hinative.com Open in urlscan Pro
23.21.122.188 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hinative.com/en-US/questions/18830027
Submission Tags: falconsandbox
Submission: On April 16 via api (April 16th 2021, 10:45:15 am UTC) from US

Summary HTTP 330 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 82 IPs in 13 countries across 68 domains to perform 330 HTTP transactions. The main IP is 23.21.122.188, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is hinative.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on February 8th 2021. Valid for: a year.

This is the only time hinative.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	23.21.122.188 23.21.122.188	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
24	65.9.66.8 65.9.66.8	16509 (AMAZON-02) (AMAZON-02)
6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	99.84.156.52 99.84.156.52	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:ba00:19:2cf2:a900:93a1	16509 (AMAZON-02) (AMAZON-02)
5 10	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	52.210.177.43 52.210.177.43	16509 (AMAZON-02) (AMAZON-02)
6	18.181.155.39 18.181.155.39	16509 (AMAZON-02) (AMAZON-02)
1	202.233.84.2 202.233.84.2	131957 (MICROAD M...) (MICROAD MicroAd)
6	168.119.138.54 168.119.138.54	24940 (HETZNER-AS) (HETZNER-AS)
6	13.32.25.102 13.32.25.102	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1 6	124.146.215.52 124.146.215.52	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
6	213.19.162.61 213.19.162.61	3356 (LEVEL3) (LEVEL3)
6	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.186.217.60 35.186.217.60	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
12 17	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
4 13	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400a:803::2003	15169 (GOOGLE) (GOOGLE)
3 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:4007::8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:65::8	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:402... 2a00:1450:4020:1e::9	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:3d::8	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4007:2c::7	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:61::7	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::19 2620:1ec:46::19	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	184.30.20.185 184.30.20.185	16625 (AKAMAI-AS) (AKAMAI-AS)
4	184.30.20.198 184.30.20.198	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	99.84.156.16 99.84.156.16	16509 (AMAZON-02) (AMAZON-02)
1 2	99.84.156.103 99.84.156.103	16509 (AMAZON-02) (AMAZON-02)
1	54.155.128.114 54.155.128.114	16509 (AMAZON-02) (AMAZON-02)
1	208.100.17.173 208.100.17.173	32748 (STEADFAST) (STEADFAST)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2 2	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1 17	54.77.242.172 54.77.242.172	16509 (AMAZON-02) (AMAZON-02)
6 6	52.57.167.187 52.57.167.187	16509 (AMAZON-02) (AMAZON-02)
2 2	23.111.200.118 23.111.200.118	7979 (SERVERS-COM) (SERVERS-COM)
5 5	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	34.192.210.97 34.192.210.97	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	35.169.29.160 35.169.29.160	14618 (AMAZON-AES) (AMAZON-AES)
1	150.136.26.45 150.136.26.45	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	23.79.152.128 23.79.152.128	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.58.206.142 52.58.206.142	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
6 7	52.215.237.248 52.215.237.248	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2 2	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 2	54.239.17.112 54.239.17.112	16509 (AMAZON-02) (AMAZON-02)
1	52.45.185.178 52.45.185.178	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.175.105.62 54.175.105.62	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	213.155.156.165 213.155.156.165	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
2 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1 1	51.75.146.159 51.75.146.159	16276 (OVH) (OVH)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
330	82

1 23.21.122.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-122-188.compute-1.amazonaws.com

hinative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 65.9.66.8 (United States)

ASN16509 (AMAZON-02, US)

cdn.hinative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.156.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-52.txl52.r.cloudfront.net

flux-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:ba00:19:2cf2:a900:93a1 (United States)

ASN16509 (AMAZON-02, US)

currency.prebid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.33.221.50 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.210.177.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-177-43.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.181.155.39 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-181-155-39.ap-northeast-1.compute.amazonaws.com

pb.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.2 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

s-rtb-pb.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 168.119.138.54 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.54.138.119.168.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.25.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-102.fra56.r.cloudfront.net

ad.as.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 124.146.215.52 (Setagaya-ku, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

d.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.217.60 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 60.217.186.35.bc.googleusercontent.com

prebid.flux-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.217.16.130 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 184.30.20.241 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400a:803::2003 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007::8 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

r3---sn-25ge7nzs.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:65::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5e6nz7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4020:1e::9 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

r3---sn-25glene7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:3d::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5ednz7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:2c::7 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

r2---sn-25glenez.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:61::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5e6nsd.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-185.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.156.16 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-16.txl52.r.cloudfront.net

cr-p31.ladsp.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.156.103 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-103.txl52.r.cloudfront.net

cr-pall.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.128.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-128-114.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.173 (United States)

ASN32748 (STEADFAST, US)
PTR: ip173.208-100-17.static.steadfastdns.net

pixel.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 54.77.242.172 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.57.167.187 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.200.118 (Russian Federation) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 70.42.32.191 (United States) 5 redirects

ASN22075 (AS-OUTBRAIN, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.210.97 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.29.160 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.152.128 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.206.142 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.151 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.215.237.248 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-237-248.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.135.227 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.17.112 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.185.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.105.62 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.165 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.146.159 (France) 1 redirects

ASN16276 (OVH, FR)

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	487 KB
47	2mdn.net s0.2mdn.net	2 MB
33	doubleclick.net 12 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	197 KB
25	hinative.com hinative.com cdn.hinative.com	420 KB
21	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	323 KB
18	gumgum.com 1 redirects g2.gumgum.com rtb.gumgum.com	5 KB
15	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com aud.pubmatic.com image2.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com	50 KB
13	adnxs.com 6 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	27 KB
12	casalemedia.com 4 redirects htlb.casalemedia.com dsum-sec.casalemedia.com ssum-sec.casalemedia.com	12 KB
9	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	20 KB
8	yahoo.com 1 redirects c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com	4 KB
8	ladsp.com 1 redirects pb.ladsp.com cr-pall.ladsp.com	3 KB
8	googletagservices.com www.googletagservices.com	264 KB
7	adsrvr.org 6 redirects match.adsrvr.org	3 KB
7	google.com www.google.com adservice.google.com	272 B
6	bidswitch.net 6 redirects x.bidswitch.net	3 KB
6	googlevideo.com 3 redirects r3---sn-25ge7nzs.googlevideo.com r3---sn-4g5e6nz7.googlevideo.com r3---sn-25glene7.googlevideo.com r3---sn-4g5ednz7.googlevideo.com r2---sn-25glenez.googlevideo.com r2---sn-4g5e6nsd.googlevideo.com	2 MB
6	socdm.com 1 redirects d.socdm.com tg.socdm.com	11 KB
6	adtdp.com ad.as.amanad.adtdp.com	3 KB
6	richaudience.com shb.richaudience.com sync.richaudience.com Failed	1 KB
5	servenobid.com ads.servenobid.com public.servenobid.com	4 KB
5	google-analytics.com www.google-analytics.com	19 KB
4	openx.net 3 redirects us-u.openx.net	1 KB
3	outbrain.com 3 redirects sync.outbrain.com	1 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	creativecdn.com 2 redirects prebid-asia.creativecdn.com creativecdn.com	869 B
3	criteo.com bidder.criteo.com gum.criteo.com dis.criteo.com	618 B
2	adform.net 2 redirects c1.adform.net	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	996 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	961 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	627 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	360yield.com 2 redirects ad.360yield.com	616 B
2	zemanta.com 2 redirects b1sync.zemanta.com	1 KB
2	bttrack.com bttrack.com	760 B
2	betweendigital.com 2 redirects ads.betweendigital.com	1017 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	indexww.com js-sec.indexww.com	2 KB
2	teads.tv 1 redirects sync.teads.tv	407 B
2	criteo.net static.criteo.net	51 KB
2	flux-analytics.com prebid.flux-analytics.com	383 B
2	google.de www.google.de adservice.google.de	272 B
2	bugsnag.com sessions.bugsnag.com	97 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu	516 B
1	simpli.fi um.simpli.fi	609 B
1	zeotap.com mwzeom.zeotap.com	596 B
1	de17a.com d5p.de17a.com	134 B
1	extend.tv 1 redirects sync.extend.tv	546 B
1	adentifi.com rtb.adentifi.com	88 B
1	rfihub.com 1 redirects p.rfihub.com	750 B
1	emxdgt.com cs.emxdgt.com
1	contextweb.com 1 redirects bh.contextweb.com	383 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	585 B
1	bluekai.com 1 redirects stags.bluekai.com	1 KB
1	deepintent.com match.deepintent.com	44 B
1	technoratimedia.com sync.technoratimedia.com	293 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	610 B
1	onetag-sys.com onetag-sys.com	818 B
1	33across.com pixel.33across.com
1	ladsp.jp 1 redirects cr-p31.ladsp.jp	224 B
1	microad.jp s-rtb-pb.send.microad.jp	393 B
1	prebid.org currency.prebid.org	2 KB
1	flux-cdn.com flux-cdn.com	87 KB
1	googletagmanager.com www.googletagmanager.com	37 KB
0	appier.net Failed ad2.apx.appier.net Failed
330	68

	Domain	Requested by
47	s0.2mdn.net	hinative.com s0.2mdn.net
33	tpc.googlesyndication.com	securepubads.g.doubleclick.net 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com tpc.googlesyndication.com www.gstatic.com
24	cdn.hinative.com	hinative.com cdn.hinative.com
21	pagead2.googlesyndication.com	securepubads.g.doubleclick.net hinative.com 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
17	rtb.gumgum.com	1 redirects g2.gumgum.com
17	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net g2.gumgum.com
10	ib.adnxs.com	5 redirects flux-cdn.com googleads.g.doubleclick.net acdn.adnxs.com
9	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
9	www.gstatic.com	4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
8	www.googletagservices.com	hinative.com securepubads.g.doubleclick.net 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
7	match.adsrvr.org	6 redirects ssum-sec.casalemedia.com
7	4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	x.bidswitch.net	6 redirects
6	fonts.gstatic.com	fonts.googleapis.com
6	csi.gstatic.com	www.gstatic.com
6	googleads4.g.doubleclick.net	hinative.com
6	c2shb.ssp.yahoo.com	flux-cdn.com
6	fastlane.rubiconproject.com	flux-cdn.com
6	ad.as.amanad.adtdp.com	flux-cdn.com
6	shb.richaudience.com	flux-cdn.com
6	pb.ladsp.com	flux-cdn.com
6	www.google.com	hinative.com 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
6	securepubads.g.doubleclick.net	hinative.com www.googletagservices.com securepubads.g.doubleclick.net 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
5	d.socdm.com	flux-cdn.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com hinative.com
4	simage2.pubmatic.com	ads.pubmatic.com
4	ads.pubmatic.com	flux-cdn.com g2.gumgum.com ads.pubmatic.com
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	ads.servenobid.com	flux-cdn.com public.servenobid.com g2.gumgum.com
3	image2.pubmatic.com	ads.pubmatic.com
3	sync.outbrain.com	3 redirects
3	fonts.googleapis.com	4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
3	googleads.g.doubleclick.net	4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
2	c1.adform.net	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	creativecdn.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	sync.mathtag.com	2 redirects
2	sync.1rx.io	2 redirects
2	ad.360yield.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	bttrack.com	g2.gumgum.com ssum-sec.casalemedia.com
2	ads.betweendigital.com	2 redirects
2	secure.adnxs.com	1 redirects ssum-sec.casalemedia.com
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	ap.lijit.com	2 redirects
2	cr-pall.ladsp.com	1 redirects
2	eus.rubiconproject.com	flux-cdn.com eus.rubiconproject.com
2	js-sec.indexww.com	flux-cdn.com ssum-sec.casalemedia.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	static.criteo.net	flux-cdn.com static.criteo.net
2	prebid.flux-analytics.com	flux-cdn.com
2	sessions.bugsnag.com	cdn.hinative.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	ws.rqtrk.eu	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	d5p.de17a.com	image6.pubmatic.com
1	dis.criteo.com	image6.pubmatic.com
1	sync.extend.tv	1 redirects
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	tg.socdm.com	1 redirects
1	cs.emxdgt.com	g2.gumgum.com
1	bh.contextweb.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	stags.bluekai.com	1 redirects
1	match.deepintent.com	g2.gumgum.com
1	sync.technoratimedia.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	image6.pubmatic.com	ads.pubmatic.com
1	onetag-sys.com	public.servenobid.com
1	pixel.33across.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	cr-p31.ladsp.jp	1 redirects
1	acdn.adnxs.com	flux-cdn.com
1	public.servenobid.com	flux-cdn.com
1	r2---sn-4g5e6nsd.googlevideo.com	4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
1	r2---sn-25glenez.googlevideo.com	1 redirects
1	r3---sn-4g5ednz7.googlevideo.com	4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
1	r3---sn-25glene7.googlevideo.com	1 redirects
1	r3---sn-4g5e6nz7.googlevideo.com	4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
1	r3---sn-25ge7nzs.googlevideo.com	1 redirects
1	gum.criteo.com	static.criteo.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	htlb.casalemedia.com	flux-cdn.com
1	prebid-asia.creativecdn.com	flux-cdn.com
1	hbopenbid.pubmatic.com	flux-cdn.com
1	s-rtb-pb.send.microad.jp	flux-cdn.com
1	bidder.criteo.com	flux-cdn.com
1	currency.prebid.org	flux-cdn.com
1	www.google.de	hinative.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	flux-cdn.com	hinative.com
1	www.googletagmanager.com	hinative.com
1	hinative.com
0	sync.richaudience.com Failed	flux-cdn.com
0	ad2.apx.appier.net Failed	flux-cdn.com
330	105

This site contains links to these domains. Also see Links.

Domain
v.ht
is.gd
www.facebook.com
twitter.com
social-plugins.line.me
itunes.apple.com
play.google.com
hinative.helpshift.com
support-en.hinative.com
lang-8.jp

Subject Issuer	Validity	Valid
hinative.com GeoTrust RSA CA 2018	`2021-02-08` - `2022-03-11`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
cdn.hinative.com Amazon	`2021-03-17` - `2022-04-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
flux-cdn.com Amazon	`2021-01-21` - `2022-02-18`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-18`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.prebid.org Amazon	`2020-09-25` - `2021-10-26`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.servenobid.com Amazon	`2021-02-12` - `2022-03-13`	a year	crt.sh
*.ladsp.com GlobalSign RSA OV SSL CA 2018	`2020-02-28` - `2021-05-30`	a year	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2020-10-06` - `2021-11-07`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-17` - `2022-03-16`	a year	crt.sh
*.as.amanad.adtdp.com Amazon	`2021-04-06` - `2022-05-05`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2020-04-24` - `2022-06-02`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-18` - `2021-09-08`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
prebid.flux-analytics.com GTS CA 1D2	`2021-03-09` - `2021-06-07`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
teads.tv R3	`2021-02-18` - `2021-05-19`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-04-06` - `2021-06-15`	2 months	crt.sh
public.servenobid.com DigiCert SHA2 Secure Server CA	`2020-08-26` - `2021-08-25`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
onetag-sys.com R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-25` - `2021-12-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh

This page contains 40 frames:

Primary Page: https://hinative.com/en-US/questions/18830027
Frame ID: 9F7EC61EB7E36558456BCAD1429AF8CF
Requests: 97 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=hinative.com
Frame ID: 7756A42F98464A8E79791B1A76ED7726
Requests: 1 HTTP requests in this frame

Frame: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 22FB35C4B2A4A35546F87E98439A1155
Requests: 14 HTTP requests in this frame

Frame: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AF6A7F129047DD6DCDE32CAB64C51552
Requests: 14 HTTP requests in this frame

Frame: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4AA6B4510B3F23F8F32B64DBE006BD6D
Requests: 14 HTTP requests in this frame

Frame: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DA809201F311E1999D9A0B84C4653D66
Requests: 21 HTTP requests in this frame

Frame: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7C117C76CD8DCAACF6C103E7DD3418DE
Requests: 21 HTTP requests in this frame

Frame: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 948229DA1D39BDEBC08CDA15C2B6E977
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGNzg66MBMAE&v=APEucNUL7H9I-zGxjNpxuRiaiBxXs-nQwH60DGZgRBHLiHo5N6IgpWxj6LeAo7K2WAhOfUVaUTzHU6DZ1PKN_oN8zCIY-x5Rz-st6YR057z_yV7yZY0e_NDUjzuVJ-pDp5Wo3hoJUaOSxb2F8QGP6O4ZcJNaeatxpfdPypo6Lz4R0f0HwLWQyw0h8gPmHGUCvuhMRTrV7gM_5adj9xx9_OctyA7kj7Mf0Q
Frame ID: FB3C21F78C2987589E21357C139FE1AC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGK_Y66MBMAE&v=APEucNU50JRcLVAOvcE2XxD_uukepTf7yV4abfEA6ONsVDCw2LRMf91SNr3OZ7ytqThrb63SgdZrkAKokzM92Q43P6rHSTK1y2Nxmo6Zqwk_9umPGNSLK6QsQjFd4lCYrHnA1x_Ei1mmXw7bKHsZgzbuOEbPyPhkQqN5mCur4ip8Xgz8F5PEEhlAPnfJxSotGEuTYgYfIcklwZaSBtEnoNtHA0PEah9CzA
Frame ID: F46347BAEAA20BFE4B19049D102404DA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGLfh66MBMAE&v=APEucNVcv7pMS-nhcTLTXHllaMk0znSUfTyFxz7J1YWjVmtsABVlAhFyQpAD6Z27fbdmAI2cRmPPlE4E3IRD3jFHhlz_bRZ-gzjOaRtPU_HYYKnqr7ch2op_O4_4aOVXN6m8nazA6rhKBotHcjzInfOoq-Rt7JpV8WRnsOctuveNvkyaDju0QwR1zzEEhPq0_j2SE8JPXXLQWUd8_JOxfn_d3_7ndSjndw
Frame ID: 0615A35429C33CEE5E7C26A374FEE5A9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 5E4E6427E0559BFCC2A22CFB5057CCB8
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
Frame ID: AE75C2D6BFFF48E99DF2851709D7B3C2
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html
Frame ID: 7E58C3D60F843AF4F6DC892FD646C9BF
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
Frame ID: 1AC26DB0A92B3A20042AD88B1CD67FCB
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6CD73CA7802FCCC5C87D1E1A8464BAB6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 902B69E77137E1D23CD3DF88287C48A2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C4C3C05C053F1AA76D1AEA3D26F6501F
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 22CCE709126E18EF5A5AAA3D912005EB
Requests: 3 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=8496682480
Frame ID: 997AE4DB7211C957EEFD15A4F4AB05F0
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5901EDFF58F28872BC5FE89ADBE56AD3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 672A1CBCF20294BC20DEBF7E30623B48
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2FAABA2D14A6ABAE89BF8099728E443B
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 79A7A3B1C9A239189C60EA032E062E12
Requests: 3 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Frame ID: E4C758788D269B8B39AEFEABF4610C89
Requests: 15 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D678%26uid%3D33XUSERID33X
Frame ID: 8563FA4EBA87747E8781226E2E8CA762
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D6114%26uid%3D
Frame ID: 5E57B64C406DF7900A39FE9335C803E9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://hinative.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 9C2241F53E88934AD7040F48C2A5756E
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=77216079-6aae-4300-a8ad-1757c37c81d2&gdpr=0&gdpr_consent=
Frame ID: 3C783383423269663AF1A65C0A851110
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YHlqrgAAJ4OKAgA4&gdpr=0&gdpr_consent=&_test=YHlqrgAAJ4OKAgA4
Frame ID: DA4DA528F7BD7811A85E24569A3C8F25
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iZjBmNmM4Yy05Y2ZiLTQ1YWUtYThlNy1lZDE3MTg5ZjY3MDk=&gdpr=0&gdpr_consent=
Frame ID: A3437E9CB657AE555D72EAC4740EA6FB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 442260CC01D645C6E24BE6A074918B55
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=c459021b-6a06-4c50-b36c-e835e71ca695&t=1621161902
Frame ID: 244FE95236957C943252C8EAE195D2D3
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 8BE828CB451CD6BD4B661EE914BF93FF
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YHlqr8Co8XUAAL82f-oAAAAA
Frame ID: C3124EE1674FBB65E0ED3AE4AAF06866
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1875819618998565093
Frame ID: EA320783EC0FC11B58358A2AD4C5DE94
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=xcRe18n00qurOfnYI8ZH&pi=gumgum&tc=1
Frame ID: A3F11D6E7B171E178CC3B0774D86DFEB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: EC1C29C4B2356D0E2A68C66AE1738AD4
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 05E457C650FA593462B7664F110E8A60
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: A6EA8D0161EDE95FE6BCEB5F383F8FA4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

330
Requests

99 %
HTTPS

35 %
IPv6

68
Domains

105
Subdomains

82
IPs

13
Countries

6503 kB
Transfer

10190 kB
Size

6
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://v.ht/one_second_champion
Title: https://v.ht/one_second_champion

Search URL Search Domain Scan URL

URL: https://is.gd/one_second_champion
Title: https://is.gd/one_second_champion

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https://hinative.com/en-US/questions/18830027
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=%E4%B8%80%E7%A7%92%E6%8B%B3%E7%8E%8B%E2%96%B7%E7%B7%9A%E4%B8%8A%E7%9C%8B%E5%AE%8C%E6%95%B4%E7%89%88(2021)%E7%94%B5%E5%BD%B1%E5%9C%A8%E7%BA%BF[HD]%E8%A7%82%E7%9C%8B%E5%92%8C%E4%B8%8B%E8%BD%BD&url=https://hinative.com/en-US/questions/18830027&hashtags=hinative&via=HinativeEn
Title:

Search URL Search Domain Scan URL

URL: https://social-plugins.line.me/lineit/share?url=https://hinative.com/en-US/questions/18830027
Title:

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/apple-store/id923920480?pt=1191579&ct=bestapp_footer_questions_show&mt=8
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.lang8.hinative&referrer=utm_source%3Dbestapp_footer_questions_show
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hinative
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/HiNativeEN
Title:

Search URL Search Domain Scan URL

URL: https://hinative.helpshift.com/a/hinative/?l=en
Title: Help

Search URL Search Domain Scan URL

URL: http://support-en.hinative.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://support-en.hinative.com/termsofuse
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://support-en.hinative.com/asct
Title: Display based on Specified Commercial Transactions Law

Search URL Search Domain Scan URL

URL: http://support-en.hinative.com/about/
Title: About

Search URL Search Domain Scan URL

URL: https://lang-8.jp/en/
Title: Company

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1

Request Chain 161

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHlqrJ2q2KbYEX7zx4aDSgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJspWn7G-G9Cmu4dtDJBG88&google_cver=1

Request Chain 163

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0MTQ5MDE1NTAyNjk1MzI3OA%3D%3D

