URL: https://wtf1.com/
Submission: On July 10 via api from US

Summary

This website contacted 31 IPs in 8 countries across 28 domains to perform 77 HTTP transactions. The main IP is 2600:9000:20eb:fe00:17:a3ae:58c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is wtf1.com.
TLS certificate: Issued by Amazon on April 25th 2020. Valid for: a year.
This is the only time wtf1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2600:9000:20e... 16509 (AMAZON-02)
7 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.201.93 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
7 172.217.16.162 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.224.193.63 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 3 23.37.53.17 16625 (AKAMAI-AS)
3 2620:116:800d... 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.210.250.213 16625 (AKAMAI-AS)
2 18.132.99.227 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:21f... 16509 (AMAZON-02)
3 13.224.199.29 16509 (AMAZON-02)
1 37.252.161.190 29990 (ASN-APPNEX)
3 52.58.195.54 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 104.154.142.214 15169 (GOOGLE)
1 69.173.144.141 26667 (RUBICONPR...)
1 52.210.165.157 16509 (AMAZON-02)
1 23.210.249.164 16625 (AKAMAI-AS)
2 4 34.98.64.218 15169 (GOOGLE)
1 185.255.84.150 200271 (IGUANE-)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 52.95.124.170 16509 (AMAZON-02)
2 2 172.217.22.34 15169 (GOOGLE)
77 31
Apex Domain
Subdomains
Transfer
15 googlesyndication.com
1e37f88eb5f02c1de8edb7d42a9d5b3b.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
162 KB
11 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
136 KB
8 wtf1.com
wtf1.com
cdn.wtf1.com
216 KB
5 ampproject.org
cdn.ampproject.org
109 KB
5 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
30 KB
4 openx.net
publisherdesk-d.openx.net
eu-u.openx.net
us-u.openx.net
1 KB
4 gstatic.com
fonts.gstatic.com
43 KB
3 sharethrough.com
btlr.sharethrough.com
324 B
3 moatads.com
z.moatads.com
geo.moatads.com
106 KB
3 quantserve.com
secure.quantserve.com
pixel.quantserve.com
9 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 googletagservices.com
www.googletagservices.com
71 KB
2 facebook.net
connect.facebook.net
167 KB
2 google-analytics.com
www.google-analytics.com
18 KB
1 google.com
www.google.com
96 B
1 omnitagjs.com
hb-api.omnitagjs.com
606 B
1 casalemedia.com
as-sec.casalemedia.com
982 B
1 gumgum.com
g2.gumgum.com
223 B
1 rubiconproject.com
fastlane.rubiconproject.com
4 KB
1 lockerdome.com
lockerdome.com
406 B
1 pubmatic.com
hbopenbid.pubmatic.com
111 B
1 adnxs.com
prebid.adnxs.com
500 B
1 quantcount.com
rules.quantcount.com
348 B
1 districtm.ca
cdn.districtm.ca
7 KB
1 206ads.com
s.206ads.com
64 KB
1 google.de
adservice.google.de
175 B
1 circlesix.co
tags.cdn.circlesix.co
349 B
1 googleapis.com
fonts.googleapis.com
957 B
77 28
Domain Requested by
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
wtf1.com
tpc.googlesyndication.com
7 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
wtf1.com
7 cdn.wtf1.com wtf1.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 pagead2.googlesyndication.com wtf1.com
securepubads.g.doubleclick.net
4 fonts.gstatic.com wtf1.com
3 btlr.sharethrough.com s.206ads.com
3 c.amazon-adsystem.com s.206ads.com
c.amazon-adsystem.com
3 sb.scorecardresearch.com 1 redirects wtf1.com
3 www.googletagservices.com wtf1.com
securepubads.g.doubleclick.net
2 cm.g.doubleclick.net 2 redirects
2 eu-u.openx.net 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 pixel.quantserve.com wtf1.com
2 geo.moatads.com z.moatads.com
2 1e37f88eb5f02c1de8edb7d42a9d5b3b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 connect.facebook.net wtf1.com
connect.facebook.net
2 www.google-analytics.com 1 redirects wtf1.com
1 us-u.openx.net
1 googleads.g.doubleclick.net wtf1.com
1 www.google.com 1 redirects
1 hb-api.omnitagjs.com s.206ads.com
1 publisherdesk-d.openx.net s.206ads.com
1 as-sec.casalemedia.com s.206ads.com
1 g2.gumgum.com s.206ads.com
1 fastlane.rubiconproject.com s.206ads.com
1 lockerdome.com s.206ads.com
1 hbopenbid.pubmatic.com s.206ads.com
1 prebid.adnxs.com s.206ads.com
1 rules.quantcount.com secure.quantserve.com
1 cdn.districtm.ca s.206ads.com
1 z.moatads.com securepubads.g.doubleclick.net
1 stats.g.doubleclick.net wtf1.com
1 secure.quantserve.com wtf1.com
1 s.206ads.com wtf1.com
1 adservice.google.de www.googletagservices.com
1 tags.cdn.circlesix.co wtf1.com
1 fonts.googleapis.com wtf1.com
1 wtf1.com
77 39

This site contains links to these domains. Also see Links.

Domain
facebook.com
youtube.com
twitter.com
instagram.com
vm.tiktok.com
Subject Issuer Validity Valid
wtf1.com
Amazon
2020-04-25 -
2021-05-25
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
circlesix.co
Amazon
2020-06-07 -
2021-07-07
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
*.google.de
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
s.206ads.com
ZeroSSL RSA Domain Secure Site CA
2020-06-04 -
2020-09-02
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1
2020-06-02 -
2021-06-02
a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2019-10-04 -
2020-10-07
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-05-14 -
2020-08-05
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2020-01-17 -
2021-03-17
a year crt.sh
*.moatads.com
DigiCert SHA2 Secure Server CA
2019-03-12 -
2021-06-10
2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-04-06 -
2020-10-09
6 months crt.sh
c.amazon-adsystem.com
Amazon
2019-10-07 -
2020-09-29
a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1
2020-03-29 -
2022-03-29
2 years crt.sh
*.sharethrough.com
Amazon
2019-10-07 -
2020-11-07
a year crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA
2019-02-22 -
2021-02-21
2 years crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2
2019-09-27 -
2020-11-26
a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years crt.sh
*.gumgum.com
Amazon
2020-07-03 -
2021-08-03
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2020-03-02 -
2021-04-01
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-18 -
2021-06-18
a year crt.sh
misc-sni.google.com
GTS CA 1O1
2020-06-17 -
2020-09-09
3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon
2020-06-15 -
2021-06-15
a year crt.sh

This page contains 6 frames:

Primary Page: https://wtf1.com/
Frame ID: BB57D95DD0AB5890E8BDBFC2D9D68480
Requests: 57 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYc2XloNPPSlZcpJ0M-yvJ18ZSsHfs5JtEUqbR0cYyJV8Ak3N1HS-JFjjGRd08cyuzXmjHVECBa24edvigLPCsEIs6SrcPsN6vMN2jjk88HQu8oSSBO6hgzConpjhU4OEox0P7S0RVzVsdarGwIHwPQPLXJJWIG9I9PKh9l5gVL1E680wMqSN-63s1hH-M9mUqsLVYBJ7-rONIrYf-xgH-9Oq6bmNb9xvsBtIRvLu0&sai=AMfl-YSZZU1sB5K44dN2rr_Tsq_00Rxk6QpqJLEKlGE4eETDLzNHg4EadNDKgghYapOoorV0UnFNVkNqaY80ZNdu-BXN00y_hzwsOEhTh7PM&sig=Cg0ArKJSzP3Z6RUk9XKREAE&adurl=
Frame ID: B3CE21EEB082A8A2532244A8A20A7655
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js
Frame ID: 1A1F18505776A7BECF92F43E351E3309
Requests: 12 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_cnv&dcc=t
Frame ID: 5F2113E0565168644D61784D9BC91FBB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: EA37E67D5F39514EA9CBDA6C327ABCDD
Requests: 1 HTTP requests in this frame

