fb69b071257384927ef
a48a0b3b82b881fb6229d0f924c5a65ebd94c2fcd4fcfa428d20808998d2138c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af22b7b8b927999e453225a1bbb00a6a4894a38f2df58f10c96e01bcafea8bc5
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b70122e8423c5efaf49267085346cd58a29204107062227685012f7327a067e2
b76fe86c6c98fb89fab2540d581a26218462a7bad1b6126fc9e2785c22764286
bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2
bda9d40ba62ecca3cfb1eb57016ee562eac7d69a20e9b4e520ceb8e2c6d3c5fd
be33982ff67c790e285661853e12db59cb0cc76f417f924715f366ee1e269881
bef0496bcfb29ed7195b5688e1ed12d05351c7ab6a99d4bdc2bc3671a373c9ba
bf854a7b7ea523eaf0e05e333f6768d66af9f3430b9e2770edc995a169e24167
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
c839ddb42f1c27a6fd9b1400b679364978efda3df1c27b2e4328ad7391a4d18c
c99008a8943fed0f67f8f309c2873e0d006b3c91e9e76fb474123f86688eba51
ca480dc81738cf67ab726a8a18e8b1b98f2f0ae631c0567646c67426151ddce7
cbdf8d3dc69e0b4674cb2a518fd8cb9fa088f5903165c79981ce2e4c22d9426f
d1016337a70809175073950947a7e34b584d2c0dfc50e092e23f215a1bba0564
d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd
d705cafd8b5cb02ac3330cc69cacb5ca72572b3a92699e3744ebe92c5b0249d8
dc5e458dcc21cfe34d27361f3491be84fb9a5da80ea1e1442ca87997d7d3c9f8
df5fea3a51a4e8e842e2e03b6fc81c69e83318f11a7e237af309c4245376b6cd
df615d048a64d8ee6d6c99845b743056bb3da0b49b5ec4ef3ace259165f3c7f8
e0daa535ffae565a816869d7d75b4baea36945d43ee41d690620bdc4c6df4707
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72787910d0126f2c705ff41ebef2cf6b9e4dcc5f6ade5ecc9dbd3bbbedd8b25
e773bcc07d0c9a3b997fbdda2f816ceea6763146bba391ce3d910dffae77b7a5
e7b92bc74d9e430c6b3b0288f412916bed6d3cdd5139d87a660a271f92e65d37
e8a9a8b91526efa6067283fcf4277853c7a78d460c6a25aac1cbe822b10fdd70
e8ee88841929f79ad84a66aa288b17c9b731225cd17ea9ab22f3665c5fb9a74c
ed1d1a7225a5b7fb969296f7b3b1a1068d7f492632dbf4165ac7cd98ebd26be9
ed3d32260e0e8d830de9ab5f9dae226e810cbc3b23ce9c4e4a743ac45999d06e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b
f5a1212852709b2be58bf29e94fb8b53575c6596d744b192d2979474b062c4b3
f6f81305968789058b1aa5d223022f19460cff7b256e6f088bc07be52282e924
faaacf2ef87630111303bdc29528bd65f2957ed6c6306966aa7850210affbed5
fb1720927d146fe5dc6901717017a7b373a4a55acbb15ed36677cfa5d2abcb08

controlc.com Open in urlscan Pro 2606:4700:3034::681c:16af Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

197 Requests

98 %HTTPS

43 %IPv6

37 Domains

61 Subdomains

43 IPs

6 Countries

1897 kBTransfer

4849 kBSize

5 Cookies

0 Outgoing links

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

controlc.com Open in urlscan Pro
2606:4700:3034::681c:16af Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

98 %
HTTPS

43 %
IPv6

37
Domains

61
Subdomains

43
IPs

6
Countries

1897 kB
Transfer

4849 kB
Size

5
Cookies

197 HTTP transactions
5 data transactions