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1

Request Chain 169

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHlqrJ2q2KbYEX7zx4aDSgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJspWn7G-G9Cmu4dtDJBG88&google_cver=1

Request Chain 171

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0MTQ5MDE1NTAyNjk1MzI3OA%3D%3D

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFDoq3yjFUsx6l_CFJhaF_8&google_cver=1

Request Chain 184

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGQwYTAxOTgtNmNhNS0yMDQzLWMyYWUtYTZiZTU3MTFiYmRm

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKj1j62aQL_MP7X-vYT5EZs&google_cver=1

Request Chain 186

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjcxNzc1YTktMTVmMi00MjQyLTgwMjgtMjgyY2MzYzllZTkw

Request Chain 193

https://r3---sn-25ge7nzs.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YPXLAdvjgAeUyYHQBA&ip=82.102.18.251&id=e40b9471d1c37e95&itag=18&source=youtube&requiressl=yes&mh=uF&mm=31&mn=sn-25ge7nzs&ms=au&mv=m&mvi=3&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=6.060&lmt=1582199896356425&mt=1618569671&txp=2216222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgcZ1SFOdd4pBX54--J21GdiVbtwuFnGVsaZN_L6tbgiICIH1BLUICUa_TWvIe2FfpLHUKyYjDlbvbLQo8kuy5cYcZ&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAOrWGWxLg4v1fsrM6aHjmOVk6cxqa6sA-uHQFFGfobEpAiEAmrcrAfOqFdq89VNUTUOt7_Mglaveq4errvHZDYhyJW0= HTTP 302
https://r3---sn-4g5e6nz7.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YPXLAdvjgAeUyYHQBA&ip=82.102.18.251&id=e40b9471d1c37e95&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=6.060&lmt=1582199896356425&txp=2216222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgcZ1SFOdd4pBX54--J21GdiVbtwuFnGVsaZN_L6tbgiICIH1BLUICUa_TWvIe2FfpLHUKyYjDlbvbLQo8kuy5cYcZ&redirect_counter=1&rm=sn-25gkr7s&req_id=5bf5bc0e4d5436e2&cms_redirect=yes&ipbypass=yes&mh=uF&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nz7&ms=au&mt=1618569427&mv=m&mvi=3&pl=47&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgIJcGZoUcRsfdwT7glgDmKuIiEyYe0F4rnCURMh9Ta-ICIQC_ULHkBGysJ9zu6QhG6ONrGmV4Ohg_IV5PaQco74Jbtg%3D%3D

Request Chain 205

https://r3---sn-25glene7.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YOnFAY-RgAfa9J2YBA&ip=82.102.18.251&id=e40b9471d1c37e95&itag=18&source=youtube&requiressl=yes&mh=uF&mm=31&mn=sn-25glene7&ms=au&mv=m&mvi=3&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=6.060&lmt=1582199896356425&mt=1618569671&txp=2216222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgWdysIOWeaq-bkWEsNe8ewQu3XlPwSWj40I2BI4EFr80CIQD_WSnNiboGi2SDv7X7389joRvBAnYO1z8jGLZNQ2F6zw==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgTzafj_ZuvRwyIbEKv1djUOaCjEBybzIWK_DPpyuubOcCIByzwslcUWK1Yyq8vDxKqblsYIlXFjJMIXXhEQFYisTn HTTP 302
https://r3---sn-4g5ednz7.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YOnFAY-RgAfa9J2YBA&ip=82.102.18.251&id=e40b9471d1c37e95&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=6.060&lmt=1582199896356425&txp=2216222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgWdysIOWeaq-bkWEsNe8ewQu3XlPwSWj40I2BI4EFr80CIQD_WSnNiboGi2SDv7X7389joRvBAnYO1z8jGLZNQ2F6zw==&redirect_counter=1&rm=sn-25gde7s&req_id=e30ff41b42d336e2&cms_redirect=yes&ipbypass=yes&mh=uF&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednz7&ms=au&mt=1618569671&mv=m&mvi=3&pl=47&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAKNKFlyz3ZEONEQSPgnwEQFWpHywKfyDv_dKCMoZgt_iAiEAlc7l5Kpg1Q7Z8h4qiR2zgMupJbOyUWzLcGUnpiAHvec%3D

Request Chain 207

https://r2---sn-25glenez.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YKrJAZHO1wLQ_KvQBw&ip=82.102.18.251&id=0db3a64b78c720fd&itag=18&source=youtube&requiressl=yes&mh=A4&mm=31&mn=sn-25glenez&ms=au&mv=m&mvi=2&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=33.459&lmt=1611231058319395&mt=1618569671&txp=6210222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgcQm3lp5xF8qWbaLlXMV-6zvdZ8PPaAufPrXAF_R6bIUCIQCsMEEPVD0xwrDyVyVOWeNpNoii8mBCGjvKNZ-EEdxbfA==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgB5e9OdC6DrixG6Gtcn9gEWjZvtbKzoMiO6seJfmW8tUCIEmaeoKWyIrn6C8xt9gBQ8VEKtGsMsfwi92ttAPNVB2- HTTP 302
https://r2---sn-4g5e6nsd.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YKrJAZHO1wLQ_KvQBw&ip=82.102.18.251&id=0db3a64b78c720fd&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=33.459&lmt=1611231058319395&txp=6210222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgcQm3lp5xF8qWbaLlXMV-6zvdZ8PPaAufPrXAF_R6bIUCIQCsMEEPVD0xwrDyVyVOWeNpNoii8mBCGjvKNZ-EEdxbfA==&redirect_counter=1&rm=sn-25gkz7l&req_id=2f499cd0ddd636e2&cms_redirect=yes&ipbypass=yes&mh=A4&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nsd&ms=au&mt=1618569427&mv=m&mvi=2&pl=47&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPk1Zs7IiS2FJ4VhWBW97VtJabmjLb4NpHoiRyFlJzW1AiB90Kl8a6PiPY1mEC5LeP0tDJANcbhPf3X7uJKX9WyASQ%3D%3D

Request Chain 278

https://cr-p31.ladsp.jp/cookiesender/31 HTTP 302
https://cr-pall.ladsp.com/cookiesender/31 HTTP 302
https://cr-pall.ladsp.com/cookiesender/31?cr=true

Request Chain 282

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D3858%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&cbimg=3858&uid=6341490155026953278

Request Chain 283

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D9871%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D9871%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://ads.servenobid.com/sync?pid=310&cbimg=9871&uid=a85207f2dd544b02d41e2a30

Request Chain 289

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=6341490155026953278

Request Chain 290

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=c474a918-e327-516a-8728-aa09e751c0a6&ssp=gumgum2&expires=30&user_group=1 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=99a472d0-b04d-428f-a634-b694d1b7654b

Request Chain 291

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28TJRXe2q-V9Jac-p9zj2bkvlxk_r-S8jb3q0XfBQIfR99Mgypueh9b3nhi3E_ccEb%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28TJRXe2q-V9Jac-p9zj2bkvlxk_r-S8jb3q0XfBQIfR99Mgypueh9b3nhi3E_ccEb%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709&obuid=ENC(TJRXe2q-V9Jac-p9zj2bkvlxk_r-S8jb3q0XfBQIfR99Mgypueh9b3nhi3E_ccEb) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://bttrack.com/Pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbidtellect%26uid%3D%7Bglobalid%7D%26obUid%3DTJRXe2q-V9Jac-p9zj2bkvlxk_r-S8jb3q0XfBQIfR99Mgypueh9b3nhi3E_ccEb

Request Chain 292

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=d6587622-8dc7-46b1-b035-ecea55a374f9

Request Chain 293

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-8ba7bc75-a222-4b24-729d-0a97566eea1a$ip$82.102.18.251

Request Chain 294

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-TSIbEiBE2pf5Eg5DiFP7DDFFK3r8pqznu8hc~A

Request Chain 295

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=cc7e7e7d-9ea0-11eb-8ae7-131d8a2ae458

Request Chain 298

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://stags.bluekai.com/site/23178?id=KbTxCYQTJaHXimPXI1KC&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2S3CKR4EGWKRKRFGCSCYNFWVAWCJGFFUGJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2S3CKR4EGWKRKRFGCSCYNFWVAWCJGFFUGJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=KbTxCYQTJaHXimPXI1KC&us_privacy=1---

Request Chain 299

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=055f6e02-7151-46dd-8a4b-de69cbeb9227

Request Chain 300

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=206118694 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=206118694 HTTP 302
https://sync.1rx.io/usersync/tradedesk/f68a42d6-0d5a-428e-932a-f5ee8ae93255 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-af4847fd-6bf4-4791-9786-f37f82b4a93c-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-af4847fd-6bf4-4791-9786-f37f82b4a93c-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-af4847fd-6bf4-4791-9786-f37f82b4a93c-003

Request Chain 301

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=LXeW1FX1UNbA&ev=1&pid=558355

Request Chain 303

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=77216079-6aae-4300-a8ad-1757c37c81d2&gdpr=0&gdpr_consent=

Request Chain 304

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YHlqrgAAJ4OKAgA4 HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YHlqrgAAJ4OKAgA4&gdpr=0&gdpr_consent=&_test=YHlqrgAAJ4OKAgA4

Request Chain 307

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=c459021b-6a06-4c50-b36c-e835e71ca695&t=1621161902

Request Chain 309

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YHlqr8Co8XUAAL82f-oAAAAA

Request Chain 310

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1875819618998565093

Request Chain 311

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=xcRe18n00qurOfnYI8ZH&pi=gumgum&tc=1

Request Chain 313

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHlqrJ2q2KbYEX7zx4aDSgAABLsAAAAB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEOc5CueqI_mHhUXlQRgMXg0&google_cver=1

Request Chain 315

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHlqrJ2q2KbYEX7zx4aDSgAABLsAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHlqrJ2q2KbYEX7zx4aDSgAABLsAAAAB&dcc=t

Request Chain 319

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=658b8d5e-9604-4444-8485-2bb48b7306ac

Request Chain 324

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vWo5eXkSQg-NZNq_l-ujZg%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 326

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BD6A3979-7912-420F-8D64-DABF97EBA366&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BD6A3979-7912-420F-8D64-DABF97EBA366&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 327

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BD6A3979-7912-420F-8D64-DABF97EBA366&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BD6A3979-7912-420F-8D64-DABF97EBA366&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BD6A3979-7912-420F-8D64-DABF97EBA366&addseg=12,35,41

Request Chain 328

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkQ2QTM5NzktNzkxMi00MjBGLThENjQtREFCRjk3RUJBMzY2&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 329

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHcsZtoKJYWGwtTH8X8p34E&google_cver=1

Request Chain 331

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6e20a4f5-a9d9-41d5-8d76-e11d5b4d4ab0

Request Chain 332

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4613669298233970573

Request Chain 333

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:00866079-6aae-4700-aab8-3f87da7a5375&gdpr=0&gdpr_consent=

Request Chain 334

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6341490155026953278&gdpr=0&gdpr_consent=

Request Chain 335

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99a472d0-b04d-428f-a634-b694d1b7654b&gdpr=&gdpr_consent=&gdpr_pd=

330 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 18830027 Show response
hinative.com/en-US/questions/ 63 KB
18 KB 605ms
387ms Document
text/html 23.21.122.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hinative.com/en-US/questions/18830027

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.21.122.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-21-122-188.compute-1.amazonaws.com

Software

nginx /

Resource Hash

101ff43bf916725af56a85e671473849e8b3099b7a58f24ffd71836dc96cf08d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: hinative.com
:scheme: https
:path: /en-US/questions/18830027
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:44:56 GMT
content-type: text/html; charset=utf-8
server: nginx
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"101ff43bf916725af56a85e671473849"
cache-control: max-age=0, private, must-revalidate
set-cookie: identifier=51232127401598181026282; path=/; expires=Tue, 16 Apr 2041 10:44:56 GMT _hinative_session=dXI0cE1CeW5FbnROWWxtSWl4UjFFTW1PdFoyZVVUaWEvSmJ0a2pJZkQzU3pYYXc1b1dDSVpoQkhKM1YvaVRlOCtwcDVQbnl2SEpJTDdCVlZhdEZUVkJYYzJza1JGNVZVVnlkaVpva0p4cTBZTCtQZ0VoYlcrR3NFRWhsUllsaGJCY2Nad09MMEduOXNEODU2RkJPWjFXdEUyTXVWamhwWG5oeVczd0NiSEhkcG1XR1V5MGhORUNycTk3MU5uTFJnTm1lRDdDUThKM2cwWVA5VnpqZWE5QT09LS1vcjE0RFl2L0lPd2ZrRDRDd1d5S2xBPT0%3D--54268623a980923566a90afe8b105eb2682efec6; domain=.hinative.com; path=/; HttpOnly
x-request-id: f15dbf17-c6b1-46ac-a563-10efd99cc24c
x-runtime: 0.194120
cache_control: max-age=31536000, public
content-encoding: gzip

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-452011-21

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c4633d2bf1c5c299b332e539814d5a2296afa6ff5d2a5966479621982b97791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37439
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Apr 2021 10:44:56 GMT

GET
H2 200 icons-928a50fb.chunk.css
cdn.hinative.com/packs/css/ 6 KB
1 KB 114ms
32ms Stylesheet
text/css 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hinative.com/packs/css/icons-928a50fb.chunk.css
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7761d934415231a42d6179886b22ec72d193a4e8c9b712a7c01ea39ef408fdf6

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 12 Mar 2021 00:11:05 GMT
content-encoding: br
last-modified: Fri, 12 Mar 2021 00:07:18 GMT
server: AmazonS3
age: 3062032
etag: "88f60ba3e62bf2a3685257ab56e75d8f"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1107
x-amz-cf-id: NMwx4-meA2Ml9wkXflkWpbMLDZ1r0E0gemG8E6jqzh322oXMWOANaQ==

GET
H2 200 vendor-dae5f322.chunk.css
cdn.hinative.com/packs/css/ 19 KB
4 KB 114ms
32ms Stylesheet
text/css 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hinative.com/packs/css/vendor-dae5f322.chunk.css
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38986e848a4addd02a466f3d8ab2f34d2f8f0497948fec7a853a5154b7f9dce0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 22 Feb 2021 15:47:50 GMT
content-encoding: br
last-modified: Mon, 22 Feb 2021 15:44:57 GMT
server: AmazonS3
age: 4561027
etag: "46ef80b625740aae5aac3495d0c996c4"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3210
x-amz-cf-id: mSlG7apaDPGfoX0-s_Y1eii_1rDHK2rIhZQV24RAPKKjr6TIyUUiQQ==

GET
H2 200 application~trek_lp-6947c06a.chunk.css
cdn.hinative.com/packs/css/ 59 KB
8 KB 114ms
33ms Stylesheet
text/css 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hinative.com/packs/css/application~trek_lp-6947c06a.chunk.css
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed4cb114d841ebaa730a9bb63b32c93e2d6e020c255217b7c716969b8e7a66fa

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 13 Feb 2021 01:50:42 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:21:48 GMT
server: AmazonS3
age: 5388855
etag: "7c3423199b489bdb95bc9440a1afa1c9"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 7488
x-amz-cf-id: MkT-JJY_VWTrmuzw5PmZl3kA7txcamjUeLOUF7Ut26y-Sf6Yzmi8tA==

GET
H2 200 application-27ac6b79.chunk.css
cdn.hinative.com/packs/css/ 309 KB
39 KB 114ms
33ms Stylesheet
text/css 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hinative.com/packs/css/application-27ac6b79.chunk.css
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66c5f894454c1306c3a81b8c080f9875f03d92b13902c85d27a03448c36d8d30

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 09 Apr 2021 00:10:30 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 00:06:07 GMT
server: AmazonS3
age: 642867
etag: "dbb137c0c49f335392f43d3752aaa580"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 39132
x-amz-cf-id: eFTc8zE_40vSnIgjnmIr4zCfC8W-YLHAZ2XC-QZpHVPiZyw6OnYjsA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 115ms
39ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

5a522169cfdfbc213b05739b57073f2f51f97c0fae8cf2feef524c4e1e03364d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "844 / 767 of 1000 / last-modified: 1618565971"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21065
x-xss-protection: 0
expires: Fri, 16 Apr 2021 10:44:57 GMT

GET
H2 200 flux_hinative_AS_TM_AT.min.js Show response
flux-cdn.com/client/lang8/ 304 KB
87 KB 233ms
134ms Script
application/x-javascript 99.84.156.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-52.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2f1b39785fdad8e448d3dc5bd970defaf35afecea1791531000ed9de3c1f10d

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: br
last-modified: Thu, 15 Apr 2021 04:46:33 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: W/"13cc4817902c83bcac059242b060230b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 fa133af2508a341e1ff6bfff526ba095.cloudfront.net (CloudFront)
x-amz-cf-id: 4I5hQrbWV2_IYWSRneCWkUKC2BYjfvAcUATKyQ6fwFNHoj44RbshAQ==

GET
H2 200 missing_thumb_gray@2x-879e10168ed4ab25bd5114d683aba07c780ffd58480f2c29cf5b037dc54fe64f.png
cdn.hinative.com/assets/loadings/ 915 B
1 KB 69ms
66ms Image
image/png 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hinative.com/assets/loadings/missing_thumb_gray@2x-879e10168ed4ab25bd5114d683aba07c780ffd58480f2c29cf5b037dc54fe64f.png
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 879e10168ed4ab25bd5114d683aba07c780ffd58480f2c29cf5b037dc54fe64f

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 08 Feb 2021 01:04:53 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jun 2018 22:12:37 GMT
server: AmazonS3
age: 5823604
etag: "90f3acfd90281fb75036cb4c9d8b05f2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 915
x-amz-cf-id: P4CsGhs553JUscNxXKlgSfUkH5FHRK8nq_H18molTm_GHkl8G7MGEw==
expires: Sat, 15 Jun 2019 04:12:35 GMT

GET
H2 200 spacer-b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b.gif
cdn.hinative.com/assets/loadings/ 43 B
449 B 69ms
66ms Image
image/gif 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hinative.com/assets/loadings/spacer-b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b.gif
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 12 Feb 2021 17:19:09 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jun 2018 22:12:40 GMT
server: AmazonS3
age: 5419548
etag: "325472601571f31e1bf00674c368d335"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 43
x-amz-cf-id: Kp9uqI5TPReszXJBd7_kWvdGyakU1-nCcdlIy26UdWrZRmdQXJ0uaw==
expires: Sat, 15 Jun 2019 04:12:39 GMT

GET
H2 200 img_disagree_large@2x-34afeb13ba8533227780dd9a7ccb2e0826c003b76d8b86deb6b80b2611356424.png
cdn.hinative.com/assets/ 2 KB
3 KB 69ms
67ms Image
image/png 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hinative.com/assets/img_disagree_large@2x-34afeb13ba8533227780dd9a7ccb2e0826c003b76d8b86deb6b80b2611356424.png
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34afeb13ba8533227780dd9a7ccb2e0826c003b76d8b86deb6b80b2611356424

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 17 Mar 2021 06:40:48 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Thu, 06 Sep 2018 01:50:06 GMT
server: AmazonS3
age: 2606649
etag: "1e5b54daa31f8cf91dfc76193fad8e07"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2465
x-amz-cf-id: ZIhnELDJE23LrX7T6CRN4XlLuTh0R2pEYQpPS6tcYmkr9gqfAEdqAg==
expires: Fri, 06 Sep 2019 07:50:04 GMT

GET
H2 200 monga-02ec79f33c55cef9be6edd3c069dd9f34c99d016d35ef230031662155d517195.png
cdn.hinative.com/assets/icons/ 10 KB
10 KB 69ms
67ms Image
image/png 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hinative.com/assets/icons/monga-02ec79f33c55cef9be6edd3c069dd9f34c99d016d35ef230031662155d517195.png
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02ec79f33c55cef9be6edd3c069dd9f34c99d016d35ef230031662155d517195

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 08 Feb 2021 01:04:53 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Thu, 07 Jan 2021 07:27:31 GMT
server: AmazonS3
age: 5823604
etag: "4e86987f779715cccb2519b9f516c79e"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10217
x-amz-cf-id: xGk3lv4BqdWiML0otq8HN-gPKlLfwN7b8BakOpTTeEaPm9hcw3kRwA==

GET
H2 200 step_02-bd3fa44df19932bbcb238e503ec4d16f14151be1ec021eeac2cdad2bc0685889.svg
cdn.hinative.com/assets/levels/ 377 B
757 B 69ms
67ms Image
image/svg+xml 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hinative.com/assets/levels/step_02-bd3fa44df19932bbcb238e503ec4d16f14151be1ec021eeac2cdad2bc0685889.svg
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd3fa44df19932bbcb238e503ec4d16f14151be1ec021eeac2cdad2bc0685889

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 28 Jan 2021 21:14:49 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Fri, 20 Sep 2019 07:14:04 GMT
server: AmazonS3
age: 6701408
etag: "e949bf6577fac0957a94e998fce71d78"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 377
x-amz-cf-id: KV0R-Z5A6K68X3gkQW0KjohAOMq28xew0PS7Rb4fgNqgGrF6wP7FhQ==

GET
H2 200 icon_premium_media-f741ca49a8ea1e90a3d2a89099186a43388a4762cf20bc3c6737311b848e1bd0.svg
cdn.hinative.com/assets/premium/ 4 KB
2 KB 71ms
69ms Image
image/svg+xml 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hinative.com/assets/premium/icon_premium_media-f741ca49a8ea1e90a3d2a89099186a43388a4762cf20bc3c6737311b848e1bd0.svg
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f741ca49a8ea1e90a3d2a89099186a43388a4762cf20bc3c6737311b848e1bd0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 07 Feb 2021 18:25:52 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 23:09:52 GMT
server: AmazonS3
age: 5847545
etag: W/"b18364453d7ac8c243a37498a2b0d118"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: HUHDbdaPHzIJX-NZ3R2R-sqqLAZDp1G6jhIxWYePLOrO5CBjhdNz_w==

GET
H2 200 rating_stars-a80cccda28adcb9a7f25ef969a93a669f9b5e9a3695aaa0cb200fd32cb9f634b.svg
cdn.hinative.com/assets/ 3 KB
2 KB 71ms
69ms Image
image/svg+xml 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hinative.com/assets/rating_stars-a80cccda28adcb9a7f25ef969a93a669f9b5e9a3695aaa0cb200fd32cb9f634b.svg
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a80cccda28adcb9a7f25ef969a93a669f9b5e9a3695aaa0cb200fd32cb9f634b

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 14 Sep 2020 04:08:49 GMT
content-encoding: gzip
last-modified: Thu, 09 Jan 2020 07:56:37 GMT
server: AmazonS3
age: 18513368
etag: W/"f79378fe26bc3c40a91d95fe69e153f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: mVUMqUtX-wB_PB9FiDdVY2tfkVDVYcpncvb0Az_bbVt8yV0L1phsSA==