Frame: https://1e37f88eb5f02c1de8edb7d42a9d5b3b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 4644FB32267625F34FB6337C31954585
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Page Statistics

77
Requests

100 %
HTTPS

44 %
IPv6

28
Domains

39
Subdomains

31
IPs

8
Countries

1149 kB
Transfer

3099 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1313573139&t=pageview&_s=1&dl=https%3A%2F%2Fwtf1.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=WTF1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACEABB~&jid=1824944374&gjid=1566166152&cid=1036243038.1594376623&tid=UA-12305948-5&_gid=2068270604.1594376623&_r=1&cd3=not-registered&cd4=feed&z=154276581 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12305948-5&cid=1036243038.1594376623&jid=1824944374&_gid=2068270604.1594376623&gjid=1566166152&_v=j83&z=154276581
Request Chain 28
  • https://sb.scorecardresearch.com/b?c1=2&c2=21021606&c4=https%3A%2F%2Fwtf1.com%2F&ns__t=1594376622760&ns_c=UTF-8&cv=3.5&c8=WTF1&c7=https%3A%2F%2Fwtf1.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=21021606&c4=https%3A%2F%2Fwtf1.com%2F&ns__t=1594376622760&ns_c=UTF-8&cv=3.5&c8=WTF1&c7=https%3A%2F%2Fwtf1.com%2F&c9=&cs_ak_ss=1
Request Chain 66
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 71
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_cnv HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_cnv&dcc=t
Request Chain 77
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=0e5037da-e3d7-4959-a342-e675169bd8b4&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=0e5037da-e3d7-4959-a342-e675169bd8b4&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN-LzG4Iu_QJdu63RDCcvCQ&google_cver=1

77 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
wtf1.com/
53 KB
11 KB
Document
General
Full URL
https://wtf1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fe00:17:a3ae:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ff38d86f100e25a9252ae4c226f59b86f60c5e06325a5a2ffedfc0d639c01eae
Security Headers
Name Value
X-Frame-Options DENY

Request headers

:method
GET
:authority
wtf1.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html; charset=utf-8
vary
Accept-Encoding
date
Fri, 10 Jul 2020 10:23:42 GMT
x-senna-web-request-id
74e23596-c235-42f2-8afc-47773f32e526
cache-control
public
expires
Fri, 10 Jul 2020 10:24:41 GMT
x-frame-options
DENY
x-client-version
3.0.1
x-response-time
120.049ms
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
LI-nPfaj9S043qRKntTc9KEHoKxlgi1V_bS8U-37Mm37UIrB9j2bxg==
wtf1.min-93157d56.css
cdn.wtf1.com/assets/bundle/
95 KB
17 KB
Stylesheet
General
Full URL
https://cdn.wtf1.com/assets/bundle/wtf1.min-93157d56.css
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8000:b:2c1:11c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ce38406e2afa8136ca4fd9f0b757b60e5825c5c76c6ac04f48f572fb274feeb

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 04:05:20 GMT
content-encoding
gzip
last-modified
Tue, 02 Jun 2020 20:22:23 GMT
server
AmazonS3
age
22703
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=31560000, no-transform, public
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
2ZzeZg8VsKWBE0VHSTJL-sf3AnYs4KRUZ7Itt0dTaNDQN_wZwMgvCA==
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
css
fonts.googleapis.com/
10 KB
957 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,700|Roboto:400,700
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
237a4c1cc1127989398d5f994c5c3d070660965675bfe1351ee86e1db06ae481
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Jul 2020 10:23:42 GMT
server
ESF
date
Fri, 10 Jul 2020 10:23:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Jul 2020 10:23:42 GMT
location.js
tags.cdn.circlesix.co/
89 B
349 B
Script
General
Full URL
https://tags.cdn.circlesix.co/location.js
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.201.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ef207153207cb87bf73c2561977955cb40cd2102aa47f85768336cb180a1fb48

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 09 Apr 2020 19:26:35 GMT
via
1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
server
CloudFront
age
7916227
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
status
200
x-amz-cf-pop
FRA53-C1
content-length
89
x-amz-cf-id
i3BrNUT9NtftXcU4T31D8HyISIYWFpL96fH8hl_MtiabsG6uCrd0jw==
gpt.js
www.googletagservices.com/tag/js/
49 KB
16 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e443d52b0e459fe460d4032db647790367f45254e45aca021efa183e9e523a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 10:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"566 / 502 of 1000 / last-modified: 1594332564"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
16535
x-xss-protection
0
expires
Fri, 10 Jul 2020 10:23:42 GMT
e0e14cbec2634eaa52ec3f71194b376b.jpg
cdn.wtf1.com/image/2/1240/333/5/uploads/sponsored/
75 KB
75 KB
Image
General
Full URL
https://cdn.wtf1.com/image/2/1240/333/5/uploads/sponsored/e0e14cbec2634eaa52ec3f71194b376b.jpg
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8000:b:2c1:11c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9c80957b1d7046f07af077a965bdee86698c4f0b6f153ce8220430efed55df42

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 09:31:03 GMT
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
age
3159
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
lOAaYyVnStGR8VnEEPz6rpILITPYbkgLCCVk1Dxv1K2GMRqEiWl0ww==
x-request-id
26a627ba-dd68-4651-9140-e7cd922e1e3b
pubads_impl_2020070801.js
securepubads.g.doubleclick.net/gpt/
249 KB
89 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484f9d4b564683b5f6bfba815719f6e2a11d5eb237a9c412cab5b2d8613bf6cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 10 Jul 2020 10:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 Jul 2020 15:29:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90527
x-xss-protection
0
expires
Fri, 10 Jul 2020 10:23:42 GMT
integrator.sync.js
adservice.google.de/adsid/
113 B
175 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=wtf1.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Jul 2020 10:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
108
x-xss-protection
0
wtf1.vendor.min-c10ff1cb.js
cdn.wtf1.com/assets/bundle/
163 KB
55 KB
Script
General
Full URL
https://cdn.wtf1.com/assets/bundle/wtf1.vendor.min-c10ff1cb.js
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8000:b:2c1:11c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9004c1fce4b145ba9f6303dd1180673dfbd4177390359caee71cbcfaec03741

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 04:36:38 GMT
content-encoding
gzip
last-modified
Sun, 03 May 2020 00:08:05 GMT
server
AmazonS3
age
20825
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=31560000, no-transform, public
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
w_HLhAOiiPFHZgK1kiSlOaMdbpnlSEUHoD1Tl9pp6cUzEuMwlUuubQ==
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
wtf1.app.min-224669c4.js
cdn.wtf1.com/assets/bundle/
106 KB
24 KB
Script
General
Full URL
https://cdn.wtf1.com/assets/bundle/wtf1.app.min-224669c4.js
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8000:b:2c1:11c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26da19f0d28acabb9a0ad78ffeaf5f9d5aa8d952c8c7d88770d7813746f2a903

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 09 Jul 2020 17:19:02 GMT
content-encoding
gzip
last-modified
Mon, 06 Jul 2020 16:52:21 GMT
server
AmazonS3
age
61481
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=31560000, no-transform, public
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
p7sZ3J-iEGKcuORPWBmoQ-fJC_B7Rk1r-oVaztHVThCITVaxVEkshg==
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,700|Roboto:400,700
Origin
https://wtf1.com

Response headers

date
Tue, 09 Jun 2020 00:43:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2713188
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 09 Jun 2021 00:43:54 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,700|Roboto:400,700
Origin
https://wtf1.com

Response headers

date
Fri, 12 Jun 2020 13:44:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
2407170
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Sat, 12 Jun 2021 13:44:12 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,700|Roboto:400,700
Origin
https://wtf1.com

Response headers

date
Thu, 11 Jun 2020 02:13:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:04 GMT
server
sffe
age
2534990
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11052
x-xss-protection
0
expires
Fri, 11 Jun 2021 02:13:52 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,700|Roboto:400,700
Origin
https://wtf1.com

Response headers

date
Wed, 10 Jun 2020 00:47:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:17 GMT
server
sffe
age
2626548
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10996
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:47:54 GMT
wtf1.com.js
s.206ads.com/configs/
210 KB
64 KB
Script
General
Full URL
https://s.206ads.com/configs/wtf1.com.js
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.193.63 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34fee3d44f6e20509e967dca45fa4985ad4d73f6bb4ca11fc9f47ed4dd0fb475

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 10 Jul 2020 10:23:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Apr 2020 20:58:15 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
ETag
"e625db94834d34287994e0988806de84"
X-Cache
RefreshHit from cloudfront
Content-Type
application/x-javascript
Via
1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
Cache-Control
must-revalidate,s-maxage=900,max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65364
X-Amz-Cf-Id
1KxFtYVVc_fMHGTC2izmlPZVYDTFsqzKNw8EFdcp6RcVDff0Ie_YhA==
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
482
date
Fri, 10 Jul 2020 10:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Fri, 10 Jul 2020 12:15:40 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 10 Jul 2020 10:23:42 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Sat, 11 Jul 2020 10:23:42 GMT
quant.js
secure.quantserve.com/
22 KB
8 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 10:23:42 GMT
content-encoding
gzip
last-modified
Fri, 10-Jul-2020 10:23:42 GMT
etag
M0-4cca824e
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
private, no-transform, max-age=604800
strict-transport-security
max-age=86400
content-length
8082
expires
Fri, 17 Jul 2020 10:23:42 GMT
fbevents.js
connect.facebook.net/en_US/
134 KB
34 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34220
x-xss-protection
0
pragma
public
x-fb-debug
IQdTH3YqFeCASDjbQeXAD6aIB7k7Yu6JxKR/FMSvEkZJJ8LGtkcx9eq4r7yFNw9tuUPVTDwjxesxUMhGWSZSTQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 10 Jul 2020 10:23:42 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
hqdefault.jpg
cdn.wtf1.com/image/2/230/120/5/1/i.ytimg.com/vi/4LeFYi2OEP4/
11 KB
12 KB
Image
General
Full URL
https://cdn.wtf1.com/image/2/230/120/5/1/i.ytimg.com/vi/4LeFYi2OEP4/hqdefault.jpg
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8000:b:2c1:11c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba1ea54c6779eb6c8daddddaea8ba4b19a58c189610834d85f585c2a77c73848

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 08 Jul 2020 06:45:07 GMT
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
age
185915
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
2HENu9M6t4qv1lrIdrkpZrm79gahMOjMnk12kjzs7qgR7Gsru9ZlGA==
x-request-id
c9751639-d0bc-4601-84c6-597a3cc277b0
hqdefault.jpg
cdn.wtf1.com/image/2/230/120/5/1/i.ytimg.com/vi/WZ6TbfxLP8s/
11 KB
11 KB
Image
General
Full URL
https://cdn.wtf1.com/image/2/230/120/5/1/i.ytimg.com/vi/WZ6TbfxLP8s/hqdefault.jpg
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8000:b:2c1:11c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c1258a856b1ea0c3461bcfd2e72f7e6dd45e09342ab41c17ea4efe78be9cffcc

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 06 Jul 2020 07:38:10 GMT
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
age
355532
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
Uzw3N-hQCCdXvb9yPnC1cPIfjXc1pO887_IrB00eYpMNEjpcaMQvSg==
x-request-id
4519b919-7d62-402d-93f9-60c28dba83c6
hqdefault.jpg
cdn.wtf1.com/image/2/230/120/5/1/i.ytimg.com/vi/YoKtZ0gcgas/
12 KB
12 KB
Image
General
Full URL
https://cdn.wtf1.com/image/2/230/120/5/1/i.ytimg.com/vi/YoKtZ0gcgas/hqdefault.jpg
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8000:b:2c1:11c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
99aad276be0a9e02b1eb901c15bf385c83b244202102f2e182a5b82d4e713801

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 03 Jul 2020 11:52:15 GMT
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
age
599487
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
oL3zYNxLUe1bkYD7zIcBXPCiMVDy6WyC01Rw52tnIiRGrpzB0fDRnw==
x-request-id
a753ddd2-2fb6-425f-b892-9033a7d28884
ads
securepubads.g.doubleclick.net/gampad/
37 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4419066272206481&correlator=4263706156080028&output=ldjh&impl=fif&adsid=NT&eid=21064170%2C21065976&vrg=2020070801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200710&iu_parts=359%2Cwtf1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=position%3Ddsk-banner-ad-a%26refreshcount%3D10%26refresh%3Dfalse&cust_params=Page-Type%3Dfeed&cookie_enabled=1&bc=31&abxe=1&lmt=1594376622&dt=1594376622575&dlt=1594376622182&idt=253&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=4062548849&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwtf1.com%2F&dssz=17&icsg=672&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=0x-1&ga_vid=1036243038.1594376623&ga_sid=1594376623&ga_hid=1313573139&fws=644&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0863d508877dbc1e956a2ea2e54c80e10e17d7a5d1242f3cf65c197a2aa666e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 10:23:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11188
x-xss-protection
0
google-lineitem-id
4369354075
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138207054024
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wtf1.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1e37f88eb5f02c1de8edb7d42a9d5b3b.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://1e37f88eb5f02c1de8edb7d42a9d5b3b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ads
securepubads.g.doubleclick.net/gampad/
39 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4419066272206481&correlator=4263706156080028&output=ldjh&impl=fif&adsid=NT&eid=21064170%2C21065976&vrg=2020070801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200710&iu_parts=359%2Cwtf1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=position%3Ddsk-banner-ad-b%26refreshcount%3D1%26refresh%3Dfalse&cust_params=Page-Type%3Dfeed&cookie_enabled=1&bc=31&abxe=1&lmt=1594376622&dt=1594376622587&dlt=1594376622182&idt=253&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1202&adks=1825492756&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwtf1.com%2F&dssz=17&icsg=672&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x3846&msz=970x90&ga_vid=1036243038.1594376623&ga_sid=1594376623&ga_hid=1313573139&fws=4&ohw=1600&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ce908d06be429cce8cef24a2faffc0a0e45887d0495a28d02f5a120d5fcbb47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 10:23:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10092
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wtf1.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1313573139&t=pageview&_s=1&dl=https%3A%2F%2Fwtf1.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=WTF1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACEAB...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12305948-5&cid=1036243038.1594376623&jid=1824944374&_gid=2068270604.1594376623&gjid=1566166152&_v=j83&z=154276581
35 B
133 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12305948-5&cid=1036243038.1594376623&jid=1824944374&_gid=2068270604.1594376623&gjid=1566166152&_v=j83&z=154276581
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 10 Jul 2020 10:23:42 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Jul 2020 10:23:42 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12305948-5&cid=1036243038.1594376623&jid=1824944374&_gid=2068270604.1594376623&gjid=1566166152&_v=j83&z=154276581
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
419
expires
Fri, 01 Jan 1990 00:00:00 GMT
519123234918293
connect.facebook.net/signals/config/
522 KB
133 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/519123234918293?v=2.9.22&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4daa719748226b8355978a78304f6abb7c461809a3bac44705b1a7b7228c8e22
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
bUesO6ayBSTkX3e3Ai3O1JtLcjZZyMIZWfbuQ9I49+6FIwJAAMoafmvN1LcZB3vBlrCLycNbRgLVLts2ilo6Sg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 10 Jul 2020 10:23:42 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=21021606&c4=https%3A%2F%2Fwtf1.com%2F&ns__t=1594376622760&ns_c=UTF-8&cv=3.5&c8=WTF1&c7=https%3A%2F%2Fwtf1.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=21021606&c4=https%3A%2F%2Fwtf1.com%2F&ns__t=1594376622760&ns_c=UTF-8&cv=3.5&c8=WTF1&c7=https%3A%2F%2Fwtf1.com%2F&c9=&cs_ak_ss=1
0
528 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=21021606&c4=https%3A%2F%2Fwtf1.com%2F&ns__t=1594376622760&ns_c=UTF-8&cv=3.5&c8=WTF1&c7=https%3A%2F%2Fwtf1.com%2F&c9=&cs_ak_ss=1
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Jul 2020 10:23:42 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=21021606&c4=https%3A%2F%2Fwtf1.com%2F&ns__t=1594376622760&ns_c=UTF-8&cv=3.5&c8=WTF1&c7=https%3A%2F%2Fwtf1.com%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Fri, 10 Jul 2020 10:23:42 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B3CE
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYc2XloNPPSlZcpJ0M-yvJ18ZSsHfs5JtEUqbR0cYyJV8Ak3N1HS-JFjjGRd08cyuzXmjHVECBa24edvigLPCsEIs6SrcPsN6vMN2jjk88HQu8oSSBO6hgzConpjhU4OEox0P7S0RVzVsdarGwIHwPQPLXJJWIG9I9PKh9l5gVL1E680wMqSN-63s1hH-M9mUqsLVYBJ7-rONIrYf-xgH-9Oq6bmNb9xvsBtIRvLu0&sai=AMfl-YSZZU1sB5K44dN2rr_Tsq_00Rxk6QpqJLEKlGE4eETDLzNHg4EadNDKgghYapOoorV0UnFNVkNqaY80ZNdu-BXN00y_hzwsOEhTh7PM&sig=Cg0ArKJSzP3Z6RUk9XKREAE&adurl=
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Jul 2020 10:23:42 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 10 Jul 2020 10:23:42 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20200707/r20110914/ Frame B3CE
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20200707/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75402aaba815b163de3c2f6127f916ac7586d1fe462258242fa8d9484a2c85ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 20:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223333
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7134
x-xss-protection
0
server
cafe
etag
17437084622379235256
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Jul 2020 20:21:29 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20200707/r20110914/client/ Frame B3CE
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20200707/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c9f7e4efa5696c7d2c374a427d454249161d82e15688b56dacafe87fccb8936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 20:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223333
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1480
x-xss-protection
0
server
cafe
etag
16647435877527343052
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Jul 2020 20:21:29 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame B3CE
75 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d26c477e03a9c22d8eb528e18f5c11b69dcb3c9c0f3b517f2da03ae97c46bf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 10:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1594221094242358"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28825
x-xss-protection
0
expires
Fri, 10 Jul 2020 10:23:42 GMT
moatad.js
z.moatads.com/dennisukdfp933101512251/ Frame B3CE
312 KB
105 KB
Script
General
Full URL
https://z.moatads.com/dennisukdfp933101512251/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5659e6cec4a1acb976d58e152a78756b5b0c2240ec239ec8549bca1edcccf1af