GET
H2 200 ico_facebook@2x-bee56114f9f3494082ec899968de9b844bfbffbb6ca61ac1eadf3e6f23ddb420.png
cdn.hinative.com/assets/top/ 825 B
1 KB 72ms
70ms Image
image/png 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hinative.com/assets/top/ico_facebook@2x-bee56114f9f3494082ec899968de9b844bfbffbb6ca61ac1eadf3e6f23ddb420.png
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bee56114f9f3494082ec899968de9b844bfbffbb6ca61ac1eadf3e6f23ddb420

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 17 Mar 2021 17:07:43 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Thu, 06 Sep 2018 01:45:12 GMT
server: AmazonS3
age: 2569033
etag: "2c5d872583a4150de782fbec2a7c6e0b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 825
x-amz-cf-id: W6xlhSKe6lRCpjnt0KSBFEaCfNE8H-jTopsTi8ryoJpH5Zbl_7yjyw==
expires: Fri, 06 Sep 2019 07:45:09 GMT

GET
H2 200 ico_twitter@2x-a6274d3d2de3f15ac58ea3f85c7581d9d71b13d26de828f6a40008121c2508bd.png
cdn.hinative.com/assets/top/ 1 KB
1 KB 72ms
70ms Image
image/png 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hinative.com/assets/top/ico_twitter@2x-a6274d3d2de3f15ac58ea3f85c7581d9d71b13d26de828f6a40008121c2508bd.png
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6274d3d2de3f15ac58ea3f85c7581d9d71b13d26de828f6a40008121c2508bd

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 05 Feb 2021 01:17:50 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Thu, 06 Sep 2018 01:44:50 GMT
server: AmazonS3
age: 6082027
etag: "0220dfed6501afab54fa0efd79b3e7c2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1055
x-amz-cf-id: mN8wt2QIZ1xmAN01WMao2GJcl2aTT-MfeJvyVxDhWdDZTStD-3WAjg==
expires: Fri, 06 Sep 2019 07:44:49 GMT

GET
H2 200 runtime.f8c9b7c7.js Show response
cdn.hinative.com/packs/ 1 KB
1 KB 31ms
31ms Script
application/javascript 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hinative.com/packs/runtime.f8c9b7c7.js
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99e4407962ae8468dd999b7c99ad6fa2e5e284b30d1e1e25954716ee06c743cb

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 04 Feb 2021 01:06:20 GMT
content-encoding: br
last-modified: Wed, 03 Feb 2021 23:34:23 GMT
server: AmazonS3
age: 6169117
etag: "558c3860f4815b1385331b164f772f9a"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 660
x-amz-cf-id: bFfamzGeZpWW1z1vC3yarNO4lhzg0dwM_-ZLsZwk5kcmg17SqJJO0g==

GET
H2 200 vendor-2ee8aa61c94238f31606.chunk.js Show response
cdn.hinative.com/packs/js/ 769 KB
176 KB 38ms
38ms Script
application/javascript 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hinative.com/packs/js/vendor-2ee8aa61c94238f31606.chunk.js
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e921f1dbad0a3e3afd17bdda77e62b0e5674f7c46fa622b34d8d14764da2524

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Apr 2021 17:13:38 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 17:10:02 GMT
server: AmazonS3
age: 322279
etag: "57322933c4825f5892c1da920a01d54b"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 179822
x-amz-cf-id: YsAFnAWwbEVSkN4rHikJ9L5kmRWDoZKf9nOrcvx9lSH6c496w2KTqA==

GET
H2 200 libs-3ba1d56d52c4d979e43c.chunk.js Show response
cdn.hinative.com/packs/js/ 3 KB
2 KB 70ms
66ms Script
application/javascript 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hinative.com/packs/js/libs-3ba1d56d52c4d979e43c.chunk.js
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8867bba0925a430222a8608d16cfbaffcaac3c3d107e745f3ce263b42c53e26c

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 01 Mar 2021 18:10:42 GMT
content-encoding: br
last-modified: Mon, 01 Mar 2021 18:06:54 GMT
server: AmazonS3
age: 3947655
etag: "16f556096a4d24af261d8fd5ea1d461c"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1176
x-amz-cf-id: jy-GWQ01rIO63dGlLi4iiwL2YvqS6hdIIEb67dIE-f_73nyVNquJXg==

GET
H2 200 application~application_questions_show~trek_lp-0ec111ca868d10b03bfc.chunk.js Show response
cdn.hinative.com/packs/js/ 3 KB
1 KB 70ms
66ms Script
application/javascript 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hinative.com/packs/js/application~application_questions_show~trek_lp-0ec111ca868d10b03bfc.chunk.js
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76680ac6ec4cc807aa8bc85bcfd0c4ed4dee3f2d7f616cde0257e9cd05cd4587

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 10 Feb 2021 02:14:13 GMT
content-encoding: br
last-modified: Wed, 10 Feb 2021 02:10:07 GMT
server: AmazonS3
age: 5646644
etag: "39870a7cb2def5509508f6b6baaba097"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 846
x-amz-cf-id: WvCNq8UN4fNTWh6gbS37lD_vrtWewPMslISu_Suyi-Y0v7FVQUM8SQ==

GET
H2 200 application~application_questions_show-84d4fe423d577e7e318d.chunk.js Show response
cdn.hinative.com/packs/js/ 77 KB
12 KB 70ms
66ms Script
application/javascript 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hinative.com/packs/js/application~application_questions_show-84d4fe423d577e7e318d.chunk.js
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df66cc8b39f9dece3c2f22e244e83129fe5a0cfa44978a58ee371e91386b3f0d

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 09 Apr 2021 00:10:30 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 00:06:06 GMT
server: AmazonS3
age: 642867
etag: "3c70afe88cef715bc4984ea2d7505dfe"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 11541
x-amz-cf-id: jBsmdkjJ7aohhi7YxSgvn49AXKzM7nw79Oa0SHN3iPzfs6XTkGv5MQ==

GET
H2 200 application_questions_show-6b67f03b3d34698c3bde.chunk.js Show response
cdn.hinative.com/packs/js/ 2 KB
1 KB 70ms
66ms Script
application/javascript 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hinative.com/packs/js/application_questions_show-6b67f03b3d34698c3bde.chunk.js
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 447988f7be5cbb6851576ab23623f2114fc49dd7a93ff93115737b3a7d93a46d

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 09 Apr 2021 11:27:49 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 11:24:38 GMT
server: AmazonS3
age: 602228
etag: "4e6afb1a369c006348fe8e2918cce275"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 647
x-amz-cf-id: -ZGlaleOcKaKGqFg_qn_e6s8HW-YiK--Td2OwBM2fHySV6UQxKDGZg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-452011-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 3087
date: Fri, 16 Apr 2021 09:53:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Fri, 16 Apr 2021 11:53:29 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5574b7b2b33e0ea3ff3dc730c2e9bdc0120a8bc048434690e5bb2b892f26378b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "844 / 106 of 1000 / last-modified: 1618566032"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21065
x-xss-protection: 0
expires: Fri, 16 Apr 2021 10:44:56 GMT

GET
H2 200 icomoon-18f7d1c3ae8cf97dec0f26ca3a77bdcf.ttf
cdn.hinative.com/packs/media/src/stylesheets/icon_fonts/fonts/ 26 KB
27 KB 101ms
39ms Font
font/ttf 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hinative.com/packs/media/src/stylesheets/icon_fonts/fonts/icomoon-18f7d1c3ae8cf97dec0f26ca3a77bdcf.ttf
Requested by: Host: cdn.hinative.com
URL: https://cdn.hinative.com/packs/css/icons-928a50fb.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c30897ea16d135967cbabb2d7e76c1153175f3d403f9d49d272a39248f2804e

Request headers

Origin: https://hinative.com
Referer: https://cdn.hinative.com/packs/css/icons-928a50fb.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 00:11:07 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
vary: Origin
age: 3062031
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26976
last-modified: Fri, 12 Mar 2021 00:07:13 GMT
server: AmazonS3
etag: "714b8426bf0bc2171e48fce539f229df"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 2pW8crx3m7__pKcl-j1pP_OqOM5sL22YPEiJ6QyrvppaA1__QgTGQQ==

GET
H2 200 step_01-0b5ca760.svg
cdn.hinative.com/packs/media/levels/ 377 B
757 B 31ms
30ms Image
image/svg+xml 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hinative.com/packs/media/levels/step_01-0b5ca760.svg
Requested by: Host: cdn.hinative.com
URL: https://cdn.hinative.com/packs/css/application-27ac6b79.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0189acce4e2d92e726249143edaddfa4e3a07b637b72e55da5719639deb7063c

Request headers

Referer: https://cdn.hinative.com/packs/css/application-27ac6b79.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Apr 2021 00:30:09 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Sun, 11 Apr 2021 01:22:13 GMT
server: AmazonS3
age: 382489
etag: "79c4b564ef3c3ba4b8cb347445e32870"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 377
x-amz-cf-id: KbT-GSMvaDWwBPtGz0etK3TjQuSD9u9k-aWctV1fXnF-gF7AdQgKGg==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
15ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=578196602&t=pageview&_s=1&dl=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&ul=en-us&de=UTF-8&dt=%E4%B8%80%E7%A7%92%E6%8B%B3%E7%8E%8B%E2%96%B7%E7%B7%9A%E4%B8%8A%E7%9C%8B%E5%AE%8C%E6%95%B4%E7%89%88(2021)%E7%94%B5%E5%BD%B1%E5%9C%A8%E7%BA%BF%5BHD%5D%E8%A7%82%E7%9C%8B%E5%92%8C%E4%B8%8B%E8%BD%BD%20%7C%20HiNative&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oGBAAUABAAAAAC~&jid=1488176458&gjid=190311139&cid=1216605840.1618569897&tid=UA-452011-21&_gid=1470492240.1618569897&_r=1&cd1=guest&cd2=FreeQuestion&gtm=2ou472&z=972524053

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hinative.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=578196602&t=event&ni=1&_s=2&dl=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&ul=en-us&de=UTF-8&dt=%E4%B8%80%E7%A7%92%E6%8B%B3%E7%8E%8B%E2%96%B7%E7%B7%9A%E4%B8%8A%E7%9C%8B%E5%AE%8C%E6%95%B4%E7%89%88(2021)%E7%94%B5%E5%BD%B1%E5%9C%A8%E7%BA%BF%5BHD%5D%E8%A7%82%E7%9C%8B%E5%92%8C%E4%B8%8B%E8%BD%BD%20%7C%20HiNative&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=questions_show_w2a_balloon_banner_impression_true_b&_u=oGBAAUABAAAAAC~&jid=&gjid=&cid=1216605840.1618569897&tid=UA-452011-21&_gid=1470492240.1618569897&cd1=guest&cd2=FreeQuestion&gtm=2ou472&z=790835521

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2479
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pubads_impl_2021041201.js Show response
securepubads.g.doubleclick.net/gpt/ 294 KB
104 KB 78ms
39ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

f9b0195ab22815c68db0b05e89abfc88fcb0b46b8b9a28d70ca731f17e07053e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Apr 2021 08:37:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106031
x-xss-protection: 0
expires: Fri, 16 Apr 2021 10:44:57 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=578196602&t=event&ni=1&_s=3&dl=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&ul=en-us&de=UTF-8&dt=%E4%B8%80%E7%A7%92%E6%8B%B3%E7%8E%8B%E2%96%B7%E7%B7%9A%E4%B8%8A%E7%9C%8B%E5%AE%8C%E6%95%B4%E7%89%88(2021)%E7%94%B5%E5%BD%B1%E5%9C%A8%E7%BA%BF%5BHD%5D%E8%A7%82%E7%9C%8B%E5%92%8C%E4%B8%8B%E8%BD%BD%20%7C%20HiNative&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Performance%20Metrics&ea=first-paint&ev=825&_u=qGBAAUABAAAAAC~&jid=&gjid=&cid=1216605840.1618569897&tid=UA-452011-21&_gid=1470492240.1618569897&cd1=guest&cd2=FreeQuestion&gtm=2ou472&z=691883934

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2479
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=578196602&t=event&ni=1&_s=4&dl=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&ul=en-us&de=UTF-8&dt=%E4%B8%80%E7%A7%92%E6%8B%B3%E7%8E%8B%E2%96%B7%E7%B7%9A%E4%B8%8A%E7%9C%8B%E5%AE%8C%E6%95%B4%E7%89%88(2021)%E7%94%B5%E5%BD%B1%E5%9C%A8%E7%BA%BF%5BHD%5D%E8%A7%82%E7%9C%8B%E5%92%8C%E4%B8%8B%E8%BD%BD%20%7C%20HiNative&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Performance%20Metrics&ea=first-contentful-paint&ev=825&_u=qGBAAUABAAAAAC~&jid=&gjid=&cid=1216605840.1618569897&tid=UA-452011-21&_gid=1470492240.1618569897&cd1=guest&cd2=FreeQuestion&gtm=2ou472&z=2034758476

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2479
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 157ms
143ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://hinative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Fri, 16 Apr 2021 10:44:57 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
97 B 146ms
146ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: cdn.hinative.com
URL: https://cdn.hinative.com/packs/js/vendor-2ee8aa61c94238f31606.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://hinative.com/
Bugsnag-Sent-At: 2021-04-16T10:44:57.145Z
Bugsnag-Api-Key: 28acae8943f3b47f7342d9e076ec2ffe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 16 Apr 2021 10:44:57 GMT
via: 1.1 google
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 pattern_base@2x-11cd7f64.png
cdn.hinative.com/packs/media/images/ 6 KB
6 KB 31ms
31ms Image
image/png 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hinative.com/packs/media/images/pattern_base@2x-11cd7f64.png
Requested by: Host: cdn.hinative.com
URL: https://cdn.hinative.com/packs/css/application-27ac6b79.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1dc2b77a11cb5084fed0a62ad294a9f864edd374a2c092a524ae8a9813e7a021

Request headers

Referer: https://cdn.hinative.com/packs/css/application-27ac6b79.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 08 Mar 2021 12:54:44 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Mon, 08 Mar 2021 05:11:00 GMT
server: AmazonS3
age: 3361814
etag: "65dbe8d70cab21114c516584f6a09f96"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6225
x-amz-cf-id: ZvuMyKtZCcU0MKJozwMJlkeVz76yZ9Cr4mHI--6cL7P2w4I-UfRW8A==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-452011-21&cid=1216605840.1618569897&jid=1488176458&gjid=190311139&_gid=1470492240.1618569897&_u=oGBAAUAAAAAAAC~&z=601571296

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Apr 2021 10:44:57 GMT
content-type: text/plain
access-control-allow-origin: https://hinative.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-452011-21&cid=1216605840.1618569897&jid=1488176458&_u=oGBAAUAAAAAAAC~&z=1183247068

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-452011-21&cid=1216605840.1618569897&jid=1488176458&_u=oGBAAUAAAAAAAC~&z=1183247068

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 missing_thumb-d5ecb423a9abf2db69cd65460c3c2fb74c02f6c4e1dc2c6a2477122e5bcc7e98.png
cdn.hinative.com/assets/ 1 KB
1 KB 35ms
34ms Image
image/png 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hinative.com/assets/missing_thumb-d5ecb423a9abf2db69cd65460c3c2fb74c02f6c4e1dc2c6a2477122e5bcc7e98.png
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ecb423a9abf2db69cd65460c3c2fb74c02f6c4e1dc2c6a2477122e5bcc7e98

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 04 Feb 2021 01:52:32 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Wed, 12 Feb 2020 08:07:02 GMT
server: AmazonS3
age: 6166345
etag: "67c44a58bb66212a9c04115140746ec0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1145
x-amz-cf-id: 4T4Lzj2lKwP8XtIcqgus9EBlOKhA96oJ6yo42EcrR2yxn9o7KvGd7Q==

GET
H2 200 large.jpg
cdn.hinative.com/attached_images/756670/15bcc887f9b5f369394858ce619d42dca9dcb824/ 101 KB
101 KB 38ms
38ms Image
image/jpeg 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hinative.com/attached_images/756670/15bcc887f9b5f369394858ce619d42dca9dcb824/large.jpg?1618566901
Requested by: Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 365344a681f881c2d36db7a5f12d207cdd43aeea84d5b937c02d1296780911a0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:17:12 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Fri, 16 Apr 2021 09:55:02 GMT
server: AmazonS3
age: 1665
etag: "d646c8ecd4a5387b8dc68b1f3cbcb72f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 103180
x-amz-cf-id: 0BUHGarWv_SYIF819BwMapjthJAsvy_uskIxvwOTKW5w7L1LvhjC4w==

GET
H2 200 latest.json Show response
currency.prebid.org/ 2 KB
2 KB 29ms
5ms XHR
application/octet-stream 2600:9000:206f:ba00:19:2cf2:a900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://currency.prebid.org/latest.json
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ba00:19:2cf2:a900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00dd73eea0213d99a6ab3f5dd9e7674e0900f1256dbae7763d79be52e0975a26

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Apr 2021 15:00:56 GMT
via: 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
vary: Origin
age: 71042
x-cache: Hit from cloudfront
content-length: 1644
last-modified: Thu, 15 Apr 2021 15:00:55 GMT
server: AmazonS3
etag: "0f6c4ff861025fbe5f8c2209f40dca90"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 7VtWUutuuVFwS2_l2b1tXTdW5heWZ2oUMPnMTspaAsCyd9jzHBA47g==
expires: Fri, 16 Apr 2021 15:00:51 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
741 B 99ms
34ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:44:57 GMT
X-Proxy-Origin: 82.102.18.251; 82.102.18.251; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.37:80
AN-X-Request-Uuid: 825fd6f8-7a83-4eec-a104-f78ebbcf0789
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://hinative.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
142 B 121ms
45ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.33.0&cb=83140637354
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hinative.com
date: Fri, 16 Apr 2021 10:44:57 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 adreq Show response
ads.servenobid.com/ 87 B
357 B 120ms
40ms XHR
application/json 52.210.177.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=5941
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.177.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-177-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 78e5d732d75393501f145dc3b8a0b26f1dcfffcf6854013dcdeb444f3d26d73b

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://hinative.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ 90 B
411 B 743ms
244ms XHR
application/json 18.181.155.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.181.155.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-181-155-39.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: abad0cadaed2c2e92df5d56d60dcdd21b82343797a43d73af49381aa1abfb047

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
server: Logicad/DADServer
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
access-control-allow-origin: https://hinative.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 90
expires: -1

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ 90 B
410 B 764ms
265ms XHR
application/json 18.181.155.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.181.155.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-181-155-39.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: abad0cadaed2c2e92df5d56d60dcdd21b82343797a43d73af49381aa1abfb047

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
server: Logicad/DADServer
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
access-control-allow-origin: https://hinative.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 90
expires: -1

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ 90 B
410 B 961ms
462ms XHR
application/json 18.181.155.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.181.155.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-181-155-39.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: abad0cadaed2c2e92df5d56d60dcdd21b82343797a43d73af49381aa1abfb047

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
server: Logicad/DADServer
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
access-control-allow-origin: https://hinative.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 90
expires: -1

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ 90 B
410 B 744ms
245ms XHR
application/json 18.181.155.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.181.155.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-181-155-39.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: abad0cadaed2c2e92df5d56d60dcdd21b82343797a43d73af49381aa1abfb047

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
server: Logicad/DADServer
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
access-control-allow-origin: https://hinative.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 90
expires: -1

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ 90 B
410 B 960ms
462ms XHR
application/json 18.181.155.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.181.155.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-181-155-39.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: abad0cadaed2c2e92df5d56d60dcdd21b82343797a43d73af49381aa1abfb047

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
server: Logicad/DADServer
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
access-control-allow-origin: https://hinative.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 90
expires: -1

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ 90 B
410 B 762ms
264ms XHR
application/json 18.181.155.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.181.155.39 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-181-155-39.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: abad0cadaed2c2e92df5d56d60dcdd21b82343797a43d73af49381aa1abfb047

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
server: Logicad/DADServer
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
access-control-allow-origin: https://hinative.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 90
expires: -1

GET
H2 200 prebid Show response
s-rtb-pb.send.microad.jp/ 47 B
393 B 832ms
322ms XHR
application/json 202.233.84.2
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb-pb.send.microad.jp/prebid?spot=71ba3427b61673cb5e0e092d1893a578&url=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&referrer=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&bid_id=305b342777b82cf&transaction_id=8640bc9e-1520-4e3b-a97a-c7cb45d20aeb&media_types=1&cbt=75abf93c603c080178da48a52f

Requested by

Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=86400
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: https://hinative.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
214 B 125ms
41ms XHR
text/html 168.119.138.54
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.138.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.54.138.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinative.com
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
214 B 147ms
63ms XHR
text/html 168.119.138.54
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.138.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.54.138.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinative.com
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
214 B 127ms
43ms XHR
text/html 168.119.138.54
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.138.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.54.138.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinative.com
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
214 B 148ms
64ms XHR
text/html 168.119.138.54
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.138.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.54.138.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinative.com
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
214 B 150ms
67ms XHR
text/html 168.119.138.54
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.138.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.54.138.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinative.com
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
214 B 148ms
66ms XHR
text/html 168.119.138.54
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.138.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.54.138.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinative.com
access-control-max-age: 86400
access-control-allow-credentials: true