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 10:23:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jul 2020 17:10:26 GMT
server
AmazonS3
x-amz-request-id
C1B97C8CB2CDD1DA
etag
"740d0b8684a556470dae3ec7c71099b0"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=39083
accept-ranges
bytes
content-length
107103
x-amz-id-2
twG0B0X2VCMGipBw1pSmt8zojJCw/NshYmrhcjhcxMol42uguvMytdBPArUWBq0K5RzkesLwpNg=
6874105782231114881
tpc.googlesyndication.com/simgad/ Frame B3CE
49 B
193 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6874105782231114881
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 07:59:13 GMT
x-content-type-options
nosniff
age
2600669
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49
x-xss-protection
0
last-modified
Tue, 25 Jul 2017 13:02:45 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 07:59:13 GMT
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf1a22caad79e75e58be376fee15825e45af73505c5589722f7883d41035aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 10:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1594221094242358"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27481
x-xss-protection
0
expires
Fri, 10 Jul 2020 10:23:42 GMT
n.js
geo.moatads.com/
112 B
286 B
Script
General
Full URL
https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=DENNISUKDFP1&hp=1&wf=1&vb=5&cm=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1594376622989&de=595499664541&m=0&ar=ae5d59cb84-clean&iw=c1976ed&q=2&cb=0&ym=0&cu=1594376622989&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=13171380%3A268441980%3A4369354075%3A138207054024&zMoatPS=dsk-banner-ad-a&zMoatOrigSlicer1=21879446088&zMoatOrigSlicer2=21879446088&zMoatSZ=1x1&zMoatUTMCont=UTM%20Not%20Available&zMoatUTMSrc=UTM%20Not%20Available&zMoatUTMMed=UTM%20Not%20Available&zMoatCURL=wtf1.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwtf1.com%2F&id=1&ii=4&bo=21879446088&bd=21879446088&dfp=0%2C1&la=21879446088&gw=dennisukdfp933101512251&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A862%3A862%3A0%3A848&tz=&iq=na&tt=na&tu=&tp=&fs=182095&na=1947959532&cs=0&callback=DOMlessLLDcallback_39995059
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/dennisukdfp933101512251/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.99.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TornadoServer/4.5.3 /
Resource Hash
2f2375e42e78b3b94d8044c1b75804dc594388d2f238673347a932f850386705

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 10:23:43 GMT
server
TornadoServer/4.5.3
etag
"d7ed1f5a7ece31823ae0133d8d557755d748d7b3"
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=900
timing-allow-origin
*
content-length
112
n.js
geo.moatads.com/
113 B
287 B
Script
General
Full URL
https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=DENNISUKDFP1&hp=1&wf=1&vb=5&cm=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1594376622989&de=595499664541&m=0&ar=ae5d59cb84-clean&iw=c1976ed&q=3&cb=0&ym=0&cu=1594376622989&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=13171380%3A268441980%3A4369354075%3A138207054024&zMoatPS=dsk-banner-ad-a&zMoatOrigSlicer1=21879446088&zMoatOrigSlicer2=21879446088&zMoatSZ=1x1&zMoatUTMCont=UTM%20Not%20Available&zMoatUTMSrc=UTM%20Not%20Available&zMoatUTMMed=UTM%20Not%20Available&zMoatCURL=wtf1.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwtf1.com%2F&id=1&ii=4&bo=21879446088&bd=21879446088&dfp=0%2C1&la=21879446088&gw=dennisukdfp933101512251&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A862%3A862%3A0%3A848&tz=&iq=na&tt=na&tu=&tp=&fs=182095&na=720747851&cs=0&callback=MoatDataJsonpRequest_39995059
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/dennisukdfp933101512251/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.99.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TornadoServer/4.5.3 /
Resource Hash
428dbd99ad6d23b2e6a3e44b2e10b8288f8665023125e60fea6564d1e61d5c7a

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 10:23:43 GMT
server
TornadoServer/4.5.3
etag
"f9b01c1f3be927178e46d4dbabab831faccedfce"
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=900
timing-allow-origin
*
content-length
113
view
securepubads.g.doubleclick.net/pcs/ Frame B3CE
0
54 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-FTJT84MW5M3XKSZ-YoU35EZl5oFKZD3hUFyNw3Hmayfqie1Xlw9taPG_yNy73ksX7sG96Xq83nR3BJxOX63B3PYgjFjV8UBA3FuDlStIXag5PlXdy8H6yanoCj2aBxSkVoJJm_rgGYpT_rlJU5S1A67VjZ7mDnoHqsO3Ur2Utqpl-rmoCO579-hT-3Wtgf7z_AJbpl_9oGyxDBqNJD6XwptDcHmcjWQzg8dF5O4qovg&sai=AMfl-YRzBerq8knTvjxH_HXCHG2oWjs-BbeHQwKZM1rF-jmq6KOljjd-i2wKyS4blRc1x0SqTbHLsCjE2xlKYbp8QSwrxKUmmfSSfap5lhO9&sig=Cg0ArKJSzHDsIaGCQOogEAE&adurl=
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Jul 2020 10:23:43 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ad-receiver.js
cdn.districtm.ca/receiver/
19 KB
7 KB
Script
General
Full URL
https://cdn.districtm.ca/receiver/ad-receiver.js
Requested by
Host: s.206ads.com
URL: https://s.206ads.com/configs/wtf1.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:633c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd16e26b01d0824b51debe0db9601fc4ba577c7809609bca87753146862182f

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 10:23:43 GMT
content-encoding
gzip
cf-cache-status
HIT
age
269698
status
200
last-modified
Thu, 08 Nov 2018 20:23:10 GMT
x-amz-request-id
BFF1C22F1EC42F1E
x-amz-id-2
Yq4LgcrWc7W4hCP/kN9hQNvBaqIUZtWuaV7ONznUXAYb8TRv/+F5rYbbp747TL4WGTsyPQYaV/A=
cf-bgj
minify
server
cloudflare
etag
W/"f6043f6692021e9ef45d84ac42dfacfb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-version-id
.FrphETqBmoiCVlcgwJhY61A710iziJY
cf-request-id
03d9d9ac060000c2c73a943200000001
cf-ray
5b0992267bf1c2c7-FRA
expires
Sat, 11 Jul 2020 10:23:43 GMT
rules-p-dTdeRsE4NP1z8.js
rules.quantcount.com/
3 B
348 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-dTdeRsE4NP1z8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:8a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 09 Jul 2020 21:02:55 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 20:58:57 GMT
server
AmazonS3
age
48049
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
3
x-amz-cf-id
lqsDH0-0XNckv1A-PavPmZdfIIk_gzip1UBi6Ql4tNHqewPxHu3ruQ==
apstag.js
c.amazon-adsystem.com/aax2/
102 KB
26 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s.206ads.com
URL: https://s.206ads.com/configs/wtf1.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.199.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 10:09:48 GMT
content-encoding
gzip
server
Server
age
835
etag
b586b236f6b3db3c4ca9410451195336
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
afv8LGnqugXnReZKhFtAITWGgC9HNjfCcJMhQT43FPpKqUN3jI-0YA==
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
auction
prebid.adnxs.com/pbs/v1/
161 B
500 B
XHR
General
Full URL
https://prebid.adnxs.com/pbs/v1/auction
Requested by
Host: s.206ads.com
URL: https://s.206ads.com/configs/wtf1.com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
ac2b2856d1f42062997544275a7a3e65923781ef208bf4ad9834fec376b32948

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Jul 2020 10:23:45 GMT
Server
nginx/1.13.10
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://wtf1.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
161
Expires
0
v1
btlr.sharethrough.com/header-bid/
0
108 B
XHR
General
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=RqqXR65WH37mpMwvurihQHRY&bidId=7116ecfcb93c36&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: s.206ads.com
URL: https://s.206ads.com/configs/wtf1.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 10 Jul 2020 10:23:43 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://wtf1.com
vary
Origin
v1
btlr.sharethrough.com/header-bid/
0
108 B
XHR
General
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=dm94X26pgNVKkxJp3rReqUzF&bidId=8b47a91249ccca&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: s.206ads.com
URL: https://s.206ads.com/configs/wtf1.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 10 Jul 2020 10:23:43 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://wtf1.com
vary
Origin
v1
btlr.sharethrough.com/header-bid/
0
108 B
XHR
General
Full URL
https://btlr.sharethrough.com/header-bid/v1?placement_key=LTUjUs2hNR7EAzumhs9YdDbq&bidId=962cc8b8fb10f8&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.25.0&strVersion=3.0.1&
Requested by
Host: s.206ads.com
URL: https://s.206ads.com/configs/wtf1.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 10 Jul 2020 10:23:43 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://wtf1.com
vary
Origin
translator
hbopenbid.pubmatic.com/
0
111 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.206ads.com
URL: https://s.206ads.com/configs/wtf1.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 10 Jul 2020 10:23:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://wtf1.com
prebid
lockerdome.com/ladbid/
11 B
406 B
XHR
General
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: s.206ads.com
URL: https://s.206ads.com/configs/wtf1.com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 10 Jul 2020 10:23:43 GMT
Content-Encoding
gzip
P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Access-Control-Allow-Origin
https://wtf1.com
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
31
fastlane.json
fastlane.rubiconproject.com/a/api/
624 B
4 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11250&site_id=129446&zone_id=611340%3B611340%3B611344%3B611352&size_id=2%3B15%3B15%3B15&alt_size_ids=1%2C43%2C44%2C55%2C57%2C117%2C117%3B9%2C8%2C10%2C43%2C44%2C117%3B9%2C8%2C10%2C43%2C44%2C117%3B9%2C8%2C10%2C43%2C44%2C117&p_pos=unknown&rf=https%3A%2F%2Fwtf1.com%2F&tk_flint=pbjs_lite_v2.25.0&x_source.tid=cac84473-acd0-4b42-8b5f-3af7a32e00bb%3Bee035e4a-233e-46d7-a5f6-d63f68873789%3B1112dc60-7f32-4353-b870-56716b598ff7%3B93cc2b8f-bf33-4c1a-bee8-d8d22d2b37d0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=4&rand=0.8800896386639636
Requested by
Host: s.206ads.com
URL: https://s.206ads.com/configs/wtf1.com.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
49c6dcba0103cce11fe084256f9fcf908a254ee000505a2951a02fdde55878a5

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Jul 2020 10:23:43 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wtf1.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
624
Expires
Wed, 17 Sep 1975 21:32:10 GMT
imp
g2.gumgum.com/hbid/
0
223 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?t=e7aa6025&pi=2&gdprApplies=true&gdprConsent=null&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwtf1.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwtf1.com&ns=10240&
Requested by
Host: s.206ads.com
URL: https://s.206ads.com/configs/wtf1.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.165.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Jul 2020 10:23:43 GMT
server
nginx
status
204
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://wtf1.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
cygnus
as-sec.casalemedia.com/
25 B
982 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=222394&v=7.2&r=%7B%22id%22%3A%222721c2e7ae75f71%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2228ec5d96f03b78e%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222394%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2229d16e4839e2bf2%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222394%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%2230f216b39e4ae7f%22%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222394%22%2C%22sid%22%3A%22468x60%22%7D%7D%2C%7B%22id%22%3A%2231d6a0d9ebb0679%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222394%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22id%22%3A%2232c10d65cb763ba%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222394%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22id%22%3A%22336d9144f479e66%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222394%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22id%22%3A%22346deb2b82eeb9d%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222394%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%2235e632f1cc913d3%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222394%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22id%22%3A%2236076aa5196675%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222395%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22378422cacaf5dd6%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222395%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%2238cd6f369c4e319%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222395%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22id%22%3A%22391c8338ab9dc0d%22%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222395%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22id%22%3A%2240b117c8c1f75c%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222395%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22id%22%3A%2241dfe3b2e4ee28d%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222395%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22id%22%3A%2242dbee1b6a34ac%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222395%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22id%22%3A%2243867fc504e4dd7%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222396%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2244e48dd1723843e%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222396%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%224594c6ddec69f1b%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222396%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22id%22%3A%2246a93c51b2eeca5%22%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222396%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22id%22%3A%2247a971a729166b4%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222396%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22id%22%3A%224894c2f7291e037%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222396%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22id%22%3A%2249adf35b20802bb%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222396%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22id%22%3A%2250a05fa132dc231%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222397%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2251c455b793f296f%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222397%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%225289036dda12929%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222397%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22id%22%3A%2253f331637ccf3f7%22%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222397%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22id%22%3A%225494e929ddb634b%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222397%22%2C%22sid%22%3A%22320x100%22%7D%7D%2C%7B%22id%22%3A%2255b09583ae9bf58%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222397%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22id%22%3A%2256488070d9f9917%22%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22222397%22%2C%22sid%22%3A%22320x50%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwtf1.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: s.206ads.com
URL: https://s.206ads.com/configs/wtf1.com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
1dcdf16a87164a65506dca2d4d2491c0d6b50a1cfd2e0e244382bc512fbf9ff2