POST bid
ad2.apx.appier.net/v1/prebid/ 0
0

GET
H2 200 prebid Show response
ad.as.amanad.adtdp.com/v2/ 69 B
510 B 335ms
263ms XHR
application/json 13.32.25.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.as.amanad.adtdp.com/v2/prebid?asi=luLPxypMg&skt=5&prebid_id=460d82764efbced&prebid_ver=4.33.0&page_url=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-102.fra56.r.cloudfront.net
Software: /
Resource Hash: 696f2ae2d6b10bc9948443a31844a85224d226a656529154c28c6df92e8a9fa0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hinative.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 92
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: sLmXIlNCdNNxK9UXt4DJoF-TQH21-KTSXJ5piUCLkKu7mZWBmXErXg==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 prebid Show response
ad.as.amanad.adtdp.com/v2/ 69 B
509 B 331ms
259ms XHR
application/json 13.32.25.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.as.amanad.adtdp.com/v2/prebid?asi=9Hi9xytMg&skt=5&prebid_id=472543ff83057d1&prebid_ver=4.33.0&page_url=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-102.fra56.r.cloudfront.net
Software: /
Resource Hash: 696f2ae2d6b10bc9948443a31844a85224d226a656529154c28c6df92e8a9fa0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hinative.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 92
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: GgGjuHtn7_c7dczBq7GaWMiRZ3TMZJPn9xXM_tNxaMq5VUwzNDlivw==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 prebid Show response
ad.as.amanad.adtdp.com/v2/ 69 B
509 B 333ms
261ms XHR
application/json 13.32.25.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.as.amanad.adtdp.com/v2/prebid?asi=n-kubspMg&skt=5&prebid_id=487d4492ab0a1e1&prebid_ver=4.33.0&page_url=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-102.fra56.r.cloudfront.net
Software: /
Resource Hash: 696f2ae2d6b10bc9948443a31844a85224d226a656529154c28c6df92e8a9fa0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hinative.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 92
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: WewXU-f6xbsy4A_aEsTYJhuwiY4ZEqwtudC7MTkDWu6lKZrUKIMUtQ==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 prebid Show response
ad.as.amanad.adtdp.com/v2/ 69 B
509 B 332ms
260ms XHR
application/json 13.32.25.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.as.amanad.adtdp.com/v2/prebid?asi=Z1ItbstMR&skt=5&prebid_id=49b4676fd8c05dd&prebid_ver=4.33.0&page_url=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-102.fra56.r.cloudfront.net
Software: /
Resource Hash: 696f2ae2d6b10bc9948443a31844a85224d226a656529154c28c6df92e8a9fa0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hinative.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 92
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: RMgFucs7SwvGtjrPgDEqBQWI7RvNsOBkgx7OGSUSEUhSyvYoaKiLvw==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 prebid Show response
ad.as.amanad.adtdp.com/v2/ 69 B
508 B 328ms
257ms XHR
application/json 13.32.25.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.as.amanad.adtdp.com/v2/prebid?asi=5ZwobstMg&skt=5&prebid_id=50c165e6108cffb&prebid_ver=4.33.0&page_url=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-102.fra56.r.cloudfront.net
Software: /
Resource Hash: 696f2ae2d6b10bc9948443a31844a85224d226a656529154c28c6df92e8a9fa0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hinative.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 92
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: Pj8xLjnn0jFRo-DcFjFc7v6pdTKz-0h2dND_M5GQSjCeaIaOYUl0dw==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 prebid Show response
ad.as.amanad.adtdp.com/v2/ 69 B
509 B 329ms
258ms XHR
application/json 13.32.25.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.as.amanad.adtdp.com/v2/prebid?asi=IXqabypMg&skt=5&prebid_id=5118f600dbe9674&prebid_ver=4.33.0&page_url=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.25.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-25-102.fra56.r.cloudfront.net
Software: /
Resource Hash: 696f2ae2d6b10bc9948443a31844a85224d226a656529154c28c6df92e8a9fa0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hinative.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 92
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: E8dYCvTRMAYB_jGiE_-aBjsMWJXaSVinJS13W7KGqs8xQqoQuvGrBA==
expires: Thu, 01 Jan 1970 09:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 153ms
78ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hinative.com
date: Fri, 16 Apr 2021 10:44:57 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
174 B 592ms
200ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hinative.com
date: Fri, 16 Apr 2021 10:44:57 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK v1 Show response
d.socdm.com/adsv/ 1 KB
2 KB 1806ms
264ms XHR
application/json 124.146.215.52
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.socdm.com/adsv/v1?posall=SSPLOC&id=127397&sdktype=0&hb=true&t=json3&transactionid=c78262c1-5325-40ee-bc69-6e590b6d50f2&sizes=728x90&currency=JPY&pbver=4.33.0&sdkname=prebidjs&adapterver=1.0.1&imark=1&tp=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.52 Setagaya-ku, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6e6421f2d034cb3f2c6f59d016c5e0243267029d193cdc23e5f5309a49ecedf3

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Apr 2021 10:44:58 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/adsv\/v1?adapterver=1.0.1&currency=JPY&hb=true&id=127397&imark=1&pbver=4.33.0&posall=SSPLOC&sdkname=prebidjs&sdktype=0&sizes=728x90&t=json3&tp=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&transactionid=c78262c1-5325-40ee-bc69-6e590b6d50f2","cluster_id":49,"gdpr":true,"ipv4":"0.0.0.0","key":"YHlqqsCo8XcAAKp6bnkAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad241"}
X-SO-Key: YHlqqsCo8XcAAKp6bnkAAAAA
X-SO-Upstream-ID: m-ad241
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad241.dc4p.scaleout.jp
Connection: keep-alive
Content-Length: 1096
X-SO-IP: 82.102.18.251
X-SO-Cluster-ID: 49
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://hinative.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-SO-Ads-Time: 7
X-SO-LB-Hostname: m-tgng19.dc4p.scaleout.jp

GET
H/1.1 200
OK v1 Show response
d.socdm.com/adsv/ 1 KB
2 KB 1837ms
295ms XHR
application/json 124.146.215.52
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.socdm.com/adsv/v1?posall=SSPLOC&id=127402&sdktype=0&hb=true&t=json3&transactionid=8640bc9e-1520-4e3b-a97a-c7cb45d20aeb&sizes=300x250&currency=JPY&pbver=4.33.0&sdkname=prebidjs&adapterver=1.0.1&imark=1&tp=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.52 Setagaya-ku, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 0be66e7d40057fe960ef3bf0732572b78e997497c439124f03f9033e2c68309a

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Apr 2021 10:44:58 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/adsv\/v1?adapterver=1.0.1&currency=JPY&hb=true&id=127402&imark=1&pbver=4.33.0&posall=SSPLOC&sdkname=prebidjs&sdktype=0&sizes=300x250&t=json3&tp=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&transactionid=8640bc9e-1520-4e3b-a97a-c7cb45d20aeb","cluster_id":22,"gdpr":true,"ipv4":"0.0.0.0","key":"YHlqqsCo8YoAAFn6RlcAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40338"}
X-SO-Key: YHlqqsCo8YoAAFn6RlcAAAAA
X-SO-Upstream-ID: a-ad40338
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: a-ad40338.dc2p.scaleout.jp
Connection: keep-alive
Content-Length: 1102
X-SO-IP: 82.102.18.251
X-SO-Cluster-ID: 22
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://hinative.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-SO-Ads-Time: 35
X-SO-LB-Hostname: m-tgng38.dc4p.scaleout.jp

GET
H/1.1 200
OK v1 Show response
d.socdm.com/adsv/ 1 KB
2 KB 1825ms
269ms XHR
application/json 124.146.215.52
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.socdm.com/adsv/v1?posall=SSPLOC&id=127401&sdktype=0&hb=true&t=json3&transactionid=669e9066-5256-4659-8713-819872ff4b65&sizes=300x600&currency=JPY&pbver=4.33.0&sdkname=prebidjs&adapterver=1.0.1&imark=1&tp=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.52 Setagaya-ku, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 61e69fedecc3630d083ede6f04a0148c3b8f968afc684c9a9bba5e014eec4af2

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Apr 2021 10:44:58 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/adsv\/v1?adapterver=1.0.1&currency=JPY&hb=true&id=127401&imark=1&pbver=4.33.0&posall=SSPLOC&sdkname=prebidjs&sdktype=0&sizes=300x600&t=json3&tp=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&transactionid=669e9066-5256-4659-8713-819872ff4b65","cluster_id":51,"gdpr":true,"ipv4":"0.0.0.0","key":"YHlqqsCo8XYAAKBPlaYAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad307"}
X-SO-Key: YHlqqsCo8XYAAKBPlaYAAAAA
X-SO-Upstream-ID: m-ad307
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad307.dc4p.scaleout.jp
Connection: keep-alive
Content-Length: 1096
X-SO-IP: 82.102.18.251
X-SO-Cluster-ID: 51
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://hinative.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-SO-Ads-Time: 4
X-SO-LB-Hostname: m-tgng18.dc4p.scaleout.jp

GET
H/1.1 200
OK v1 Show response
d.socdm.com/adsv/ 1 KB
2 KB 1838ms
276ms XHR
application/json 124.146.215.52
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.socdm.com/adsv/v1?posall=SSPLOC&id=127398&sdktype=0&hb=true&t=json3&transactionid=f258c844-4ca2-42bf-bbb4-daeb9949e193&sizes=300x250&currency=JPY&pbver=4.33.0&sdkname=prebidjs&adapterver=1.0.1&imark=1&tp=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.52 Setagaya-ku, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 501bb884689ef574219a29d5701fe0180f42ab2cb78c23436818eb563fead693

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Apr 2021 10:44:58 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/adsv\/v1?adapterver=1.0.1&currency=JPY&hb=true&id=127398&imark=1&pbver=4.33.0&posall=SSPLOC&sdkname=prebidjs&sdktype=0&sizes=300x250&t=json3&tp=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&transactionid=f258c844-4ca2-42bf-bbb4-daeb9949e193","cluster_id":35,"gdpr":true,"ipv4":"0.0.0.0","key":"YHlqqsCo8XcAAJDJaaQAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad291"}
X-SO-Key: YHlqqsCo8XcAAJDJaaQAAAAA
X-SO-Upstream-ID: m-ad291
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad291.dc4p.scaleout.jp
Connection: keep-alive
Content-Length: 1096
X-SO-IP: 82.102.18.251
X-SO-Cluster-ID: 35
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://hinative.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-SO-Ads-Time: 6
X-SO-LB-Hostname: m-tgng19.dc4p.scaleout.jp

GET
H/1.1 200
OK v1 Show response
d.socdm.com/adsv/ 1 KB
2 KB 1847ms
280ms XHR
application/json 124.146.215.52
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.socdm.com/adsv/v1?posall=SSPLOC&id=127400&sdktype=0&hb=true&t=json3&transactionid=906834d1-0797-4387-b3b3-949e04e7b028&sizes=300x250&currency=JPY&pbver=4.33.0&sdkname=prebidjs&adapterver=1.0.1&imark=1&tp=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.52 Setagaya-ku, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: d8562274d87e86fe80e457d1c04ec73fd6cac0c697916b7ffbd7089d104131f4

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Apr 2021 10:44:58 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/adsv\/v1?adapterver=1.0.1&currency=JPY&hb=true&id=127400&imark=1&pbver=4.33.0&posall=SSPLOC&sdkname=prebidjs&sdktype=0&sizes=300x250&t=json3&tp=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&transactionid=906834d1-0797-4387-b3b3-949e04e7b028","cluster_id":39,"gdpr":true,"ipv4":"0.0.0.0","key":"YHlqqsCo8YwAAIKxM9AAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad231"}
X-SO-Key: YHlqqsCo8YwAAIKxM9AAAAAA
X-SO-Upstream-ID: m-ad231
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad231.dc4p.scaleout.jp
Connection: keep-alive
Content-Length: 1096
X-SO-IP: 82.102.18.251
X-SO-Cluster-ID: 39
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://hinative.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-SO-Ads-Time: 9
X-SO-LB-Hostname: m-tgng40.dc4p.scaleout.jp

GET v1
d.socdm.com/adsv/ 0
0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 211ms
93ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23348&site_id=369366&zone_id=2015112&size_id=2&rf=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&tk_flint=pbjs_lite_v4.33.0&x_source.tid=c78262c1-5325-40ee-bc69-6e590b6d50f2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9236018516239388
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ec4e5976da9cdf8ada9ef2329d7755b7d5698196b5a5d3e0f6688286bc248a1f

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:44:57 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hinative.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 212ms
94ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23348&site_id=369366&zone_id=2015116&size_id=15&rf=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&tk_flint=pbjs_lite_v4.33.0&x_source.tid=8640bc9e-1520-4e3b-a97a-c7cb45d20aeb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8817071367157232
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 92afb6ead899ef561eca07a2a33f7e2f7611e9c050d62a6306f56334090e788d

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:44:57 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hinative.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 223ms
104ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23348&site_id=369366&zone_id=2015114&size_id=10&rf=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&tk_flint=pbjs_lite_v4.33.0&x_source.tid=669e9066-5256-4659-8713-819872ff4b65&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5227647461384428
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 51366b91654054d4f6204cfcd692d399effdd6dd38b5f0ebeb6d070b3c88ce66

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:44:57 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hinative.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 213ms
94ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23348&site_id=369366&zone_id=2015106&size_id=15&rf=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&tk_flint=pbjs_lite_v4.33.0&x_source.tid=f258c844-4ca2-42bf-bbb4-daeb9949e193&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8628409768124454
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 8f6f549d8121eadafba3e43ee0e0ed2b370b2ee8ea5c26e98977f8bccd55dfbc

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:44:57 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hinative.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 225ms
100ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23348&site_id=369366&zone_id=2015108&size_id=15&rf=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&tk_flint=pbjs_lite_v4.33.0&x_source.tid=906834d1-0797-4387-b3b3-949e04e7b028&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6001671257334726
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a572a75a15e12c3e6c84837e96b118c63dc95463e7a1d422d3e2fc45dec75b77

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:44:57 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hinative.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 229ms
104ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23348&site_id=369366&zone_id=2015110&size_id=15&rf=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&tk_flint=pbjs_lite_v4.33.0&x_source.tid=d2251e83-cabd-494a-b5bd-f9ea049d4475&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5076568877822552
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 849309795b4b1689fed5bb2a126fd92aa868aaae08d3f83c72c499dcf263c6cd

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:44:57 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hinative.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
472 B 1182ms
97ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0d0177776edd3e72a12a4a0073&pos=8a9691b8017777f83c23f8c647cc02a7&cmd=bid&secure=1
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 14266540aa575e640ca2b7cd8eb85b01761666c03f4709f99a4fddaefeae0b2f

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Apr 2021 10:44:58 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://hinative.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
472 B 1209ms
112ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0d0177776edd3e72a12a4a0073&pos=8a9699fd017777f83855f8c64d2c028d&cmd=bid&secure=1
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 066cd0f37b266f5d0059963295ab279890b637078a462f63662bc4eaefd23484

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Apr 2021 10:44:58 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://hinative.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
472 B 1202ms
105ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0d0177776edd3e72a12a4a0073&pos=8a9691b8017777f83c23f8c64b8f02a8&cmd=bid&secure=1
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: f7c7e2386b07dc1d47840ed788d4290165a9989ef6f38e74a99d5a1fc0ca22f5

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Apr 2021 10:44:58 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://hinative.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
472 B 1210ms
112ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0d0177776edd3e72a12a4a0073&pos=8a9694ed017777f840a4f8c643c70292&cmd=bid&secure=1
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 3c47fcecd1833285b278af4323ab8e1bbdcef7a9c2bd44065e826bfc11884de4

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Apr 2021 10:44:58 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://hinative.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
472 B 1213ms
115ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0d0177776edd3e72a12a4a0073&pos=8a9691b8017777f83c23f8c644ba02a6&cmd=bid&secure=1
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 2b1d5ef5aa0e02754213bd12266f53c2739554747db14284de39304c2e1fdabe

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Apr 2021 10:44:58 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://hinative.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
472 B 1291ms
110ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0d0177776edd3e72a12a4a0073&pos=8a9694ed017777f840a4f8c646c80293&cmd=bid&secure=1
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 13a786fdabb8f6a7dd3ffdb3c24599fc0a639c434b47f10cb3d7088abc13471f

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Apr 2021 10:44:58 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://hinative.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
371 B 460ms
133ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=614596&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22879dd8becc71d83%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228879e225026efcb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22614596%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2289d1230c6a33cb4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22614604%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22909a278865cdeab%22%2C%22ext%22%3A%7B%22siteID%22%3A%22614602%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2291030a2a901d167%22%2C%22ext%22%3A%7B%22siteID%22%3A%22614323%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22924c580daaebc79%22%2C%22ext%22%3A%7B%22siteID%22%3A%22614590%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2293b084c9ffad92f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22614594%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e7d76c60c8718d37f86a38e8336e2339e54e2f3129ae7cc4ff248ce591dd06bb

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:44:57 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[FR], RC:[IDF], CN:[EU], CIP:[82.102.18.251], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://hinative.com
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 28
expires: Fri, 16 Apr 2021 10:44:57 GMT

OPTIONS
H2 200 bid
prebid.flux-analytics.com/analytics/v1/ Frame 0
0 307ms
247ms Preflight
text/html 35.186.217.60
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.flux-analytics.com/analytics/v1/bid
Protocol: H2
Server: 35.186.217.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.217.186.35.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://hinative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: Express
access-control-allow-origin: https://hinative.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, set-cookie
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
allow: POST
content-type: text/html; charset=utf-8
content-length: 4
etag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
date: Fri, 16 Apr 2021 10:44:59 GMT
via: 1.1 google
alt-svc: clear

POST
H2 200 bid Show response
prebid.flux-analytics.com/analytics/v1/ 73 B
383 B 427ms
377ms XHR
text/html 35.186.217.60
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.flux-analytics.com/analytics/v1/bid
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.217.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.217.186.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 06692a5ddac9769d576a854810abe23b76d6065cda8cd03aa71aff953d27f63b

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Apr 2021 10:44:59 GMT
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, set-cookie
x-powered-by: Express
etag: W/"49-17muHBW2Uq/beRvxRFhkfbZ6svs"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hinative.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 73

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hinative.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Apr 2021 10:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hinative.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Apr 2021 10:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 394 KB
68 KB 852ms
851ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=107296684125163&correlator=2153636796163011&output=ldjh&impl=fifs&eid=31060806%2C31060412%2C31060706%2C31060830%2C31060831%2C31060832&vrg=2021041201&ptt=17&sc=1&sfv=1-0-38&ecs=20210416&iu_parts=2914035%2CQuestionsShow_LayerTop_Pc%2CQuestionsShow_SideTop_Pc%2CQuestionsShow_SideBottom_Pc%2CQuestionsShow_AnswerLast_Left_Pc%2CQuestionsShow_AnswerLast_Right_Pc%2CQuestionsShow_Bottom_Pc&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%2C300x250%2C300x600%2C300x250%2C300x250%2C300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1618569899&dt=1618569899271&dlt=1618569896762&idt=480&frm=20&biw=1600&bih=1200&oid=3&adxs=241%2C1039%2C1039%2C273%2C639%2C474&adys=72%2C72%2C338%2C3083%2C3083%2C3465&adks=43507412%2C182112003%2C2536648641%2C1610367651%2C2552291554%2C3211071290&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027&vis=1&dmc=8&scr_x=0&scr_y=0&psz=766x90%7C320x250%7C320x600%7C336x250%7C336x250%7C300x250&msz=728x-1%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C300x-1&ga_vid=1216605840.1618569897&ga_sid=1618569899&ga_hid=578196602&ga_fc=false&fws=4%2C4%2C516%2C4%2C4%2C4&ohw=766%2C320%2C320%2C336%2C336%2C300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

241d8e3fdf13d19e35f50866ebb6e9a6a27bdb3fb4c6da0a698dbd94dc763ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69815
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hinative.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 29ms
13ms Other
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 66ms
23ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:44:59 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 17 Apr 2021 10:44:59 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7756 0
150 B 65ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=hinative.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=hinative.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinative.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinative.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1427
date: Fri, 16 Apr 2021 10:44:59 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 65ms
23ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:44:59 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 17 Apr 2021 10:44:59 GMT

GET
H2 200 container.html Show response
4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 22FB 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinative.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinative.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 16 Apr 2021 10:44:59 GMT
expires: Sat, 16 Apr 2022 10:44:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AF6A 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinative.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinative.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 16 Apr 2021 10:44:59 GMT
expires: Sat, 16 Apr 2022 10:44:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4AA6 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinative.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinative.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 16 Apr 2021 10:44:59 GMT
expires: Sat, 16 Apr 2022 10:44:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA80 6 KB
3 KB 18ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinative.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinative.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 16 Apr 2021 10:44:59 GMT
expires: Sat, 16 Apr 2022 10:44:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C11 6 KB
3 KB 14ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinative.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinative.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 16 Apr 2021 10:44:59 GMT
expires: Sat, 16 Apr 2022 10:44:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9482 6 KB
3 KB 9ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinative.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinative.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 16 Apr 2021 10:44:59 GMT
expires: Sat, 16 Apr 2022 10:44:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423639646658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 18ms
18ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca5bee3cce9cd1eeafe3595225255823e2d0db86968da1355fbc34c39d2da3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Apr 2021 10:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6956
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FB3C 624 B
585 B 16ms
16ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGNzg66MBMAE&v=APEucNUL7H9I-zGxjNpxuRiaiBxXs-nQwH60DGZgRBHLiHo5N6IgpWxj6LeAo7K2WAhOfUVaUTzHU6DZ1PKN_oN8zCIY-x5Rz-st6YR057z_yV7yZY0e_NDUjzuVJ-pDp5Wo3hoJUaOSxb2F8QGP6O4ZcJNaeatxpfdPypo6Lz4R0f0HwLWQyw0h8gPmHGUCvuhMRTrV7gM_5adj9xx9_OctyA7kj7Mf0Q

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJPMTBDsufUCGNzg66MBMAE&v=APEucNUL7H9I-zGxjNpxuRiaiBxXs-nQwH60DGZgRBHLiHo5N6IgpWxj6LeAo7K2WAhOfUVaUTzHU6DZ1PKN_oN8zCIY-x5Rz-st6YR057z_yV7yZY0e_NDUjzuVJ-pDp5Wo3hoJUaOSxb2F8QGP6O4ZcJNaeatxpfdPypo6Lz4R0f0HwLWQyw0h8gPmHGUCvuhMRTrV7gM_5adj9xx9_OctyA7kj7Mf0Q
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 16 Apr 2021 10:45:00 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUlgvlvo_9nTCcwOKsAFg_yYyVcH6D68blkNst0cZ09aR5zGEPZNGCebQukq; expires=Wed, 11-May-2022 10:45:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 22FB 111 KB
39 KB 30ms
5ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4755
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Apr 2021 09:25:45 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/ Frame 22FB 6 KB
3 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:38:23 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 22FB 17 KB
7 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:42:20 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 22FB 42 B
63 B 79ms
79ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C3yRpwkwVaS0hA3o3arBpVjht4_ci98pxZ66y-pP3CTru8XKtXywvD4J9EXTmBiPPkyucnukad8yX0vK339U4yEbG5ZDOpkV5gX8GAYNs3pyHTxaM

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 22FB 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:43:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22FB 118 KB
36 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 22FB 13 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:43:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 22FB 0
0 14ms
14ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSegkGPNHTcOT57YB-mbLSaEO3yE9BFFkHTa18vJOLThQM-9HrKPDzqc_uc8-3y14Vq87cOdJMQgmcFdwr-hfJpnGyMlQ
Requested by: Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F463 624 B
560 B 18ms
17ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGK_Y66MBMAE&v=APEucNU50JRcLVAOvcE2XxD_uukepTf7yV4abfEA6ONsVDCw2LRMf91SNr3OZ7ytqThrb63SgdZrkAKokzM92Q43P6rHSTK1y2Nxmo6Zqwk_9umPGNSLK6QsQjFd4lCYrHnA1x_Ei1mmXw7bKHsZgzbuOEbPyPhkQqN5mCur4ip8Xgz8F5PEEhlAPnfJxSotGEuTYgYfIcklwZaSBtEnoNtHA0PEah9CzA