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 10 Jul 2020 10:23:43 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://wtf1.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Fri, 10 Jul 2020 10:23:43 GMT
arj
publisherdesk-d.openx.net/w/1.0/
173 B
553 B
XHR
General
Full URL
https://publisherdesk-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwtf1.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=cac84473-acd0-4b42-8b5f-3af7a32e00bb%2Cee035e4a-233e-46d7-a5f6-d63f68873789%2C1112dc60-7f32-4353-b870-56716b598ff7%2C93cc2b8f-bf33-4c1a-bee8-d8d22d2b37d0&nocache=1594376623105&aus=728x90%2C970x90%2C468x60%2C320x50%2C300x50%2C320x100%2C970x250%2C320x100%7C300x250%2C300x600%2C160x600%2C120x600%2C320x100%2C300x50%2C320x50%7C300x250%2C300x600%2C160x600%2C120x600%2C320x100%2C300x50%2C320x50%7C300x250%2C300x600%2C160x600%2C120x600%2C320x100%2C300x50%2C320x50&divIds=tpd-banner-ad-a%2Ctpd-box-ad-a%2Ctpd-box-ad-b%2Ctpd-box-ad-c&auid=538925370%2C538925372%2C538925375%2C538925376&
Requested by
Host: s.206ads.com
URL: https://s.206ads.com/configs/wtf1.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.190.0 /
Resource Hash
3f51b8525e11365c7cb4630678dde60f6feda8afd6295e54dba7c5dfc70edac7

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Jul 2020 10:23:43 GMT
content-encoding
gzip
server
OXGW/16.190.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wtf1.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/
188 B
606 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%253A%252F%252Fwtf1.com%252F&CanonicalUrl=https%3A%2F%2Fwtf1.com%2F
Requested by
Host: s.206ads.com
URL: https://s.206ads.com/configs/wtf1.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
f2b9fbd680625662c167e9f3f5ea44d21cdb4413af8a2d1e52281fa9d8404d12
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 Jul 2020 10:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
status
200
x-envoy-upstream-service-time
89
vary
Accept-Encoding
content-length
150
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wtf1.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
pixel;r=33987436;rf=3;a=p-dTdeRsE4NP1z8;url=https%3A%2F%2Fwtf1.com%2F;fpan=1;fpa=P0-1185927853-1594376623083;ns=0;ce=1;qjs=1;qv=3d595974-20200604132620;cm=;gdpr=0;ref=;d=wtf1.com;je=0;sr=1600x1200x...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=33987436;rf=3;a=p-dTdeRsE4NP1z8;url=https%3A%2F%2Fwtf1.com%2F;fpan=1;fpa=P0-1185927853-1594376623083;ns=0;ce=1;qjs=1;qv=3d595974-20200604132620;cm=;gdpr=0;ref=;d=wtf1.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1594376623083;tzo=-120;ogl=site_name.WTF1%2Ctitle.WTF1%2Cdescription.The%20world%E2%80%99s%20fastest-growing%20motorsport%20community%20-%20Who's%20The%20Fastest%3F%2Ctype.website%2Cimage.https%3A%2F%2Fcdn%252Ewtf1%252Ecom%2Fimage%2Fuploads%2Fgeneral%2F51f1a70c92aed23a6c1ed9caa3c5a059%252Ejpg%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Curl.https%3A%2F%2Fwtf1%252Ecom
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jul 2020 10:23:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status
200
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
p-dTdeRsE4NP1z8.gif
pixel.quantserve.com/pixel/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-dTdeRsE4NP1z8.gif
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jul 2020 10:23:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status
200
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
55 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=4419066272206481&r=728x90%7C970x90%7C970x250&w=970&h=250&a=0
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jul 2020 10:23:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012006300332000/ Frame 1A1F
206 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9ac17c23561c48a9652733554ce63f0126a0218b21d56059ba4327ee1fa4ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4140
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57332
x-xss-protection
0
server
sffe
date
Fri, 10 Jul 2020 09:14:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b662c98f2556dec9"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Jul 2021 09:14:43 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 1A1F
16 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012006300332000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bae1e79b560e19de202e735d0a0c106a95146d2bcb8dac1433b824615ad2823
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
141311
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5909
x-xss-protection
0
server
sffe
date
Wed, 08 Jul 2020 19:08:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ebce4f8d8fc71dc2"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jul 2021 19:08:32 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 1A1F
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012006300332000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa7f20155491ad05b1ee7592ba0eca48aa60757cd3dc82b36507166fb4c84455
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
4139
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29781
x-xss-protection
0
server
sffe
date
Fri, 10 Jul 2020 09:14:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"40487f7c981141f8"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Jul 2021 09:14:44 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 1A1F
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012006300332000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acd68801773b43322277675295779905b9b427c17cbcfd7b300fb4b6402786be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
141311
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1783
x-xss-protection
0
server
sffe
date
Wed, 08 Jul 2020 19:08:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22142c43fc5bc7a4"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jul 2021 19:08:32 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 1A1F
48 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012006300332000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52ef2bd3d89ddb5b3cd3f8c0909aa9db339457a3ff3a6f2bb6a5832b40af8f6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
141311
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15068
x-xss-protection
0
server
sffe
date
Wed, 08 Jul 2020 19:08:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e3b351881fb81778"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jul 2021 19:08:32 GMT
truncated
/ Frame 1A1F
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af68d7ceb71d33448971195f87003df2d8c3ff52457586a682d03c038e318131

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
7736773485993583959
tpc.googlesyndication.com/simgad/ Frame 1A1F
139 KB
139 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7736773485993583959?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkF6RFi6gvnO2JCco_iAc0bLgNffg
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32aecfed610dc7dbbd9de8af1b2b358ad8d35db7b4ac4e06a5ed5a9f607021d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Jun 2020 16:04:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jun 2020 09:34:45 GMT
server
sffe
age
1448372
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142081
x-xss-protection
0
expires
Wed, 23 Jun 2021 16:04:11 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1A1F
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 09 Jul 2020 23:33:58 GMT
x-content-type-options
nosniff
server
cafe
age
38985
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 10 Jul 2020 23:33:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1A1F
295 B
398 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 09 Jul 2020 21:53:20 GMT
x-content-type-options
nosniff
server
cafe
age
45023
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 10 Jul 2020 21:53:20 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1A1F
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0DD9rkEIX7T5McOF3gODzZS4CdvU0IFe1-W3udELFBABINuv4Rpguei-gNQBoAGl44XZA8gBAuACAKgDAcgDCKoExwFP0DYZLColAILdyB555mef78n2KdsGGLEsG0p5bfKXQqT-VM3rHoEK982sfYzBAGlu7SYzeDu23YWcwRBpwi4tR0Kz4-0CDqYc5VxTTDiXMsgmR-iYlDoTeHDQStvOnQmG8bnlGuSntAgy6tLmEG2xXQJV11HrobIoih68W5NuC023vCsu_injFy1yyyvdhXtDD78nPbGgUvDYSODjxOW5cVJ2dS02tL5CpvcO19h8iVb7BrPAtalySZUlZ7mM2VboQ1Ie_BkAwAS_l8aq9QLgBAGSBQQIBBgBkgUECAUYBKAGAoAH5_DalAGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQyfYL0ggJCIDhgBAQARgdgAoDyAsB2BMM&sigh=gHI1pJYqFZY&tpd=AGWhJmuy2lBxxQyB0jIdnALFvmWOdhL3gXkZ8hfaAvzfuECi2g
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1A1F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: wtf1.com
URL: https://wtf1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Fri, 10 Jul 2020 10:23:43 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
bid
c.amazon-adsystem.com/e/dtb/
114 B
496 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwtf1.com%2F&pid=6YUZZmUEoRSMU&cb=0&ws=1600x1200&v=7.52.00&t=750&slots=%5B%7B%22sd%22%3A%22tpd-banner-ad-a%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22468x60%22%2C%22320x50%22%2C%22300x50%22%2C%22320x100%22%2C%22970x250%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22tpd-box-ad-a%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22320x100%22%2C%22300x50%22%2C%22320x50%22%5D%7D%2C%7B%22sd%22%3A%22tpd-box-ad-b%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22320x100%22%2C%22300x50%22%2C%22320x50%22%5D%7D%2C%7B%22sd%22%3A%22tpd-box-ad-c%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22320x100%22%2C%22300x50%22%2C%22320x50%22%5D%7D%5D&pubid=8f0be570-94e3-4c8a-8dac-4372ca412efd&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.199.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
62e2746db3f570a750d15f5327223b5d279e2eecd6e048c285583e3897fe72ad