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJPMTBDsufUCGK_Y66MBMAE&v=APEucNU50JRcLVAOvcE2XxD_uukepTf7yV4abfEA6ONsVDCw2LRMf91SNr3OZ7ytqThrb63SgdZrkAKokzM92Q43P6rHSTK1y2Nxmo6Zqwk_9umPGNSLK6QsQjFd4lCYrHnA1x_Ei1mmXw7bKHsZgzbuOEbPyPhkQqN5mCur4ip8Xgz8F5PEEhlAPnfJxSotGEuTYgYfIcklwZaSBtEnoNtHA0PEah9CzA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 16 Apr 2021 10:45:00 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUkC7C5_RYlSkFwuzfALYfYXupIhMxKZJmOBG35ffJDm6_yK42ZqTSvMQs8R; expires=Wed, 11-May-2022 10:45:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame AF6A 111 KB
38 KB 29ms
13ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4755
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Apr 2021 09:25:45 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/ Frame AF6A 6 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:38:23 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame AF6A 17 KB
7 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:42:20 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF6A 42 B
63 B 19ms
17ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5l3E-iPWRc4GVVJj7iUv9522FRQZ0Ze0il_slzHBgTa5ZCTOcn5NDyExl24_HbbURwJZFeic-HcKORHKXI-m-VqeEuKR3vL1JVVFS1rdzsCZeQIY

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame AF6A 2 KB
1 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:43:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF6A 118 KB
36 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame AF6A 13 KB
5 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:44:49 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame AF6A 0
0 38ms
22ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWhDOa_a3ALkcAe_vk0-PoJdzn8L3Szo2vPPbizL-BJkv3i6DfAw22YXAKfzmML9ARalL_0a3xXQidkyMn-vtS160ECQ
Requested by: Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 31b4ea2bd2a51d39610fc8aa214e4119.js Show response
www.gstatic.com/mysidia/ Frame 9482 6 KB
3 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/31b4ea2bd2a51d39610fc8aa214e4119.js?tag=client_fast_engine_2019

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1152be785978aa809034ab61de86ce4d03c5a301c95e96995e336d2462832a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 02:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 01:23:38 GMT
server: sffe
age: 30802
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2779
x-xss-protection: 0
expires: Thu, 15 Jul 2021 02:11:38 GMT

GET
H2 200 b2ad9e2117aedd5ce941a2862458374c.js Show response
www.gstatic.com/mysidia/ Frame 9482 142 KB
52 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0fd989ea582357754166789b3e0a896f231d21f237a6356671492f4b2bec8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 02:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 30802
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53415
x-xss-protection: 0
expires: Thu, 15 Jul 2021 02:11:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9482 3 KB
675 B 19ms
12ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 10:18:24 GMT
server: ESF
date: Fri, 16 Apr 2021 10:45:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 9482 1 KB
909 B 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:29:52 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 9482 17 KB
7 KB 28ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:34:56 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 9482 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:43:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9482 118 KB
36 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 9482 13 KB
5 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:44:49 GMT

GET
H3-29 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame 9482 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 09:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 175859
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Tue, 13 Jul 2021 09:54:01 GMT

GET
H2 200 31b4ea2bd2a51d39610fc8aa214e4119.js Show response
www.gstatic.com/mysidia/ Frame DA80 6 KB
3 KB 32ms
28ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/31b4ea2bd2a51d39610fc8aa214e4119.js?tag=client_fast_engine_2019

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1152be785978aa809034ab61de86ce4d03c5a301c95e96995e336d2462832a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 02:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 01:23:38 GMT
server: sffe
age: 30802
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2779
x-xss-protection: 0
expires: Thu, 15 Jul 2021 02:11:38 GMT

GET
H2 200 b2ad9e2117aedd5ce941a2862458374c.js Show response
www.gstatic.com/mysidia/ Frame DA80 142 KB
52 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0fd989ea582357754166789b3e0a896f231d21f237a6356671492f4b2bec8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 02:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 30802
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53415
x-xss-protection: 0
expires: Thu, 15 Jul 2021 02:11:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DA80 3 KB
652 B 19ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 10:14:49 GMT
server: ESF
date: Fri, 16 Apr 2021 10:45:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame DA80 1 KB
909 B 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:29:52 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame DA80 17 KB
7 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:34:56 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame DA80 2 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:43:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA80 118 KB
36 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame DA80 13 KB
5 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:44:49 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame DA80 0
0 15ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRG3o5-q9mKu66un95Pd44-0wnfNnRtau0GSwlFuO4EqIGHi4ZrHhhsoTNj6fPrUXK_E2C-KC6djGSs_AzGdgXtCMTqAw
Requested by: Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame DA80 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 09:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 175859
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Tue, 13 Jul 2021 09:54:01 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0615 640 B
316 B 31ms
27ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGLfh66MBMAE&v=APEucNVcv7pMS-nhcTLTXHllaMk0znSUfTyFxz7J1YWjVmtsABVlAhFyQpAD6Z27fbdmAI2cRmPPlE4E3IRD3jFHhlz_bRZ-gzjOaRtPU_HYYKnqr7ch2op_O4_4aOVXN6m8nazA6rhKBotHcjzInfOoq-Rt7JpV8WRnsOctuveNvkyaDju0QwR1zzEEhPq0_j2SE8JPXXLQWUd8_JOxfn_d3_7ndSjndw

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJPMTBDsufUCGLfh66MBMAE&v=APEucNVcv7pMS-nhcTLTXHllaMk0znSUfTyFxz7J1YWjVmtsABVlAhFyQpAD6Z27fbdmAI2cRmPPlE4E3IRD3jFHhlz_bRZ-gzjOaRtPU_HYYKnqr7ch2op_O4_4aOVXN6m8nazA6rhKBotHcjzInfOoq-Rt7JpV8WRnsOctuveNvkyaDju0QwR1zzEEhPq0_j2SE8JPXXLQWUd8_JOxfn_d3_7ndSjndw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlgvlvo_9nTCcwOKsAFg_yYyVcH6D68blkNst0cZ09aR5zGEPZNGCebQukq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 16 Apr 2021 10:45:00 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 4AA6 111 KB
38 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4755
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Apr 2021 09:25:45 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/ Frame 4AA6 6 KB
3 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:38:23 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 4AA6 17 KB
7 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:42:20 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AA6 42 B
63 B 67ms
39ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DlbScEyh5oRlQk7s7FzMYerP6D1vle4faO9Ydou027V8_L8xkhb-91pdfJpYrRoeKJOCzcxsrsxNBNyJaQgs2Vi68Sf5QvFBt3iFaCqy13f7DJnSU

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 4AA6 2 KB
1 KB 26ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:43:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4AA6 118 KB
36 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 4AA6 13 KB
5 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:44:49 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 4AA6 0
0 40ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6_2jYxTNTdWkOets9CIJdfjVmwoWaduIxUlWYdCVc-aQv2FQB736EILLIwsHvl8Jhbq_M4QhYNYaaa6n9Db32yG3mfw
Requested by: Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 31b4ea2bd2a51d39610fc8aa214e4119.js Show response
www.gstatic.com/mysidia/ Frame 7C11 6 KB
3 KB 30ms
12ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/31b4ea2bd2a51d39610fc8aa214e4119.js?tag=client_fast_engine_2019

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1152be785978aa809034ab61de86ce4d03c5a301c95e96995e336d2462832a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 02:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 01:23:38 GMT
server: sffe
age: 30802
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2779
x-xss-protection: 0
expires: Thu, 15 Jul 2021 02:11:38 GMT

GET
H3-29 200 b2ad9e2117aedd5ce941a2862458374c.js Show response
www.gstatic.com/mysidia/ Frame 7C11 142 KB
52 KB 21ms
13ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0fd989ea582357754166789b3e0a896f231d21f237a6356671492f4b2bec8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 02:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 30802
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53415
x-xss-protection: 0
expires: Thu, 15 Jul 2021 02:11:38 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 7C11 3 KB
579 B 31ms
17ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 10:14:54 GMT
server: ESF
date: Fri, 16 Apr 2021 10:45:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 7C11 1 KB
909 B 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:29:52 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 7C11 17 KB
7 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:34:56 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 7C11 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:43:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C11 118 KB
36 KB 25ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 7C11 13 KB
5 KB 17ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 10:44:49 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7C11 0
0 14ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2CRJJB42olB8_gyD8EHAX1wheKbf6D6-WK9b3H7EIR0QCErCYzs7z2yS3OQBpxrXfx3lDwTaekClBnY7-GMXME3PVsw
Requested by: Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame 7C11 25 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 09:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 175859
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Tue, 13 Jul 2021 09:54:01 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5E4E 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinative.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinative.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 16 Apr 2021 10:35:37 GMT
expires: Sat, 16 Apr 2022 10:35:37 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 563
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FB3C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1

43 B
1014 B

110ms
48ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGNzg66MBMAE&v=APEucNUL7H9I-zGxjNpxuRiaiBxXs-nQwH60DGZgRBHLiHo5N6IgpWxj6LeAo7K2WAhOfUVaUTzHU6DZ1PKN_oN8zCIY-x5Rz-st6YR057z_yV7yZY0e_NDUjzuVJ-pDp5Wo3hoJUaOSxb2F8QGP6O4ZcJNaeatxpfdPypo6Lz4R0f0HwLWQyw0h8gPmHGUCvuhMRTrV7gM_5adj9xx9_OctyA7kj7Mf0Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:00 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 16 Apr 2021 10:45:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FB3C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHlqrJ2q2KbYEX7zx4aDSgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1

43 B
894 B

37ms
37ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGNzg66MBMAE&v=APEucNUL7H9I-zGxjNpxuRiaiBxXs-nQwH60DGZgRBHLiHo5N6IgpWxj6LeAo7K2WAhOfUVaUTzHU6DZ1PKN_oN8zCIY-x5Rz-st6YR057z_yV7yZY0e_NDUjzuVJ-pDp5Wo3hoJUaOSxb2F8QGP6O4ZcJNaeatxpfdPypo6Lz4R0f0HwLWQyw0h8gPmHGUCvuhMRTrV7gM_5adj9xx9_OctyA7kj7Mf0Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:00 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 16 Apr 2021 10:45:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame FB3C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJspWn7G-G9Cmu4dtDJBG88&google_cver=1

43 B
1017 B

38ms
37ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJspWn7G-G9Cmu4dtDJBG88&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGNzg66MBMAE&v=APEucNUL7H9I-zGxjNpxuRiaiBxXs-nQwH60DGZgRBHLiHo5N6IgpWxj6LeAo7K2WAhOfUVaUTzHU6DZ1PKN_oN8zCIY-x5Rz-st6YR057z_yV7yZY0e_NDUjzuVJ-pDp5Wo3hoJUaOSxb2F8QGP6O4ZcJNaeatxpfdPypo6Lz4R0f0HwLWQyw0h8gPmHGUCvuhMRTrV7gM_5adj9xx9_OctyA7kj7Mf0Q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:00 GMT
X-Proxy-Origin: 82.102.18.251; 82.102.18.251; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.86:80
AN-X-Request-Uuid: 3233a843-7cba-4aae-b687-711077e164ca
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJspWn7G-G9Cmu4dtDJBG88&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FB3C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0MTQ5MDE1NTAyNjk1MzI3OA%3D%3D

170 B
188 B

49ms
48ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0MTQ5MDE1NTAyNjk1MzI3OA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:00 GMT
X-Proxy-Origin: 82.102.18.251; 82.102.18.251; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.101:80
AN-X-Request-Uuid: efb1ea56-8db5-4706-a7a0-60e08c529b6e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0MTQ5MDE1NTAyNjk1MzI3OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 22FB 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4755
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Apr 2022 09:25:45 GMT

GET
DATA 200
OK truncated
/ Frame 22FB 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df8f27de3d0224c3880364fa79abf192fd6eb2bb58b525d9c78ae72b8cd058b3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AF6A 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4755
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Apr 2022 09:25:45 GMT

GET
DATA 200
OK truncated
/ Frame AF6A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0b73529d7da4c1a8d82598845d35b5dd34f6b0b1d67847df8c0262cba886a1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F463
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1

43 B
1014 B

95ms
45ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGK_Y66MBMAE&v=APEucNU50JRcLVAOvcE2XxD_uukepTf7yV4abfEA6ONsVDCw2LRMf91SNr3OZ7ytqThrb63SgdZrkAKokzM92Q43P6rHSTK1y2Nxmo6Zqwk_9umPGNSLK6QsQjFd4lCYrHnA1x_Ei1mmXw7bKHsZgzbuOEbPyPhkQqN5mCur4ip8Xgz8F5PEEhlAPnfJxSotGEuTYgYfIcklwZaSBtEnoNtHA0PEah9CzA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:00 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 16 Apr 2021 10:45:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F463
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHlqrJ2q2KbYEX7zx4aDSgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1

43 B
894 B

40ms
39ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGK_Y66MBMAE&v=APEucNU50JRcLVAOvcE2XxD_uukepTf7yV4abfEA6ONsVDCw2LRMf91SNr3OZ7ytqThrb63SgdZrkAKokzM92Q43P6rHSTK1y2Nxmo6Zqwk_9umPGNSLK6QsQjFd4lCYrHnA1x_Ei1mmXw7bKHsZgzbuOEbPyPhkQqN5mCur4ip8Xgz8F5PEEhlAPnfJxSotGEuTYgYfIcklwZaSBtEnoNtHA0PEah9CzA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:00 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 16 Apr 2021 10:45:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELyAFlk2jQP2_uQ5JAr1OkU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F463
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJspWn7G-G9Cmu4dtDJBG88&google_cver=1

43 B
1017 B

81ms
44ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJspWn7G-G9Cmu4dtDJBG88&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGK_Y66MBMAE&v=APEucNU50JRcLVAOvcE2XxD_uukepTf7yV4abfEA6ONsVDCw2LRMf91SNr3OZ7ytqThrb63SgdZrkAKokzM92Q43P6rHSTK1y2Nxmo6Zqwk_9umPGNSLK6QsQjFd4lCYrHnA1x_Ei1mmXw7bKHsZgzbuOEbPyPhkQqN5mCur4ip8Xgz8F5PEEhlAPnfJxSotGEuTYgYfIcklwZaSBtEnoNtHA0PEah9CzA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:00 GMT
X-Proxy-Origin: 82.102.18.251; 82.102.18.251; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.90:80
AN-X-Request-Uuid: 3d3a0ac7-2386-45ca-bfba-ef5b1f5e115a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJspWn7G-G9Cmu4dtDJBG88&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F463
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0MTQ5MDE1NTAyNjk1MzI3OA%3D%3D

170 B
188 B

49ms
48ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0MTQ5MDE1NTAyNjk1MzI3OA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:00 GMT
X-Proxy-Origin: 82.102.18.251; 82.102.18.251; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.107:80
AN-X-Request-Uuid: f27f0773-01ee-4f2d-a217-289d85f5b691
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM0MTQ5MDE1NTAyNjk1MzI3OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/12993956206916388090/ Frame AE75 15 KB
4 KB 20ms
7ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ce2229e8f5ded997c947036b18d2433ba635c0c0997da02b8e940d13aab91b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/12993956206916388090/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3863
date: Mon, 12 Apr 2021 22:19:49 GMT
expires: Tue, 12 Apr 2022 22:19:49 GMT
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 303911
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4AA6 0
61 B 176ms
93ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuuFcaUuNUUkLJI0Mw_Yb-aWPVCNx7pLTzWEw7kIw4Cs4pV2-pB-VZkuWp2WSdxXbn5yFLrgsRIRImQXN0AIPtnO5znZJ0DbAJb4_CrED3Eb_mrLKvRxsLhbnupMQJ8hgg7msFoxqj3Srzw7-TLz_txcF-yIkS3q3ZhGPTnQNin2SEtFrvmVkkP8_uwchtQk4ykNcGrDMxifUjfgCe7waE7G0C2ELVDgN_FVi3TgVR2ZpoHEOMJ9g7lpCFt446ANZC9hanabIOL3INq4fE8Rfda4PEXL0pOymTXYfmHSfY32Vo-fxsp6wFMbk8-5oLNHHcIIXS16wZSSzaNsT0YY5Iw70aPv4lr5vXOdvnFHoLaXdIfaWwZg0iWS5vDKxCQz01LZ7tVxc5hNF9BKfPh9Ch4mC32fGOe8oTn8eiUMO4pn8KnMqflP1TCshbBgnO0VRWJMPo-ALeU0GYvqrt2f5-ruN-JYul3U5RO1Egp4PABfAxzAQrsf724skA_uNHXPorEBL2QhvcTq5z43yxkPb_GgbUwNglNHGUNGjpCnhLwvmXFqt1e3kxaH0QNYMEnvMBr2X81LBYYF0Ee9UXSnYU2s0dUwDp6XGKrHs6vOH0zuKNOuzUL5scBimP6e_McBj5QR72vfT0GwhCV2rl_pW-itXfXAspWh8kWyuSJvgsYT9Xw7I4IPBQ9LFnrW-XFLqiQLNtGOxKpASePexxkBotPcnLmu2doKNwbOswvnYNskeFKvA1bM9YfZxcunIhKM-pAlXR1eln_OepWXYpooSBnQxRqYGlYhVW_RNwZx-5B7XtiTx4M74eNqpH3aCCGuQ1ziGuAcFtNNivooZ3wZYWZoh3ov6XtL1mbXapjLhi1fzuWGaj1XCiHQKTUY2LBkuQW3-_j2cX75hMZVUxn5sxhrBOwIbyKpBUjKBRK1T-VNE0-VnJnMxZV06pCr_MvkpeLkVgHzrryfLJKDFP8HJokqsQ9K163FFks_Zsn07CWMvvncP09z4-jlHxX37vmLKzKKxLhEkdCIrtrCNagka2VvyHXOB92M6I3Ql16jz7doDV_AIDtBHOqiuzI24SYT1E9&sai=AMfl-YTfSEiC7JdRmOaFC0_3dr22g4vW3wA5cN9UdAOQWcWWuofuTpe1YbGvKx_4BqLp6rIoJwtrHvneTjyCwpazP-tAsftBv6gnQQYK3q0--Dy7TRmjytKFEPAzdN4sOM7rbjDH6A1ETMU1Qr2EnZ4ROCToLAFLR4YQlCKbU8IMeUrRFzYQxUtPnOZcQA-uKKZaIBtuH9b93MzRVVH09CDzY5C7mHDHWN9yEUAb7McbITSskzNLNs3wfabo0atrzGuDOMuz6Qn2vbyBGsz-rfzNL5WTQr4FeWbP2L-FTLoGyxGbRs7TZN0J1W_8UyUt6iGqwI-bn7QLcx3elIAqjponPPDrEnUiu03VZh6RBOeU0e9in0w2g7rxcatrfomk7UJDLA&sig=Cg0ArKJSzE14cVtYntCGEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&cbvp=1&cstd=195&cisv=r20210414.95387&adurl=

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 16 Apr 2021 10:45:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14058833932904472632/ Frame 9482 2 KB
2 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14058833932904472632/downsize_200k_v1?w=100&h=100

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa5ade5e4cfbbfdc9ae3676242aa9a18ac6d69a5014a6514510e24214fc7b4c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:07:25 GMT
x-content-type-options: nosniff
age: 117455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2156
x-xss-protection: 0
last-modified: Thu, 24 Oct 2019 15:18:36 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:07:25 GMT

GET
DATA 200
OK truncated
/ Frame 9482 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/14733310612648059221/ Frame 7E58 14 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14733310612648059221/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aad518a9e4db9e9a4aece22d6a51551aac4f6cd95e5b5f4cac708c98c1c8c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/14733310612648059221/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3793
date: Mon, 12 Apr 2021 22:02:10 GMT
expires: Tue, 12 Apr 2022 22:02:10 GMT
last-modified: Fri, 09 Apr 2021 16:51:03 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 304970
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 22FB 0
61 B 168ms
110ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyhe8d6AWkRgbLfzoZVUcU5xH0gjVsBfV3pTmkAXKuuwK29MjTDqT4GTyxQDiai7gEKk7uunlHYFWVqEzFW29J-0-Nk4Uu7UckWhEAHKYoq5wNRHZHMZWCmh8djrGqHxcC6Cc0ZAewVogqlQ_EpjXvDXz9_H2m0yqHkSQQEUIJxVPGoVzXeclgFfX2nzrB948UzcKU4DrfhLAeClsYaTGl0zKBhv5I8MetOPW5uaE9e69htGC2Gl9o4feyBlKOxBbO4cWyYdQ7dhYvBCIH5Ny0rw1XwoCtqD-3I3tRiqYHlJh730FxtCO5Xa6R2IK9gS0nOaoIDD8FFMJ3VXaAKHfPq5lkyVxgRWVtvGY2tNA9BDVydBh1hx1HBx_8UdqNtKso0h5AOkgHPoA5xXrRHX7p9ZQLGd8dRQdc8hpojABapWojfaeoExZ-zJUH6bxe4KAGDQbYx6mGwkGobliXDvOzS4Z3zR7PKXanZ4UzBOR3Vr7GnNIbDYrSFuUcjb8HQ-Gl80LqLzdama5hZVnVRp5fYNzMiY8N3VrFV9ztis8HbibLyX5daQcofKbM0lt1rpnqaP_QiNVi2MQ9rCSzqggdSWqo3U-fJOTaOI_vf2N9Q_9ie-3KeOHDxPmi-VPeEX73PeWwOXyebb1rPLO4qCIMOy_eeoczUvpYNR4C90p0yvsGxFOVkQ3vaLLcG1T0Hb_eqAmWCtAyjiaaDY6WMD9bymQxetj1BWfr7h5FAMhPRmdfmZh5GNk_u31Yw7GJC7crZA0kb9TC6it3uViXJoo10a4mjk5SSX9CdCIkex9hi40Wgn0fZ8-m3IKE6FQjxm0oQ-97M7pdyKVMp8k3T8gK5lnKkDzUFFpAqaeRJJVSe5TTnV9pMe2LNBNYMiww1Wy-EamdoJ1GCUV0C2ykd08HUfO77rfxydLAYuvqoPbLMZhdiKlFpVBlAhrGu6c7f1aYlhS_1tSXkCq2Gguw5NIm5rCKIdr6H6Idkwwrw6eXvCx4NyiCnUWqQWQEfvsNimitbnwRQPiHZvwKv3dtDMYUNfzlkQUL1Q3BAsQanVOQZ6qNw9TdsuxPb5dCbQ&sai=AMfl-YSqgJzaenG3PZAhCGkp_KspPoZdr-yUbgiM88-5per8CFnMxk_ynflsWZ4oVirWIRGAsZ5-gUalp0bgd7jp3VOlqf1dBrixl6ayeFRvtX5hJtSdnvq5alzupgTKg2IVU89Ex3TGV77GWq1QBYwR2ugmju86ogrnEqJ4s9TXOuiraEGWFQoAX3_ijSC4AFz2ZakXKPxBw_fyFUBj3HvTGCeAHHS2PWdqfOGPX9Qjr-90SGD0UhpOrkQGdjaBCx3JoOU0ehNpkLd6fe1UdH3VdvS7zQE-8LuQ6YHqu_Gw7wknSyClFz20OfayEFZUkI0hmA1SKdNsDtGUKUxpCv4qmb7miSUdRmlS0Hq1rSpE9wIk2kph8kABTag7xk9vGkHtIA&sig=Cg0ArKJSzOdlWVhfQEPVEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=246&cbvp=1&cstd=244&cisv=r20210414.80544&adurl=

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 16 Apr 2021 10:45:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/13466617929429450390/ Frame 1AC2 15 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fdc252a38284481f22cbb240b401260d7dd6c44345db96bd9577f8374e59f2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/13466617929429450390/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3831
date: Mon, 12 Apr 2021 22:03:12 GMT
expires: Tue, 12 Apr 2022 22:03:12 GMT
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 304908
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AF6A 0
575 B 88ms
50ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyLs-XpGGbHn9_J_bgCM2fhKOA0INYQAAm0Flb5e3j6sgHLVn0jewVQLfHsZVcno2n3gworn_P3XTwqUF__iciazys2ZlpaGdvbsexX6TKveWMd70VPbdlX7MeDZK7YAoJPI8ihQeHTEuYIQnScD7sw5iIAFvpoBRWF_VvIFz761_M8VElDuYIF0QeALaaKkKkLbtZROOEVrQbduV1x1JEdvxHjzUC-0NBtf2-9qX93ohXOfqk4XQPb6_KPS9B3Ih6aUcfNuIPHcqGZk3RukuoofKoK6gTKwYJddqnf2cxZmmx5YMC92BZI4ggjyvt0lm5PVthOAilLAoP7egEik28BNzuCKOYx8N9Fx3iSR4lSDjY2ftHFlro7H5qq4PECQ4hIGwXM2QhfT1PAGFhcr8IlrJmkVdhoMkVJh6XSfl53uCjw7TlsSNV4QmupaDw3m0WrUpudhqpax39IjbFw_Gpo6VZjKjuYSOJBzr02RF8oU1LCFv3U6bYBw8Imm0Kw7W3aMqJdW5B1uktpeY_YP81e15wkL9K1VI1RMdACNltWCWNOpV0wPwDefoW5xfvEg75ICpR0cTNHXJPs2XYPf6Vd195Zs4QeKFzXVGJEqECaa60Q-0KtBT5DEBB7PAsGA5mZEGra59gjV9T8RyCjzKIHTSXTbKAyG1u7_N1fhaklkmF0lKDu6srKTkUkGMkzqC2KcXmr86c2ZFeCzu_heBamnR734nIctqvDZLzgxVb1j1voZHVbUFhM3OCSaCLpIDBCIJ7-vaN9DDJq9A-_ZgC4V2c2wmWvjvIpoqjF3qXj8OJP7-GW6XzwR1fGIlp8RWxllQx72n7RnIgUaHLd6IK5MyIaJkd181ZmvjcbLoffMtSgwYXtGwXl94e6Hbz77QpaLSyl-mTaLCsUUO0kDqnOCoEIoY0LC5Ti_0VY3YpGd-iIDeSaGjNvVrDhoeTsxQuYQQqGi7l9zPj2l0sz_WUR92_KzI0EpAO4xJvfcehOprkFdZbHbrz6pSyWzrMIG0MfVrFxTD0XR5T5IpNOyNwGDi3ZPEqxeXdOESCTbLVS9YhcfRP2QC___DavEIt2AiFkAXWIw&sai=AMfl-YQRf21v6IS-9DmQtw4vcU-BGPV-7Bt5OmJIpbUZ4B1unFSFCYvFiOOzmkeYxdyC6aErRBESQfAfkTA2DgLAqugk7OKQN9SUDkfVvzhSbiJeT6Ky05WmkbQ7uqMwkEqnSgvQhZ9Xdb1Ny6OS-pYWK4EzS1AktlAHWxftp1o30PSM8L-khpzWnjY5ua4DFsOw4fQAUK5zF9nJ0gFyZwAMIFajdmL_zwxTXqUTuM8-sjzMNWGL52Xt5Dy5DxKkMCXYyveH8KFntqcImyt7W0jT3T3v3cc1-H1OgKdMnVSIPBLFlero1aH_QTSWUJ1UIHJMPnVvcRhCaYQi94OEuO2TzptN05aMGCNPiM-b1MDmOxa771ymEoFKZWrjQsyU6moJhg&sig=Cg0ArKJSzKF1ZwqBjI9uEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=256&cbvp=1&cstd=255&cisv=r20210414.78455&adurl=

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 16 Apr 2021 10:45:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame 9482 0
331 B 72ms
36ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knk6q86k&c=5188192853828&slotId=2594096426914&qqid=CM38kt_KgvACFQ76dwod81ALMQ&sei=44729911%2C44730425%2C44730426%2C75259407%2C75259408&nsei=44714510%2C75259405%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10360149475154998457/ Frame 9482 92 KB
92 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10360149475154998457/downsize_200k_v1

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a19b71be634139449585d1be218402fe89225920666324d12681a1c81d01649e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:04:25 GMT
x-content-type-options: nosniff
age: 117635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94624
x-xss-protection: 0
last-modified: Wed, 07 Oct 2020 12:36:31 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:04:25 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9482 0
0 46ms
45ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzD0wq2p5YI37E4703wPzoa2IA8aWqYFizPq_hfcLloLNhYgWEAEg7_fcB2D7gYCAiAqgAePknbcDyAEJqQKfm2xSlDOyPuACAKgDAcgDCKoEhAJP0OsayYb-cWrl31RQvH8fKUDxsK6fk-SkJbeMtMbwZNv37BQFiPgvfRNAHf30MDeuEcgr0GXpLYPuX7p9hG92CDjsQhAWzDFw2uT-nARqjzXpv2r5ajxU7sETX8C-wO-gA0rIaSoW3juOpqljqAZ9ZgtkY0KEsg6nwAFqTHWLBviGk1Em_pK8iW70Ens3PTRufBIH9OmHQbh2jQZKMppbv7PN8wFywG7shLOMIMW8qwCyfjmDFQHCw2x7nk4MI9rX1h8o5QKdd0nctWvF2wUm5YR9tBbgGepB9wIJRmYIp8p4_EaSoqfWpoxD9jwXiMATnQFaasuh9hUtqycoP3wLHwjLzMAE3J-w27wC4AQBkgUECAQYAZIFBAgFGASgBi6AB4Wb4kioB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ9v0D0ggJCIjhgBAQARgdgAoByAsB2BMMiBQGshcaChgIABIUcHViLTY3MTc4NDAxOTgyNjYwNTY&sigh=JJPMih4HlQ4&template_id=3484
Requested by: Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0615
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFDoq3yjFUsx6l_CFJhaF_8&google_cver=1

43 B
180 B

29ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFDoq3yjFUsx6l_CFJhaF_8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGLfh66MBMAE&v=APEucNVcv7pMS-nhcTLTXHllaMk0znSUfTyFxz7J1YWjVmtsABVlAhFyQpAD6Z27fbdmAI2cRmPPlE4E3IRD3jFHhlz_bRZ-gzjOaRtPU_HYYKnqr7ch2op_O4_4aOVXN6m8nazA6rhKBotHcjzInfOoq-Rt7JpV8WRnsOctuveNvkyaDju0QwR1zzEEhPq0_j2SE8JPXXLQWUd8_JOxfn_d3_7ndSjndw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
via: 1.1 google
server: OXGW/16.205.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFDoq3yjFUsx6l_CFJhaF_8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0615
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGQwYTAxOTgtNmNhNS0yMDQzLWMyYWUtYTZiZTU3MTFiYmRm

170 B
188 B

41ms
40ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGQwYTAxOTgtNmNhNS0yMDQzLWMyYWUtYTZiZTU3MTFiYmRm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGLfh66MBMAE&v=APEucNVcv7pMS-nhcTLTXHllaMk0znSUfTyFxz7J1YWjVmtsABVlAhFyQpAD6Z27fbdmAI2cRmPPlE4E3IRD3jFHhlz_bRZ-gzjOaRtPU_HYYKnqr7ch2op_O4_4aOVXN6m8nazA6rhKBotHcjzInfOoq-Rt7JpV8WRnsOctuveNvkyaDju0QwR1zzEEhPq0_j2SE8JPXXLQWUd8_JOxfn_d3_7ndSjndw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 16 Apr 2021 10:45:00 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGQwYTAxOTgtNmNhNS0yMDQzLWMyYWUtYTZiZTU3MTFiYmRm
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 0615
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKj1j62aQL_MP7X-vYT5EZs&google_cver=1

23 B
172 B

56ms
56ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKj1j62aQL_MP7X-vYT5EZs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPMTBDsufUCGLfh66MBMAE&v=APEucNVcv7pMS-nhcTLTXHllaMk0znSUfTyFxz7J1YWjVmtsABVlAhFyQpAD6Z27fbdmAI2cRmPPlE4E3IRD3jFHhlz_bRZ-gzjOaRtPU_HYYKnqr7ch2op_O4_4aOVXN6m8nazA6rhKBotHcjzInfOoq-Rt7JpV8WRnsOctuveNvkyaDju0QwR1zzEEhPq0_j2SE8JPXXLQWUd8_JOxfn_d3_7ndSjndw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 16 Apr 2021 10:45:00 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEKj1j62aQL_MP7X-vYT5EZs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0615
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjcxNzc1YTktMTVmMi00MjQyLTgwMjgtMjgyY2MzYzllZTkw

170 B
188 B

40ms
39ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjcxNzc1YTktMTVmMi00MjQyLTgwMjgtMjgyY2MzYzllZTkw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
server: akka-http/10.2.3
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjcxNzc1YTktMTVmMi00MjQyLTgwMjgtMjgyY2MzYzllZTkw
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4AA6 41 KB
15 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 09:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4755
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Apr 2022 09:25:45 GMT

GET
DATA 200
OK truncated
/ Frame 4AA6 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d3b8caa08f7aa4a413c0223ba7caa801a4ffb28d4b26b3ecbcf7f7a9adf0ea6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14058833932904472632/ Frame DA80 2 KB
2 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14058833932904472632/downsize_200k_v1?w=100&h=100

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa5ade5e4cfbbfdc9ae3676242aa9a18ac6d69a5014a6514510e24214fc7b4c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:07:25 GMT
x-content-type-options: nosniff
age: 117455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2156
x-xss-protection: 0
last-modified: Thu, 24 Oct 2019 15:18:36 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:07:25 GMT

GET
DATA 200
OK truncated
/ Frame DA80 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3848668358094012378/ Frame 7C11 3 KB
3 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3848668358094012378/downsize_200k_v1?w=100&h=100

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae9d1b5881713e062fec4d967c72a8faa1a5a5ef8a060f7f08633d7c31ba0f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:04:58 GMT
x-content-type-options: nosniff
age: 434402
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3371
x-xss-protection: 0
last-modified: Wed, 20 Jan 2021 11:58:06 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Apr 2022 10:04:58 GMT

GET
DATA 200
OK truncated
/ Frame 7C11 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

206
Partial Content

videoplayback
r3---sn-4g5e6nz7.googlevideo.com/ Frame 9482
Redirect Chain

https://r3---sn-25ge7nzs.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YPXLAdvjgAeUyYHQBA&ip=82.102.18.251&id=e40b9471d1c37e95&itag=18&source=youtube&requiressl=yes&mh=uF&mm=31&mn=sn-25ge7...
https://r3---sn-4g5e6nz7.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YPXLAdvjgAeUyYHQBA&ip=82.102.18.251&id=e40b9471d1c37e95&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...

534 KB
534 KB

21ms
7ms

Media
video/mp4

2a00:1450:4001:65::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nz7.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YPXLAdvjgAeUyYHQBA&ip=82.102.18.251&id=e40b9471d1c37e95&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=6.060&lmt=1582199896356425&txp=2216222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgcZ1SFOdd4pBX54--J21GdiVbtwuFnGVsaZN_L6tbgiICIH1BLUICUa_TWvIe2FfpLHUKyYjDlbvbLQo8kuy5cYcZ&redirect_counter=1&rm=sn-25gkr7s&req_id=5bf5bc0e4d5436e2&cms_redirect=yes&ipbypass=yes&mh=uF&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nz7&ms=au&mt=1618569427&mv=m&mvi=3&pl=47&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgIJcGZoUcRsfdwT7glgDmKuIiEyYe0F4rnCURMh9Ta-ICIQC_ULHkBGysJ9zu6QhG6ONrGmV4Ohg_IV5PaQco74Jbtg%3D%3D

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:65::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8666ce5927ea693026d10c34099685f4cf55f4ad29127be9cf2ff70282c7fdb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 10:45:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 11:58:16 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-546318/546319
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 546319
Expires: Fri, 16 Apr 2021 10:45:00 GMT

Redirect headers

Date: Fri, 16 Apr 2021 10:45:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://r3---sn-4g5e6nz7.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YPXLAdvjgAeUyYHQBA&ip=82.102.18.251&id=e40b9471d1c37e95&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=6.060&lmt=1582199896356425&txp=2216222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgcZ1SFOdd4pBX54--J21GdiVbtwuFnGVsaZN_L6tbgiICIH1BLUICUa_TWvIe2FfpLHUKyYjDlbvbLQo8kuy5cYcZ&redirect_counter=1&rm=sn-25gkr7s&req_id=5bf5bc0e4d5436e2&cms_redirect=yes&ipbypass=yes&mh=uF&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nz7&ms=au&mt=1618569427&mv=m&mvi=3&pl=47&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgIJcGZoUcRsfdwT7glgDmKuIiEyYe0F4rnCURMh9Ta-ICIQC_ULHkBGysJ9zu6QhG6ONrGmV4Ohg_IV5PaQco74Jbtg%3D%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
DATA 200
OK truncated
/ Frame 9482 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c07a899d01c4a24bbbfddc06be70e125e28fadfdc1052cb3bf66d82e60653e39

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 csi
csi.gstatic.com/ Frame DA80 0
17 B 89ms
37ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knk6q89e&c=5838737528654&slotId=2919368764327&qqid=CMv8kt_KgvACFQ76dwod81ALMQ&sei=44729911%2C44730425%2C44730426%2C75259407%2C75259408&nsei=44714510%2C75259405%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10360149475154998457/ Frame DA80 92 KB
92 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10360149475154998457/downsize_200k_v1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a19b71be634139449585d1be218402fe89225920666324d12681a1c81d01649e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:04:25 GMT
x-content-type-options: nosniff
age: 117635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94624
x-xss-protection: 0
last-modified: Wed, 07 Oct 2020 12:36:31 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 02:04:25 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DA80 0
0 50ms
50ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0QAdq2p5YIv7E4703wPzoa2IA8aWqYFizPq_hfcLloLNhYgWEAEg7_fcB2D7gYCAiAqgAePknbcDyAEJqQKfm2xSlDOyPuACAKgDAcgDCKoEjQJP0FqNXkS_gFvAn_-h_c69EhtBp8S2u2bqr3gQIyhcLONfw8f4cl34-vflXAw_3_7VO8tVwSf64mkqSa__d6nlH-T5oYrS9y-x_gXe2XQPXBlfUIKdsW2sNthBODhq-QBSE1KiXVlVXPpTf7jQ9gvrlt_mmhjeptV7-SpPdRGa2PANPe8zJzjGAP0e48n-FEC7-Wax6_iVPa-w6rmcguKY6iOYSZR1Ox14rjHf9tIcmdT-oxD_iSj1txOBbrK1T25joRuGmHETGk4sTnUUmg1WhL4X46ZZOuZmJBSvY7oiqwyGpnKgbuH-pqEnqlLKdslN5ye9lbynesuCjY8J6N3STJSpEsl88FH62-KxrcAE3J-w27wC4AQBkgUECAQYAZIFBAgFGASgBi6AB4Wb4kioB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ9O4G0ggJCIjhgBAQARgdgAoByAsB2BMMiBQGshcaChgIABIUcHViLTY3MTc4NDAxOTgyNjYwNTY&sigh=Wyxd67M3diY&template_id=3484
Requested by: Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 204 csi
csi.gstatic.com/ Frame 7C11 0
17 B 77ms
37ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knk6q89q&c=1410584029894&slotId=705292014947&qqid=CMz8kt_KgvACFQ76dwod81ALMQ&sei=44729911%2C44730425%2C44730426%2C75259407%2C75259408&nsei=44714510%2C75259405%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16745805981812930678/ Frame 7C11 72 KB
72 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16745805981812930678/downsize_200k_v1

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6039b2cbe3d22cacc7c1aa44b567bffe633a23752326a1c53070e6e7c1c4a2e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 18:10:28 GMT
x-content-type-options: nosniff
age: 405272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73719
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 11:26:46 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Apr 2022 18:10:28 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7C11 0
0 44ms
44ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CC8F2q2p5YIz7E4703wPzoa2IA4ix56Ji7aG3vtgNy7X78IkjEAEg7_fcB2D7gYCAiAqgAYXisJECyAEJqQKQS-jh-hO0PuACAKgDAcgDCKoEmAJP0IC5b0Oc90gCzfjHhvw7qARSIQIykS6m_DNAX3G2utM1xSuR9NtNGY0p7vP9Q3kJtnS7-NgkOGB7rM1BLxMEumEj38IYZ_ED75FNxZvaRmZtE7izn0OmakPUhEvtFsYt9-hi4XA2nUtRSHM584QPQS6kbgmvzioJBBK80rNL8NEwDhgdz_k3U_idPJU-Tt8Lg-Ewh6iNT49Jmn4fmJHWyeEDtoa1oBSRGQThMO8KgyyANkMjy1O8my83RNGiYpWQL0M1ylOWSGk04kf8GJSVScCUjvSThHAHRZyM1YXEKxAz409b-l8dk1fzR7VGJq6gxot3w8tCg2qJv9KaVErTXCw2aHcN6VnCsnZdSJpxeAgmohdI7LX7wATg7P_MvgPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH453P7gGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ6d0F0ggJCIjhgBAQARgdgAoByAsB2BMMshcaChgIABIUcHViLTY3MTc4NDAxOTgyNjYwNTY&sigh=krb762a4UQc&template_id=3484
Requested by: Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6CD7 22 KB
8 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 16 Apr 2021 10:44:46 GMT
expires: Sat, 16 Apr 2022 10:44:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 902B 22 KB
8 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 16 Apr 2021 10:44:46 GMT
expires: Sat, 16 Apr 2022 10:44:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 9482 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14d1a7f7fa4b8ccbabe55b417ddc660997ef1cb5290f94c7f4f39c69bb640fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 13:31:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:11 GMT
server: sffe
age: 76423
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21520
x-xss-protection: 0
expires: Fri, 15 Apr 2022 13:31:17 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 9482 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 434482
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H3-29

206

videoplayback
r3---sn-4g5ednz7.googlevideo.com/ Frame DA80
Redirect Chain

https://r3---sn-25glene7.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YOnFAY-RgAfa9J2YBA&ip=82.102.18.251&id=e40b9471d1c37e95&itag=18&source=youtube&requiressl=yes&mh=uF&mm=31&mn=sn-25gle...
https://r3---sn-4g5ednz7.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YOnFAY-RgAfa9J2YBA&ip=82.102.18.251&id=e40b9471d1c37e95&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...

534 KB
534 KB

18ms
7ms

Media
video/mp4

2a00:1450:4001:3d::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednz7.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YOnFAY-RgAfa9J2YBA&ip=82.102.18.251&id=e40b9471d1c37e95&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=6.060&lmt=1582199896356425&txp=2216222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgWdysIOWeaq-bkWEsNe8ewQu3XlPwSWj40I2BI4EFr80CIQD_WSnNiboGi2SDv7X7389joRvBAnYO1z8jGLZNQ2F6zw==&redirect_counter=1&rm=sn-25gde7s&req_id=e30ff41b42d336e2&cms_redirect=yes&ipbypass=yes&mh=uF&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednz7&ms=au&mt=1618569671&mv=m&mvi=3&pl=47&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAKNKFlyz3ZEONEQSPgnwEQFWpHywKfyDv_dKCMoZgt_iAiEAlc7l5Kpg1Q7Z8h4qiR2zgMupJbOyUWzLcGUnpiAHvec%3D

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:3d::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8666ce5927ea693026d10c34099685f4cf55f4ad29127be9cf2ff70282c7fdb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 11:58:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-546318/546319
client-protocol: quic
cache-control: private, max-age=28500
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 546319
expires: Fri, 16 Apr 2021 10:45:00 GMT

Redirect headers

Date: Fri, 16 Apr 2021 10:45:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://r3---sn-4g5ednz7.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YOnFAY-RgAfa9J2YBA&ip=82.102.18.251&id=e40b9471d1c37e95&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=6.060&lmt=1582199896356425&txp=2216222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgWdysIOWeaq-bkWEsNe8ewQu3XlPwSWj40I2BI4EFr80CIQD_WSnNiboGi2SDv7X7389joRvBAnYO1z8jGLZNQ2F6zw==&redirect_counter=1&rm=sn-25gde7s&req_id=e30ff41b42d336e2&cms_redirect=yes&ipbypass=yes&mh=uF&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednz7&ms=au&mt=1618569671&mv=m&mvi=3&pl=47&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAKNKFlyz3ZEONEQSPgnwEQFWpHywKfyDv_dKCMoZgt_iAiEAlc7l5Kpg1Q7Z8h4qiR2zgMupJbOyUWzLcGUnpiAHvec%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
DATA 200
OK truncated
/ Frame DA80 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ab0272476b634ed9b205e6fce92943fefba351ca9cc9750cc246c2fbaff39d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

206

videoplayback
r2---sn-4g5e6nsd.googlevideo.com/ Frame 7C11
Redirect Chain

https://r2---sn-25glenez.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YKrJAZHO1wLQ_KvQBw&ip=82.102.18.251&id=0db3a64b78c720fd&itag=18&source=youtube&requiressl=yes&mh=A4&mm=31&mn=sn-25gle...
https://r2---sn-4g5e6nsd.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YKrJAZHO1wLQ_KvQBw&ip=82.102.18.251&id=0db3a64b78c720fd&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...