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 10:23:43 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
FRA2-C1
status
200
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://wtf1.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
125
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
x-amz-cf-id
cgsS6gNZHbur3x5HJz5YkpX8JR1WKLM9d8bCR-B7xenJ6d5Mf5kKbA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.199.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 04:05:22 GMT
content-encoding
gzip
vary
Origin
age
22702
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Tue, 23 Jun 2020 10:10:39 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
-QhNOSEpPm02H2PYMFenLCx-Vf0pAyauDNMgba2CAj-zIAs7Oa6ZlQ==
sodar
pagead2.googlesyndication.com/getconfig/
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020070801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2b14a55a46c1fd2f72b6ba0ebce141a38d415fb20e1213deeb351b8698a3a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Jul 2020 10:23:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
14 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 10 Jul 2020 10:23:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Fri, 10 Jul 2020 10:23:43 GMT
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 5F21
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_cnv
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_cnv&dcc=t
0
0
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_cnv&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wtf1.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A16OGD75202Rh_fdOAZffEI|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wtf1.com/

Response headers

Server
Server
Date
Fri, 10 Jul 2020 10:23:43 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
189
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A16OGD75202Rh_fdOAZffEI; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 10:23:43 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Oct-2025 10:23:43 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Fri, 10 Jul 2020 10:23:43 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_cnv&dcc=t
Set-Cookie
ad-id=A16OGD75202Rh_fdOAZffEI|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 10:23:43 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame EA37
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wtf1.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wtf1.com/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Fri, 10 Jul 2020 09:49:06 GMT
expires
Sat, 10 Jul 2021 09:49:06 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2077
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
55 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020070801&jk=4419066272206481&bg=!OzilOCBY80gpm3dLdTwCAAAAQFIAAAALmQF5gj6MuSLh8OBVRLLi45thKHpp6Oh8ojpI0R3ZfxzzMwRoSBMjbBYAZl3uvHu-2ksEAyBc4lb9H6A4m23pSPrIPY2vL9UDd1r2sLh2iQigVaN8yFHpZIdkzuLEf037DtCfh9Z5Y1lBy2ibvTYqswn7mnhvyZGc_I4K2_qgpdhse4WRRkq2XST6SW36DbkIbuH81UptivwZRBjxQaSFWZhIG1S16igspP_GTGvVoY28OMiGqAKsXrzmWLeQIby1sGJeizBaa72MNUHOQmAwL_EK7ZLJ3Jj_-Ut4UyGC356ZoYEjx2WVpLcgcGWUkbnfXIBKgDhnpaQRYI6rE9LBv88KL6XRAaBECEaSS6D1x4EBg9aTVWqeNElhma9S39-KfP0df-zJvNjE83GdUHoWux-viqotkbzbU5yUqvsCPxdHokJ0N-KZN-C_IY2EjgrcXtyaVfHx3z7YBVLL7WKL7l6ojAh5e-e4_Y_NKfZYK_LabEw5wreWSgaM5PA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jul 2020 10:23:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
71 KB
24 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4419066272206481&correlator=1469862864330688&output=ldjh&impl=fif&adsid=NT&eid=21064170%2C21065976&vrg=2020070801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200710&iu_parts=359%2Cwtf1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&rcs=1&prev_scp=position%3Ddsk-banner-ad-a%26refreshcount%3D10%26refresh%3Dfalse%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=Page-Type%3Dfeed&cookie=ID%3Dc4b6969aeda03b08%3AT%3D1594376622%3AS%3DALNI_MY5_6nH2VPtMp_DF3eJU7cZKU1d2g&bc=31&abxe=1&lmt=1594376623&dt=1594376623615&dlt=1594376622182&idt=253&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=4062548849&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwtf1.com%2F&dssz=25&icsg=2147526656&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=0x-1&ga_vid=1036243038.1594376623&ga_sid=1594376623&ga_hid=1313573139&fws=644&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f52097060181d89a6bb541369c780a060a6271cbbc976067f4669af294b2c03
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295743305715243092/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295743305715243092/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMCdq-K7wuoCFcv2dwodO9wODg&gqi=&layout=/sadbundle/%24csp%253Der3%24/17295743305715243092/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295743305715243092/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295743305715243092/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMCdq-K7wuoCFcv2dwodO9wODg&gqi=&layout=/sadbundle/%24csp%253Der3%24/17295743305715243092/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24205
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Fri, 10 Jul 2020 10:23:43 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wtf1.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1e37f88eb5f02c1de8edb7d42a9d5b3b.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4644
0
0
Document
General
Full URL
https://1e37f88eb5f02c1de8edb7d42a9d5b3b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
1e37f88eb5f02c1de8edb7d42a9d5b3b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wtf1.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wtf1.com/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Fri, 10 Jul 2020 10:23:42 GMT
expires
Sat, 10 Jul 2021 10:23:42 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A1F
42 B
112 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHaWJg7IKQeRPc8uSHQeJ3dgl2exeakHazgn4WmTpOg7ECJY-1f-Iuhge17b3JXbkzYlwk8K1rvoCmVDzgkoKQi8_Hrueqls2wkPlOziRGbqtseNPwhzJdhmCRdw&sai=AMfl-YRTftCp_Z4o7OQ6gxE9WHs3R39Hdl-8PH8OkorYMqBmk9w58jtAIs348-0KNBc5ybAakQjOp5Qms4KTf8aPfDPHMtN7gkUDbCqHbimewg&sig=Cg0ArKJSzMHGyFWD5v1xEAE&id=ampim&o=315,1030&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=105&tls=1105&g=68.00000071525574&h=68.00000071525574&tt=1105&r=v&avms=ampa&adk=1825492756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jul 2020 10:23:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=0e5037da-e3d7-4959-a342-e675169bd8b4&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=0e5037da-e3d7-4959-a342-e675169bd8b4&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN-LzG4Iu_QJdu63RDCcvCQ&google_cver=1
43 B
114 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN-LzG4Iu_QJdu63RDCcvCQ&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.190.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://wtf1.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jul 2020 10:23:46 GMT
via
1.1 google
server
OXGW/16.190.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Jul 2020 10:23:46 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEN-LzG4Iu_QJdu63RDCcvCQ&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| loadCSS string| CT_CDN_LOCATION object| googletag object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleTokenSync number| google_srt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| TPD_AdUnit object| bannerAd_A object| bannerAd_B object| boxAd_A object| boxAd_B object| boxAd_C object| pageview string| GoogleAnalyticsObject function| ga object| _qevents function| fbq function| _fbq function| require function| requestAnimFrame object| CT_GDPR number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| google_tag_data object| gaplugins object| gaData function| udm_ object| _comscore object| COMSCORE function| quantserve function| __qc object| ezt object| _qoptions object| ns_p object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| DOMlessLLDcallback_39995059 object| MoatDataJsonpRequest_39995059 number| PREBID_TIMEOUT boolean| TPD_Enable_Sticky boolean| TPD_Refresh_Enable object| div object| img string| TPD_Testmode string| tpd_href string| TPD_Domain string| TPD_Path string| TPD_URL object| TPD_Title object| TPD_TitleKW string| TPD_Device boolean| TPD_Mobile object| adUnits string| TPD_ContextualAd_A_Tab_device string| TPD_ContextualAd_A_Tab_mode string| TPD_ContextualAd_A_Tab_container string| TPD_ContextualAd_A_Tab_placement string| TPD_ContextualAd_A_Tab_targettype object| apstagSlots object| pbjs function| tpd_requestIfSetTargetingDone function| tpd_getSlotsInPage function| tpd_sendAdServerRequest object| tpd_divIdToApstagSlot object| tpd_targetingTracker object| tpd_slotRefreshAdCallStatus function| tpd_refreshBid function| refreshRequestIfSetTargetingDone function| tpd_fireRefresh function| tpd_addX function| tpd_isOnScreen function| tpd_stickyStyling function| tpd_initRefreshScans object| boxAds number| TPD_BannerA_refresh number| TPD_BannerB_refresh number| TPD_BannerC_refresh number| TPD_BannerD_refresh number| TPD_BoxA_refresh number| TPD_BoxB_refresh number| TPD_BoxC_refresh number| TPD_BoxD_refresh number| TPD_BoxE_refresh number| TPD_BoxF_refresh function| pbjsChunk string| hu object| gy object| ft object| apstag boolean| apstagTargetingDone boolean| pbjsTargetingDone object| tpd_refreshLimits object| tpd_refreshStatus object| google_image_requests object| districtmTracker boolean| districtmCarouselIsLoaded object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| apstagLOADED object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages

5 Cookies

Domain/Path Name / Value
.wtf1.com/ Name: __qca
Value: P0-1185927853-1594376623083
.wtf1.com/ Name: _gat
Value: 1
.wtf1.com/ Name: _gid
Value: GA1.2.2068270604.1594376623
.wtf1.com/ Name: __gads
Value: ID=c4b6969aeda03b08:T=1594376622:S=ALNI_MY5_6nH2VPtMp_DF3eJU7cZKU1d2g
.wtf1.com/ Name: _ga
Value: GA1.2.1036243038.1594376623

4 Console Messages

Source Level URL
Text
console-api log URL: https://s.206ads.com/configs/wtf1.com.js(Line 1)
Message:
[object Object],[object Object],[object Object],[object Object]
console-api log URL: https://cdn.districtm.ca/receiver/ad-receiver.js(Line 1)
Message:
District M Touch v1.0.25
console-api info URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js(Line 418)
Message:
Powered by AMP ⚡ HTML – Version 2006300332000 https://wtf1.com/
console-api log URL: https://s.206ads.com/configs/wtf1.com.js(Line 1)
Message:
[object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1e37f88eb5f02c1de8edb7d42a9d5b3b.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
adservice.google.de
as-sec.casalemedia.com
btlr.sharethrough.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.districtm.ca
cdn.wtf1.com
cm.g.doubleclick.net
connect.facebook.net
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.moatads.com
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
lockerdome.com
pagead2.googlesyndication.com
pixel.quantserve.com
prebid.adnxs.com
publisherdesk-d.openx.net
rules.quantcount.com
s.206ads.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tags.cdn.circlesix.co
tpc.googlesyndication.com
us-u.openx.net
wtf1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
z.moatads.com
104.154.142.214
13.224.193.63
13.224.199.29
143.204.201.93
172.217.16.162
172.217.22.34
18.132.99.227
185.255.84.150
185.64.189.112
23.210.249.164
23.210.250.213
23.37.53.17
2600:9000:20eb:8000:b:2c1:11c0:93a1
2600:9000:20eb:fe00:17:a3ae:58c0:93a1
2600:9000:21f3:8a00:6:44e3:f8c0:93a1
2606:4700::6812:633c
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:800::2001
2a00:1450:4001:801::200a
2a00:1450:4001:806::2002
2a00:1450:4001:808::2003
2a00:1450:4001:815::2001
2a00:1450:4001:818::2004
2a00:1450:4001:824::200e
2a00:1450:400c:c04::9a
2a03:2880:f01c:8012:face:b00c:0:3
34.98.64.218
37.252.161.190
52.210.165.157
52.58.195.54
52.95.124.170
69.173.144.141
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0863d508877dbc1e956a2ea2e54c80e10e17d7a5d1242f3cf65c197a2aa666e0
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1bae1e79b560e19de202e735d0a0c106a95146d2bcb8dac1433b824615ad2823
1dcdf16a87164a65506dca2d4d2491c0d6b50a1cfd2e0e244382bc512fbf9ff2
237a4c1cc1127989398d5f994c5c3d070660965675bfe1351ee86e1db06ae481
26da19f0d28acabb9a0ad78ffeaf5f9d5aa8d952c8c7d88770d7813746f2a903
2f2375e42e78b3b94d8044c1b75804dc594388d2f238673347a932f850386705
2f52097060181d89a6bb541369c780a060a6271cbbc976067f4669af294b2c03
32aecfed610dc7dbbd9de8af1b2b358ad8d35db7b4ac4e06a5ed5a9f607021d7
34fee3d44f6e20509e967dca45fa4985ad4d73f6bb4ca11fc9f47ed4dd0fb475
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3f51b8525e11365c7cb4630678dde60f6feda8afd6295e54dba7c5dfc70edac7
428dbd99ad6d23b2e6a3e44b2e10b8288f8665023125e60fea6564d1e61d5c7a
484f9d4b564683b5f6bfba815719f6e2a11d5eb237a9c412cab5b2d8613bf6cf
49c6dcba0103cce11fe084256f9fcf908a254ee000505a2951a02fdde55878a5
4ce908d06be429cce8cef24a2faffc0a0e45887d0495a28d02f5a120d5fcbb47
4d26c477e03a9c22d8eb528e18f5c11b69dcb3c9c0f3b517f2da03ae97c46bf6
4daa719748226b8355978a78304f6abb7c461809a3bac44705b1a7b7228c8e22
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52ef2bd3d89ddb5b3cd3f8c0909aa9db339457a3ff3a6f2bb6a5832b40af8f6e
5659e6cec4a1acb976d58e152a78756b5b0c2240ec239ec8549bca1edcccf1af
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
62e2746db3f570a750d15f5327223b5d279e2eecd6e048c285583e3897fe72ad
7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f
75402aaba815b163de3c2f6127f916ac7586d1fe462258242fa8d9484a2c85ae
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
8bf1a22caad79e75e58be376fee15825e45af73505c5589722f7883d41035aca
8ce38406e2afa8136ca4fd9f0b757b60e5825c5c76c6ac04f48f572fb274feeb
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
99aad276be0a9e02b1eb901c15bf385c83b244202102f2e182a5b82d4e713801
9c80957b1d7046f07af077a965bdee86698c4f0b6f153ce8220430efed55df42
9c9f7e4efa5696c7d2c374a427d454249161d82e15688b56dacafe87fccb8936
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2b14a55a46c1fd2f72b6ba0ebce141a38d415fb20e1213deeb351b8698a3a79
ac2b2856d1f42062997544275a7a3e65923781ef208bf4ad9834fec376b32948
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
acd68801773b43322277675295779905b9b427c17cbcfd7b300fb4b6402786be
af68d7ceb71d33448971195f87003df2d8c3ff52457586a682d03c038e318131
ba1ea54c6779eb6c8daddddaea8ba4b19a58c189610834d85f585c2a77c73848
c1258a856b1ea0c3461bcfd2e72f7e6dd45e09342ab41c17ea4efe78be9cffcc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d9004c1fce4b145ba9f6303dd1180673dfbd4177390359caee71cbcfaec03741
dc9ac17c23561c48a9652733554ce63f0126a0218b21d56059ba4327ee1fa4ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e443d52b0e459fe460d4032db647790367f45254e45aca021efa183e9e523a4d
e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ebd16e26b01d0824b51debe0db9601fc4ba577c7809609bca87753146862182f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef207153207cb87bf73c2561977955cb40cd2102aa47f85768336cb180a1fb48
f2b9fbd680625662c167e9f3f5ea44d21cdb4413af8a2d1e52281fa9d8404d12
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
fa7f20155491ad05b1ee7592ba0eca48aa60757cd3dc82b36507166fb4c84455
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ff38d86f100e25a9252ae4c226f59b86f60c5e06325a5a2ffedfc0d639c01eae