1 MB
1 MB

32ms
10ms

Media
video/mp4

2a00:1450:4001:61::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5e6nsd.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YKrJAZHO1wLQ_KvQBw&ip=82.102.18.251&id=0db3a64b78c720fd&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=33.459&lmt=1611231058319395&txp=6210222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgcQm3lp5xF8qWbaLlXMV-6zvdZ8PPaAufPrXAF_R6bIUCIQCsMEEPVD0xwrDyVyVOWeNpNoii8mBCGjvKNZ-EEdxbfA==&redirect_counter=1&rm=sn-25gkz7l&req_id=2f499cd0ddd636e2&cms_redirect=yes&ipbypass=yes&mh=A4&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nsd&ms=au&mt=1618569427&mv=m&mvi=2&pl=47&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPk1Zs7IiS2FJ4VhWBW97VtJabmjLb4NpHoiRyFlJzW1AiB90Kl8a6PiPY1mEC5LeP0tDJANcbhPf3X7uJKX9WyASQ%3D%3D

Requested by

Host: 4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
URL: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:61::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6deacaf15b0f30663be96662566366a4030205f2289105adc1b856e901e6d133

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Jan 2021 12:10:58 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1379386/1379387
client-protocol: quic
cache-control: private, max-age=28500
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1379387
expires: Fri, 16 Apr 2021 10:45:00 GMT

Redirect headers

Date: Fri, 16 Apr 2021 10:45:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://r2---sn-4g5e6nsd.googlevideo.com/videoplayback?expire=1618598700&ei=rGp5YKrJAZHO1wLQ_KvQBw&ip=82.102.18.251&id=0db3a64b78c720fd&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=33.459&lmt=1611231058319395&txp=6210222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgcQm3lp5xF8qWbaLlXMV-6zvdZ8PPaAufPrXAF_R6bIUCIQCsMEEPVD0xwrDyVyVOWeNpNoii8mBCGjvKNZ-EEdxbfA==&redirect_counter=1&rm=sn-25gkz7l&req_id=2f499cd0ddd636e2&cms_redirect=yes&ipbypass=yes&mh=A4&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nsd&ms=au&mt=1618569427&mv=m&mvi=2&pl=47&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPk1Zs7IiS2FJ4VhWBW97VtJabmjLb4NpHoiRyFlJzW1AiB90Kl8a6PiPY1mEC5LeP0tDJANcbhPf3X7uJKX9WyASQ%3D%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Fri, 16 Apr 2021 10:45:00 GMT

GET
DATA 200
OK truncated
/ Frame 7C11 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9de198aa21f39bc2433bf99366734057a71bdf7d3e1c93faa9f3ceaf833f3ab4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame DA80 21 KB
21 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14d1a7f7fa4b8ccbabe55b417ddc660997ef1cb5290f94c7f4f39c69bb640fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:11 GMT
server: sffe
age: 434482
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21520
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame DA80 21 KB
21 KB 24ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 117718
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 7C11 21 KB
21 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14d1a7f7fa4b8ccbabe55b417ddc660997ef1cb5290f94c7f4f39c69bb640fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:11 GMT
server: sffe
age: 434482
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21520
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 7C11 21 KB
21 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 117718
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C4C3 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 16 Apr 2021 10:44:46 GMT
expires: Sat, 16 Apr 2022 10:44:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bae6a44adeed061f012110472dda185e.js Show response
s0.2mdn.net/sadbundle/12993956206916388090/ Frame AE75 58 KB
16 KB 10ms
7ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/bae6a44adeed061f012110472dda185e.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7168330bfc65f7f8c573c9d28989b70a6924ad208a8ba2b305888b9a736c3e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16264
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:19:50 GMT

GET
H3-29 200 3f13f2a69268b2f31142f9ec0020eec6.js Show response
s0.2mdn.net/sadbundle/14733310612648059221/ Frame 7E58 59 KB
16 KB 9ms
7ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14733310612648059221/3f13f2a69268b2f31142f9ec0020eec6.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06ba26b4755ece0fb20384a6390dcf606779982cf9c170fdafd2a2071aea2f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 00:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16439
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:51:03 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Apr 2022 00:05:40 GMT

GET
H3-29 200 bae6a44adeed061f012110472dda185e.js Show response
s0.2mdn.net/sadbundle/13466617929429450390/ Frame 1AC2 58 KB
16 KB 10ms
9ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/bae6a44adeed061f012110472dda185e.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7168330bfc65f7f8c573c9d28989b70a6924ad208a8ba2b305888b9a736c3e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 23:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125862
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16264
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Apr 2022 23:47:18 GMT

GET
H3-29 200 a1a5ae0822fae023ab4e8b599af2b775.jpg
s0.2mdn.net/sadbundle/12993956206916388090/media/ Frame AE75 121 KB
121 KB 14ms
9ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/media/a1a5ae0822fae023ab4e8b599af2b775.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb206604c783f4e1ba6608862b9cb565a13e7c29925d18bd594c243c98d3b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:19:50 GMT
x-content-type-options: nosniff
age: 303910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124183
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:19:50 GMT

GET
H3-29 200 eb0c61b29bf3e37c673020ce2cb70e22.jpg
s0.2mdn.net/sadbundle/12993956206916388090/media/ Frame AE75 126 KB
126 KB 16ms
11ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/media/eb0c61b29bf3e37c673020ce2cb70e22.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa385535d382144027f72430c09dc6f5a8df30bb1e2e057ad14d198ef64aaec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:19:50 GMT
x-content-type-options: nosniff
age: 303910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129107
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:19:50 GMT

GET
H3-29 200 004b5f758e904295cce432a12b83add2.jpg
s0.2mdn.net/sadbundle/12993956206916388090/media/ Frame AE75 173 KB
173 KB 19ms
14ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/media/004b5f758e904295cce432a12b83add2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd9db2b3c2bda537c2f70e72c13eea5d32e617ae8f75ea165efdf65b5a67d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:19:50 GMT
x-content-type-options: nosniff
age: 303910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 177499
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:19:50 GMT

GET
H3-29 200 6fad6e314c5a54c872fdf8c12e027629.jpg
s0.2mdn.net/sadbundle/12993956206916388090/media/ Frame AE75 93 KB
93 KB 25ms
20ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/media/6fad6e314c5a54c872fdf8c12e027629.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

358e75ae40813fa07846b47995b9d224d0105a58b6c4e1ec4796f6b2c11e528a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:19:50 GMT
x-content-type-options: nosniff
age: 303910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95231
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:19:50 GMT

GET
H3-29 200 09b087754b746463cd8b37f8b20ec2e0.jpg
s0.2mdn.net/sadbundle/12993956206916388090/media/ Frame AE75 95 KB
95 KB 23ms
19ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/media/09b087754b746463cd8b37f8b20ec2e0.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d002f7879a041c7dc85f286274400dd37e3e4450fb13378f35f4c91a50f6e294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:19:50 GMT
x-content-type-options: nosniff
age: 303910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96886
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:19:50 GMT

GET
H3-29 200 c271eb9acac44148b762a20d1571913a.png
s0.2mdn.net/sadbundle/12993956206916388090/media/ Frame AE75 11 KB
11 KB 24ms
20ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/media/c271eb9acac44148b762a20d1571913a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2224fbc10cb214d426eb791aa6d97010280513b0264a3d42d87d4255eaa19a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:19:50 GMT
x-content-type-options: nosniff
age: 303910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11279
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:19:50 GMT

GET
H3-29 200 a5b70d544c89c6c49a9db1306b4a25e9.png
s0.2mdn.net/sadbundle/12993956206916388090/media/ Frame AE75 10 KB
10 KB 22ms
17ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/media/a5b70d544c89c6c49a9db1306b4a25e9.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

716bb0629be1f6a31f3f6af4ca0d07156adbcb7226ef49e6bf8212278637c3c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:19:50 GMT
x-content-type-options: nosniff
age: 303910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10554
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:19:50 GMT

GET
H3-29 200 c01f987f89c3b06c151ed1fea3dcba71.png
s0.2mdn.net/sadbundle/12993956206916388090/media/ Frame AE75 2 KB
2 KB 15ms
11ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/media/c01f987f89c3b06c151ed1fea3dcba71.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa1174a7c4c6696533ee840312b05ff8dd9e183d745d36d72f9c6b1f2b7637f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:19:50 GMT
x-content-type-options: nosniff
age: 303910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1614
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:19:50 GMT

GET
H3-29 200 dec14da0b3f01d41eb6b2fc6346acc1b.png
s0.2mdn.net/sadbundle/12993956206916388090/media/ Frame AE75 3 KB
3 KB 14ms
10ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/media/dec14da0b3f01d41eb6b2fc6346acc1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36e3c64875e18bf03a73f297931f0b2d7bc2ac7bcf8e0f66d29a2b26dd357ce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:19:50 GMT
x-content-type-options: nosniff
age: 303910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3419
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:19:50 GMT

GET
H3-29 200 7ea1e4c53302f5e9d92a3dcf5efee522.jpg
s0.2mdn.net/sadbundle/14733310612648059221/media/ Frame 7E58 24 KB
24 KB 21ms
19ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14733310612648059221/media/7ea1e4c53302f5e9d92a3dcf5efee522.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f47d36468bdc2e7307f13dc8cfbe14203b6a5050918e833534377eb9956989b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:02:10 GMT
x-content-type-options: nosniff
age: 304970
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24946
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:51:03 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:02:10 GMT

GET
H3-29 200 81af8f1c8d0a4bc8365f26fb31d9f15e.jpg
s0.2mdn.net/sadbundle/14733310612648059221/media/ Frame 7E58 17 KB
17 KB 21ms
19ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14733310612648059221/media/81af8f1c8d0a4bc8365f26fb31d9f15e.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5162bcf4e1011a5d8df3cc074fc2e3e848b477f2cca7c94ef449bbcae1c876c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:02:10 GMT
x-content-type-options: nosniff
age: 304970
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17505
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:51:03 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:02:10 GMT

GET
H3-29 200 a1841e8b08e4f0cfa30baf39b3a8914a.jpg
s0.2mdn.net/sadbundle/14733310612648059221/media/ Frame 7E58 26 KB
26 KB 29ms
27ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14733310612648059221/media/a1841e8b08e4f0cfa30baf39b3a8914a.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7f7850d50d36b2e310895503568d179944bedaa5317610f1e2b3f59dfce47d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:02:11 GMT
x-content-type-options: nosniff
age: 304969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26704
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:51:03 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:02:11 GMT

GET
H3-29 200 a80e163515e8dd337ecaeba20fb81ef4.jpg
s0.2mdn.net/sadbundle/14733310612648059221/media/ Frame 7E58 18 KB
18 KB 26ms
23ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14733310612648059221/media/a80e163515e8dd337ecaeba20fb81ef4.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

535dd672ffa99f83adf977282dd1a33b7145b91e35328df5cdc6a4e3f293752d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:02:11 GMT
x-content-type-options: nosniff
age: 304969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17930
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:51:03 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:02:11 GMT

GET
H3-29 200 d292b00d058808046b7348efcd30a530.jpg
s0.2mdn.net/sadbundle/14733310612648059221/media/ Frame 7E58 22 KB
22 KB 25ms
22ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14733310612648059221/media/d292b00d058808046b7348efcd30a530.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7dc1818b192d4cef7ea21ede4002690a5c8e7ed2727386e9980cc232cd43d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:02:11 GMT
x-content-type-options: nosniff
age: 304969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22040
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:51:03 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:02:11 GMT

GET
H3-29 200 4daecbaff09043810262ffa83e41d304.png
s0.2mdn.net/sadbundle/14733310612648059221/media/ Frame 7E58 1 KB
1 KB 25ms
23ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14733310612648059221/media/4daecbaff09043810262ffa83e41d304.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae68a8b34bf4a213b8dcf3c09109065a951e7c9439e5430dc1a42b79c60d4bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:02:11 GMT
x-content-type-options: nosniff
age: 304969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1278
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:51:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:02:11 GMT

GET
H3-29 200 1e969fa47cb4d289066ba57cda042c2f.png
s0.2mdn.net/sadbundle/14733310612648059221/media/ Frame 7E58 1 KB
1 KB 24ms
22ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14733310612648059221/media/1e969fa47cb4d289066ba57cda042c2f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43ac730a0dbe335412c1db0ed794481c5b5f5b471c9666760d1cd5c2a91274ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:02:11 GMT
x-content-type-options: nosniff
age: 304969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:51:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:02:11 GMT

GET
H3-29 200 e95c8ba60e588e2400474e7c30660389.png
s0.2mdn.net/sadbundle/14733310612648059221/media/ Frame 7E58 2 KB
2 KB 28ms
26ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14733310612648059221/media/e95c8ba60e588e2400474e7c30660389.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9fc9f56878928de6d68f6e83b51d75256054f7f05c4d30b18b10248d4c5e07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:02:11 GMT
x-content-type-options: nosniff
age: 304969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2470
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:51:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:02:11 GMT

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E4E 14 KB
6 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 08:19:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 8760
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Sat, 16 Apr 2022 08:19:00 GMT

GET
H3-29 200 a8aace84484a2544e0f249e62b105ddb.jpg
s0.2mdn.net/sadbundle/13466617929429450390/media/ Frame 1AC2 58 KB
58 KB 29ms
12ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/media/a8aace84484a2544e0f249e62b105ddb.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb28083ed9717d0e1541ec0c6521e2bb18e95797c81a646341cd26fae218b67c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:10:55 GMT
x-content-type-options: nosniff
age: 304445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59434
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:10:55 GMT

GET
H3-29 200 a0ffc6db7a979e25355594ca3ad55125.jpg
s0.2mdn.net/sadbundle/13466617929429450390/media/ Frame 1AC2 53 KB
53 KB 26ms
11ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/media/a0ffc6db7a979e25355594ca3ad55125.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d8a7cdea2943b11077cf371e58afedc99b38e288778d2129e5510c453d5bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:10:55 GMT
x-content-type-options: nosniff
age: 304445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53888
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:10:55 GMT

GET
H3-29 200 b9695e824255009f2c546ec651679335.jpg
s0.2mdn.net/sadbundle/13466617929429450390/media/ Frame 1AC2 94 KB
94 KB 33ms
19ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/media/b9695e824255009f2c546ec651679335.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

775e502556a8e04427e9120e315f88a7fad6080b913da183fc200e96f0d3ebe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:10:55 GMT
x-content-type-options: nosniff
age: 304445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96004
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:10:55 GMT

GET
H3-29 200 807884379fd708c4e19df93777f7f6bb.jpg
s0.2mdn.net/sadbundle/13466617929429450390/media/ Frame 1AC2 43 KB
43 KB 30ms
17ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/media/807884379fd708c4e19df93777f7f6bb.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c28ede77a8e618a6527525d90231d67937b8eb47d308ab9c6fc39650328148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:10:55 GMT
x-content-type-options: nosniff
age: 304445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43777
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:10:55 GMT

GET
H3-29 200 4327923f4b8de4ba4e591db2f1a9fe75.jpg
s0.2mdn.net/sadbundle/13466617929429450390/media/ Frame 1AC2 59 KB
59 KB 26ms
13ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/media/4327923f4b8de4ba4e591db2f1a9fe75.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b3aa3c86e5c11afeae88efe48e0bde1523b57d716466f8f58671f1284c969d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:10:55 GMT
x-content-type-options: nosniff
age: 304445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60376
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:10:55 GMT

GET
H3-29 200 a842e6e9a624aa2eac9ca17d3147acd6.png
s0.2mdn.net/sadbundle/13466617929429450390/media/ Frame 1AC2 13 KB
13 KB 26ms
13ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/media/a842e6e9a624aa2eac9ca17d3147acd6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af84b1c3e80ce2c876649e94cbe55745b37b2ac963e32659d56774316df0e661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:10:55 GMT
x-content-type-options: nosniff
age: 304445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13659
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:10:55 GMT

GET
H3-29 200 d3e97f56a42e0719fb846da3d12b838c.png
s0.2mdn.net/sadbundle/13466617929429450390/media/ Frame 1AC2 1 KB
1 KB 27ms
15ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/media/d3e97f56a42e0719fb846da3d12b838c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a329286a927f4f0b9ad1bb7365560a00d2e4feb878f630c0963cfa5eec0f7c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:10:55 GMT
x-content-type-options: nosniff
age: 304445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1296
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:10:55 GMT

GET
H3-29 200 186ba122569744f623b2157d3d6efa85.png
s0.2mdn.net/sadbundle/13466617929429450390/media/ Frame 1AC2 1 KB
1 KB 29ms
19ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/media/186ba122569744f623b2157d3d6efa85.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b696d7f2835b35b4cf7779a7d07fbb2047362c2d28c959001dd4a5c558a40a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:10:55 GMT
x-content-type-options: nosniff
age: 304445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1216
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:10:55 GMT

GET
H3-29 200 c8073a1372b2ac1fe9106fe9ec794759.png
s0.2mdn.net/sadbundle/13466617929429450390/media/ Frame 1AC2 3 KB
3 KB 30ms
16ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/media/c8073a1372b2ac1fe9106fe9ec794759.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec0f01ea70d6a324eba8856e4c51cc836904c06e4dfc4e1323fb9fd096d128ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:10:55 GMT
x-content-type-options: nosniff
age: 304445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2744
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:10:55 GMT

GET
H3-29 200 aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CD7 14 KB
6 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 160600
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5682
x-xss-protection: 0
expires: Thu, 14 Apr 2022 14:08:20 GMT

GET
H3-29 200 aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 902B 14 KB
6 KB 17ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 160600
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5682
x-xss-protection: 0
expires: Thu, 14 Apr 2022 14:08:20 GMT

GET
H3-29 200 aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js Show response
pagead2.googlesyndication.com/bg/ Frame C4C3 14 KB
6 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 160600
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5682
x-xss-protection: 0
expires: Thu, 14 Apr 2022 14:08:20 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 22FB 0
23 B 105ms
68ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 16 Apr 2021 10:45:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame AF6A 0
23 B 42ms
42ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 16 Apr 2021 10:45:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4AA6 0
23 B 69ms
68ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hinative.com
URL: https://hinative.com/en-US/questions/18830027

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 16 Apr 2021 10:45:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 81af8f1c8d0a4bc8365f26fb31d9f15e.jpg
s0.2mdn.net/sadbundle/14733310612648059221/media/ Frame 7E58 17 KB
17 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14733310612648059221/media/81af8f1c8d0a4bc8365f26fb31d9f15e.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5162bcf4e1011a5d8df3cc074fc2e3e848b477f2cca7c94ef449bbcae1c876c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:02:10 GMT
x-content-type-options: nosniff
age: 304971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17505
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:51:03 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:02:10 GMT

GET
H3-29 200 a0ffc6db7a979e25355594ca3ad55125.jpg
s0.2mdn.net/sadbundle/13466617929429450390/media/ Frame 1AC2 53 KB
53 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/media/a0ffc6db7a979e25355594ca3ad55125.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d8a7cdea2943b11077cf371e58afedc99b38e288778d2129e5510c453d5bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:10:55 GMT
x-content-type-options: nosniff
age: 304446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53888
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:10:55 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041201&jk=107296684125163&bg=!Z2SlZCDNAAZUuIlwVLg7ACkAdvg8Wh60qthWFNFByuGoBc--gId5Cs-1UAWyJLwPKD03335OPDyWqQIAAAFVUgAAAERoAQcKAPbAizyGzCInlDVvj9jqhfOEZI0EbwsXRgNS4ceuREpSGdB2dDosYQnwatJ8KeZwqZcwKGw9Ur2Yzhdu9DK0OOzNDeN-GydA4vvE3MNgO7x9YsJB7k3ug0Gv8FhmSP0c5BZwYV-UQxex2mds49vbK-Oa4ttYYRsTK9FdoBWreIW9UBmpXa19eqOCCpHggqOOIvhtfgb4FLyf-NL3RkRVNkpnbyCQaMIS5PODMgFhGW7noypapFu1Svo31qrInKxu3agSHmLiwb9kQQMzi5vw5bmrOUsj3lfr_tTbC2cLYV3Qm8oGsrFqPF00k1vpkpOBGvQr7h4qOruZAhID41aGkZDk3ca20xpYBnLRBBFvvgpCQ2L0fDdfmPGTx46qlNJImwbAf9WkUehNw8ab8dpHGkkPmQ5EP9Kdwnc047pJqgWGAAHaabs7wf9gwXjWcRUpVsBgqP3j9BulYJGb7NBrlfWjMBn_a2wPptBqMnt0evLY82cyblY2Gpv5O7POPYSS7AJjE5JYLEVtdlGFfmyH8W6IqjoiHbHr-5mAQYTDCrDzeZUO_QYscotQmT7LGEN-MqVzjHuC6Yujzhkba73qBZmtFQyV_tmrRHwDvmTgGFltgxG94ot1O6UHbeO9aUGOadbuOxYaEhvah0jFcHRXN-4gwKWKbtarNSSHz9w36R9GZC5Es1kJdy3ND9CmC40zdMbTXYC0rBRaSTA44amOOt7E2vZttgx6LyQQSUqZldRC3NjoFajcB9oQibZPzo9V8csA3KiQtannXKVVdCybyYd_BsvRgBP863RQhaTnpP78klxNyYa2v-oy0NDI0gFuoaLa5TgtKRk77R5Etv9WI8JhBdpsmOYY9OKbU6RzFgzN1zUkxQxp5w3u-sdcPyRhTswWXD3qJmuzJyRO_N43z-21tJndGYE55Fyy_SFhW53f6ZL22amCtk3bNGZtb9vldejg0yRpj3gGZfXTSYpnBgnBIaVQhtXgdcJslAX6Oqdfd7ERFcgLbGxX6tc0zhKqeMUCHWfddr68k9mi8g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 eb0c61b29bf3e37c673020ce2cb70e22.jpg
s0.2mdn.net/sadbundle/12993956206916388090/media/ Frame AE75 126 KB
126 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/media/eb0c61b29bf3e37c673020ce2cb70e22.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa385535d382144027f72430c09dc6f5a8df30bb1e2e057ad14d198ef64aaec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:19:50 GMT
x-content-type-options: nosniff
age: 303911
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129107
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:19:50 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 902B 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEtjaq2p5YIn7E4703wPzoa2IAwAAAAA4AeAEAg&bg=!6uml6a3NAAZUuIlwVLg7ACkAdvg8Wvo0cOQfK06kV7quolI0UliTC5mSbOCRKBNgWGQC658pQIMMPAIAAAEwUgAAABhoAQcKAAE4mQJt4rVG13XqMIk9bcQE2OiEUWY_D2GsSb9hEUw6XG8ad67FvtireAc1TF5ypDsi_l_5cqakltcU23LCW3jTrv4qYaxCI_qs1qZKHuenQUBIQfaftS1t0YrbYELFhbX04nIDgjsWdQ-_eAWldg5KKb62CwNv72Kq72gLkhRIt3LUgNCmy1-O4jwKv5tuVBZ5FHccfInS_WEiNX2EFAgAl95KdKmTXeDoca0gpxh__xUaHuGbLuvDQdlJnSLtwCCJGih3K_3n12HJV6JY5mkAztJnMN-lGbJA971obTa7tpApKroM52iL6BOTIBofCdSomYU6-j_SLykz9mXMlp4Nn9pvYKRavesIx1vizzIp36-AKxRF6wnrH-Ya_FD274vEaCJxZ5I00BckKhvKpIndwSSFNao6VHIReKjM1pTd9HEPlTRYQM1PPpaLXVTaDZyPzamPMZB4NY2VWAFPBxjfOkyjXtCP0pB7DqXovWW5QYx13buCE4zqkx95mDhiPeBmb_hqEX102NhJxV5zb09ZNYAqkl-OXfD-SbYtm8aCV6SxRUczbQQpHTYFct4fdTmr_NH8PcF1Vpt7k9T-EoSOD12Gp0fn_0VBGc3M0hKV1w5i6Wg2dtEB20Jd8YesKYwsDhF9Wbx3R0cbfxQrCmqAkS5kKZbwBVfCHphBzoPLkB_esHHAkavHG-hGdKcXECBfDkZki8PNhOBbzgWYKclEkbaQccPoOGYRZRo1zzDtt5lRluVNU6u94wWVHvSPpI28v8OVibxf0XC69Em0_-eXCFFraOvfvPcKykg9WMQRL5bpQK_bfpXJ0VlVtC0S5q3o

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4C3 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYNSyq2p5YIr7E4703wPzoa2IAwAAAAA4AeAEAg&bg=!hIelh8PNAAZUuIlwVLg7ACkAdvg8Wl9kR5Oj55aLwNTMX7XuEwyF29cXKgdqjZLzW_r5Eqxj9xjFfwIAAAElUgAAACRoAQcKAPPGSGC-_RlIgqQTnVOlddZ2qYdG7nTXT8Rz3yXpDB5MICcODtlWLS_tNDp9JXEv4XAAi0n03dNIWyr5bdTBmHVlU8peNe51kei3n7u9TAh4VUwYRfy-5FdmK8uGWlvqQ4ySrnUVqCpprfrdBShXUWmaYUeB23GvixWKIC3udQnb4thX2sRymwSkrRIv03smCnxXHVwWkh0EZpZwzhUBDnyxGhLKM7T1XR7QzcUNJ0N_xLqvauYOzK1KdflKB0X95gbyy2Eui0o4U23nfJn8BzeqVpnabGJe61YSGEeHpfR9KfRVcfpypfbQJXLWqqJbFiq6LhCZAm1In_PDHZWFaEyShBm-Vwt0_OaFx51y01ThMPoLnbi83BV91MVwhUkknHKUwLfEI_Zw-SJjoEAjUgelOhl2L9p0fo4Rem-F66oxNDXkT76Ok80W-hz8_5Yby41UffXqokdWGSUoF7P9PxJpch7TogvNWf1PgR_s3qtZc1c3AWl5KzRb-QN6DiiW0tHaEZtu7GmYClUFcxTeoNEHdnbXeZeWE2SLomiEDSWHDHhkKh62WeuwdLOuNGC9qnrMukASLPvwLpGgq3u0bovHT1VB7m0WqVimI5TJ39RQFNpEQtWtodgbSV1xTCKB-sP2YAfad4qWYN23tc9YBgaYBLufRFMpzx5ddNBADtTrGB-V1CV6QRUEqT_rr9BQVxgk0AM_XP20AXFSazkQto__GtoMkCEtALtbXlRmKc6IU0XQeslgZIoDOd4qrtpzqvQSgd63iu53HTOTI7WyTR5KmdRDVJuCYS6iChJuvCdcnQxerZbbOS2rmIflcRRgRH8DxjMXt2wNXopRhVBXpwv423ZOJzf63dWQqpOC8-DUPqaNQbjE4AVKcCFur6PZafL8mjg5VGigoZhdK2Mn6OsxkLEgShCrtRZoq0Zg1vigjumH8N9t0J-Dd25jPE76m03ReFdxMiJdAfPmL89KFnzpK_gGD5wBobuhm-UkSioaSQfl-FcolpPXK8h4abb3tmyDOK3i5gqehIix1rCPBrwqc4XGdTNIZXckTsFd9d9gQNKbmAcaTN0uKG0zdwfkDtShkjk6WlA49AhiWOOQhsjCo7ELmiUpPPtmZS-SmC9Ykk9T8J7gssl9PUOHvN-dZx_v1g4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6CD7 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGQpRq2p5YIj7E4703wPzoa2IAwAAAAA4AeAEAg&bg=!ubqluv7NAAZUuIlwVLg7ACkAdvg8Wi-STBYw7TuBfxn4SHX99SG7zI6pAmIlgO4-pfk_bnEgJ9OLPAIAAAFTUgAAACNoAQcKABa3NDsWInHBSN41nU55tOW7R3TfgHPsmQJf8mcJ09KGeCUD7uC-RZSXdlf7kcvQmh_47_KA4MvGIr5rNiYp6bEnuh0JlaxfGiy3FSkYM52aPAmb8pV3GGhhcu_29ANvqWYIxqulnhdY92D3z41caBANy6ApI00nBZlvJS-YgAybzZP7Oji2ujKaQra0patQrHFbEs1BzINTcGVQ8_HPCue4-UKOiwrz4694HwD2QcBbfMHXNkfFllFSv4De9aYmAnQJf5-fxqMhhqFanOMCRmfCgRFNHz2vI5QgW-QeWDmuJ2d7cmYkGdmvOJ81-6-BNHrh2YRXs_Y8OnuPEOd_n1p68g9M4UQHcQmEiyGF0tP_4qtJABMtTgSX_PnjONRwxdDwlzhmWSU6lVhQrdP4UxzypEvccb9lD1NbrRUtGM9qlB6MG_IP2SZcZkY35AAA0jKAHHrZsRCT0WJh5nGTv44ljXj2UMumsdbD2MnIOKBd43ZDezZ6uu_ZGezC771nGpNetqnus_0j_logzuXjhOnR5EJ-32HFevOXM9FZt_L9WtxcUp0Rig37nGZYL86wXIFlCHw1GgPebBhRrUmrw9MJweykd0qqPsRYpc6jIcDrjpxS0QDCQDe7w5cKFOi7awigAoBjHGH9KkUbLG0dF08IQpdTloLSZPv-D_N6NfLIWe4l5AnuInOPu16FkWWRsfnIb_28xI32knLAtLRkofS1f_86tU8_uN1hqZfKj7XQLqsAaTHji35i2EUEAGDShtvc9yAXkbD9SNpRlE1YkPbwmt0QFdqkRsg46K07xn20eDHRpvRF_RE7RWfQZMQGYF0teVN_Rr5csg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AF6A 42 B
64 B 50ms
48ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEji8WMwZLNt882fP0IqMAOg4KBZm204V5sWeyQyj5tckp5_sA3A_goQUSfiyK31wPj1za8XDz1mwpATUVMKJ2yHGw8SycXGnmMjM3FiPkXGIMc4XSaWlB3XXbEw&sai=AMfl-YRKBVzrg61EypHUlSYW-GR_qCaKOu86vD8u6fm0sVLgsHZ8_S5MCyGnfzE2lvoIfRNKvt_1ChjTPV2lqmTKJ9kWxLVXYh8Dw80LTRney4SmX5lX7qtxpa47TLcLbYM&sig=Cg0ArKJSzC9JOb1Y7c2WEAE&cid=CAASB-RoyVDeCv8&id=lidar2&mcvt=1000&p=72,1039,322,1339&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=182112003&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1618569900206&dlt=8&rpt=308&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 a1841e8b08e4f0cfa30baf39b3a8914a.jpg
s0.2mdn.net/sadbundle/14733310612648059221/media/ Frame 7E58 26 KB
26 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14733310612648059221/media/a1841e8b08e4f0cfa30baf39b3a8914a.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7f7850d50d36b2e310895503568d179944bedaa5317610f1e2b3f59dfce47d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:02:11 GMT
x-content-type-options: nosniff
age: 304970
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26704
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:51:03 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:02:11 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 22FB 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvY7rCjeti6510jBcIP86DVAOUXxnBwc1f8c36TaoBhdqWeKb2449ZA_X2gIRYMZ-6KMoZwV69AbAB9t2cPObLq7iPn0zCBzgYpdjIq_E2eNXLzpElWzjZ5OjL1Mw&sai=AMfl-YQaZIWiJs24lw38Th7qQLzRG-Eb1VxClxRaOk8v0YZ74Xb-l8C1ZAdScs3SofONC_E5Ko9adntX_Ixe8PV4hcCBu-bu3KIYgJtBw0sJAkyxGbZbb4piFkhnp6Q7ui4&sig=Cg0ArKJSzOyyO1YbG1V5EAE&cid=CAASB-RorD0mfUM&id=lidar2&mcvt=1005&p=72,241,162,969&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=43507412&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1618569900204&dlt=6&rpt=304&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4AA6 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszlAXbJVMIuDoeF5tW6L132HzmbRAL_66xlPJV6tX5S3U5O0EleeFmWn1LKzFg0VskBlugHW9mc--FTm-yadqaVknmNTElusuWCFW4SP0xgguIKcOzS9He6I3Q0w&sai=AMfl-YRMztXEttVSVOVVL0AKQmpodqPFVsGydRHHELUYyz_YSk8F-H6VwCtBbRvlAyXcSTIKEY8FvCZTnky9nfR0YjqNMS4Ii2eMsWpiqqaRq8tviY-6fqRGnofAFeQZLT8&sig=Cg0ArKJSzMYJt1DeA2eZEAE&cid=CAASB-Ro4x0WklU&id=lidar2&mcvt=1000&p=338,1039,938,1339&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2536648641&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618569900206&dlt=24&rpt=428&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 b9695e824255009f2c546ec651679335.jpg
s0.2mdn.net/sadbundle/13466617929429450390/media/ Frame 1AC2 94 KB
94 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/media/b9695e824255009f2c546ec651679335.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

775e502556a8e04427e9120e315f88a7fad6080b913da183fc200e96f0d3ebe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:10:55 GMT
x-content-type-options: nosniff
age: 304446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96004
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:10:55 GMT

GET
H3-29 200 004b5f758e904295cce432a12b83add2.jpg
s0.2mdn.net/sadbundle/12993956206916388090/media/ Frame AE75 173 KB
173 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/media/004b5f758e904295cce432a12b83add2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd9db2b3c2bda537c2f70e72c13eea5d32e617ae8f75ea165efdf65b5a67d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:19:50 GMT
x-content-type-options: nosniff
age: 303911
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 177499
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:19:50 GMT

GET
H3-29 200 a80e163515e8dd337ecaeba20fb81ef4.jpg
s0.2mdn.net/sadbundle/14733310612648059221/media/ Frame 7E58 18 KB
18 KB 6ms
5ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14733310612648059221/media/a80e163515e8dd337ecaeba20fb81ef4.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

535dd672ffa99f83adf977282dd1a33b7145b91e35328df5cdc6a4e3f293752d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:02:11 GMT
x-content-type-options: nosniff
age: 304970
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17930
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:51:03 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:02:11 GMT

GET
H3-29 200 807884379fd708c4e19df93777f7f6bb.jpg
s0.2mdn.net/sadbundle/13466617929429450390/media/ Frame 1AC2 43 KB
43 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/media/807884379fd708c4e19df93777f7f6bb.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c28ede77a8e618a6527525d90231d67937b8eb47d308ab9c6fc39650328148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:10:55 GMT
x-content-type-options: nosniff
age: 304446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43777
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:10:55 GMT

GET
H3-29 200 6fad6e314c5a54c872fdf8c12e027629.jpg
s0.2mdn.net/sadbundle/12993956206916388090/media/ Frame AE75 93 KB
93 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/media/6fad6e314c5a54c872fdf8c12e027629.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

358e75ae40813fa07846b47995b9d224d0105a58b6c4e1ec4796f6b2c11e528a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:19:50 GMT
x-content-type-options: nosniff
age: 303911
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95231
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:19:50 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 9482 0
17 B 38ms
37ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knk6q86r&c=5188192853828&slotId=2594096426914&qqid=CM38kt_KgvACFQ76dwod81ALMQ&umsem=0&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame DA80 0
17 B 37ms
37ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knk6q89h&c=5838737528654&slotId=2919368764327&qqid=CMv8kt_KgvACFQ76dwod81ALMQ&umsem=0&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 d292b00d058808046b7348efcd30a530.jpg
s0.2mdn.net/sadbundle/14733310612648059221/media/ Frame 7E58 22 KB
22 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14733310612648059221/media/d292b00d058808046b7348efcd30a530.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7dc1818b192d4cef7ea21ede4002690a5c8e7ed2727386e9980cc232cd43d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14733310612648059221/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:02:11 GMT
x-content-type-options: nosniff
age: 304971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22040
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:51:03 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:02:11 GMT

GET
H3-29 200 4327923f4b8de4ba4e591db2f1a9fe75.jpg
s0.2mdn.net/sadbundle/13466617929429450390/media/ Frame 1AC2 59 KB
59 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13466617929429450390/media/4327923f4b8de4ba4e591db2f1a9fe75.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b3aa3c86e5c11afeae88efe48e0bde1523b57d716466f8f58671f1284c969d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13466617929429450390/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:10:55 GMT
x-content-type-options: nosniff
age: 304447
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60376
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:10:55 GMT

GET
H3-29 200 09b087754b746463cd8b37f8b20ec2e0.jpg
s0.2mdn.net/sadbundle/12993956206916388090/media/ Frame AE75 95 KB
95 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12993956206916388090/media/09b087754b746463cd8b37f8b20ec2e0.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d002f7879a041c7dc85f286274400dd37e3e4450fb13378f35f4c91a50f6e294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12993956206916388090/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 22:19:50 GMT
x-content-type-options: nosniff
age: 303912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96886
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 16:49:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 22:19:50 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 7C11 0
17 B 38ms
38ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knk6q89t&c=1410584029894&slotId=705292014947&qqid=CMz8kt_KgvACFQ76dwod81ALMQ&umsem=0&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 22CC 6 KB
3 KB 32ms
9ms Document
text/html 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d7b42125066267ee7e6450f3690e9f66f0eec6848a968113dfda4ad9fa32eb0

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinative.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinative.com/

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Thu, 15 Apr 2021 18:53:50 GMT
accept-ranges: bytes
etag: "29efc82422052f5cc2d130342b9544b3"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: K1k0MU4zh6ZeXdP2wntIwfAoUvGli8Gw8CpTvchD8bXy98kMG1xfWbNXLVu6txyyGjr0q8mjzRo=
x-amz-request-id: 2159BHQ6AMQPWHB2
x-azure-ref-originshield: 0ext5YAAAAAAkIgVI2CgZQ4nZuz+vCnoCTE9OMjFFREdFMTUxNgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0rmp5YAAAAABoT5OoLVJAR5RBAnhDyqTsRlJBRURHRTEwMTkAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Fri, 16 Apr 2021 10:45:01 GMT

GET /
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 997A 0
0

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 5901 2 KB
1 KB 98ms
32ms Document
text/html 184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hinative.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinative.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 16 Apr 2021 10:45:02 GMT
Content-Length: 1151
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 672A 52 KB
17 KB 104ms
36ms Document
text/html 184.30.20.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-185.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hinative.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=6341490155026953278; anj=dTM7k!M41.D>6NRF']wIg2E>3jem8z!@wnfH8K6pQK`!5=E<*L5?%L`a3-t`ll2SkiU.ji/h2KzgO<W[9AE)lZu3$o%nugO%v4VB%nmal)shTj
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinative.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sat, 17 Apr 2021 10:45:04 GMT
Date: Fri, 16 Apr 2021 10:45:02 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2FAA 38 KB
14 KB 101ms
36ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hinative.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinative.com/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=150216
Expires: Sun, 18 Apr 2021 04:28:38 GMT
Date: Fri, 16 Apr 2021 10:45:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 79A7 281 B
554 B 97ms
30ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: flux-cdn.com
URL: https://flux-cdn.com/client/lang8/flux_hinative_AS_TM_AT.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hinative.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinative.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Apr 2021 10:45:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

302

31
cr-pall.ladsp.com/cookiesender/
Redirect Chain

https://cr-p31.ladsp.jp/cookiesender/31
https://cr-pall.ladsp.com/cookiesender/31
https://cr-pall.ladsp.com/cookiesender/31?cr=true

0
450 B

272ms
272ms

Image
text/plain

99.84.156.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr-pall.ladsp.com/cookiesender/31?cr=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-103.txl52.r.cloudfront.net
Software: Logicad /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:04 GMT
via: 1.1 3a415eca835d78c74f508f31b6bbdaf0.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control: no-cache
content-length: 0
x-amz-cf-id: XFRxyjDKGR6hFBO0gmAqSg5kvF1wRL7ruVPxShH4oEUpoh1-jCH7Fw==
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:03 GMT
via: 1.1 3a415eca835d78c74f508f31b6bbdaf0.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://cr-pall.ladsp.com/cookiesender/31?cr=true
cache-control: no-cache
content-type: text/html;charset=utf-8
content-length: 0
x-amz-cf-id: Q2qyG_7DCXIFa145xzP7pHQPfPEVgurUxRNxRNxvhQYcQP8C_RFQDw==
expires: -1

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame E4C7 3 KB
2 KB 115ms
38ms Document
text/html 54.155.128.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.128.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-128-114.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 88def5711cbf82ce2bee4fbcea58b426cacec4391c30bb9c937379e680d6f04f

Request headers

:method: GET
:authority: g2.gumgum.com
:scheme: https
:path: /usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

date: Fri, 16 Apr 2021 10:45:02 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709; Domain=.gumgum.com; Expires=Sat, 16-Apr-2022 10:45:02 GMT; Path=/; Secure; SameSite=None
etag: W/"002c69e698a6407685b955f219b2a16a6"
timing-allow-origin: *
content-encoding: gzip

GET
H2 204 ps
pixel.33across.com/ Frame 8563 0
0 355ms
117ms Document
text/plain 208.100.17.173
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D678%26uid%3D33XUSERID33X
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.173 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip173.208-100-17.static.steadfastdns.net
Software: 33XP004 /
Resource Hash

Request headers

:method: GET
:authority: pixel.33across.com
:scheme: https
:path: /ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D678%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

x-33x-status: 2000208
server: 33XP004
date: Fri, 16 Apr 2021 10:45:01 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5E57 2 KB
818 B 97ms
31ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D6114%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D6114%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://public.servenobid.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

sync
ads.servenobid.com/ Frame 22CC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D3858%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&cbimg=3858&uid=6341490155026953278

0
286 B

44ms
44ms

Image
image/avif

52.210.177.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&cbimg=3858&uid=6341490155026953278
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.177.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-177-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 16 Apr 2021 10:45:02 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:02 GMT
X-Proxy-Origin: 82.102.18.251; 82.102.18.251; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.82:80
AN-X-Request-Uuid: d2b1d937-e107-4d11-8358-0b3a2c85ae22
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&cbimg=3858&uid=6341490155026953278
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 22CC
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D9871%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D9871%26uid%3D%24UID&sovrn_retry=true
https://ads.servenobid.com/sync?pid=310&cbimg=9871&uid=a85207f2dd544b02d41e2a30

0
289 B

39ms
39ms

Image
image/avif

52.210.177.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&cbimg=9871&uid=a85207f2dd544b02d41e2a30
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.177.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-177-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 16 Apr 2021 10:45:02 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date: Fri, 16 Apr 2021 10:45:02 GMT
Server: nginx
Location: https://ads.servenobid.com/sync?pid=310&cbimg=9871&uid=a85207f2dd544b02d41e2a30
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 9C22 2 KB
3 KB 109ms
47ms Document
text/html 184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hinative.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2e73663f64a1d1e5b34489d0eebb6d43f123aa4b004211cc2062c0c1061b3527

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5157; CMST=YHlqrGB5aqwA; CMID=YHlqrJ2q2KbYEX7zx4aDSgAA; CMPRO=1211; CMRUM3=2d60796aac2760CAESELyAFlk2jQP2_uQ5JAr1OkU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|39|241|46|188|156|152|73
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1552
Expires: Fri, 16 Apr 2021 10:45:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:02 GMT
Connection: keep-alive
Set-Cookie: CMID=YHlqrJ2q2KbYEX7zx4aDSgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 Apr 2022 10:45:02 GMT CMPS=5157;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 15 Jul 2021 10:45:02 GMT CMPRO=1211;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 15 Jul 2021 10:45:02 GMT CMST=YHlqrGB5aq4A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 17 Apr 2021 10:45:02 GMT CMRUM3=bc60796aae05a00&4960796aae05a00&f160796aae05a0&2e60796aae05a0&9c60796aae05a00&2760796aae0b40&e660796aae27600&2d60796aac2760CAESELyAFlk2jQP2_uQ5JAr1OkU&9860796aae05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 Apr 2022 10:45:02 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 79A7 31 KB
9 KB 34ms
33ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: aab475e61325aa8b10d5fc1127dc89c6562731d9a0dbd32db36b85a5e792ced5

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 10:45:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 20:37:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=60451
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9236
Expires: Sat, 17 Apr 2021 03:32:33 GMT

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2FAA 3 KB
4 KB 142ms
35ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24486190&p=158977&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 952cc48a08d19a8b25d7ae2978062a977005c09ec74f28f6b5ebc5f0d510ad5d

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 10:45:00 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 672A 0
745 B 31ms
31ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:02 GMT
X-Proxy-Origin: 82.102.18.251; 82.102.18.251; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.234:80
AN-X-Request-Uuid: d6a74fc0-ff14-43da-a244-4be00c02d834
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 79A7 284 B
536 B 127ms
32ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H2

200

usersync
rtb.gumgum.com/ Frame E4C7
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=6341490155026953278

35 B
238 B

59ms
44ms

Image
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=6341490155026953278
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:02 GMT
X-Proxy-Origin: 82.102.18.251; 82.102.18.251; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.244:80
AN-X-Request-Uuid: 00dafc40-a114-4427-8457-7f755e0df271
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=6341490155026953278
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame E4C7
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709&gdpr=0&gdpr_consent=&us_privacy=1---
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=c474a918-e327-516a-8728-aa09e751c0a6&ssp=gumgum2&expires=30&user_group=1
https://rtb.gumgum.com/usersync?b=bsw&i=99a472d0-b04d-428f-a634-b694d1b7654b

35 B
237 B

45ms
45ms

Image
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=99a472d0-b04d-428f-a634-b694d1b7654b
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:03 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: //rtb.gumgum.com/usersync?b=bsw&i=99a472d0-b04d-428f-a634-b694d1b7654b
date: Fri, 16 Apr 2021 10:45:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cookiesyncredir
bttrack.com/Pixel/ Frame E4C7
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28TJRXe2q-V9Jac-p9zj2bkvlxk_r-S8jb3q0XfBQIfR99Mgypueh9b3nhi3E_ccEb%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709&obuid=ENC(TJRXe2q-V9Jac-p9zj2bkvlxk_r-S8jb3q0XfBQIfR99Mgypueh9b3nhi3E_ccEb)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://bttrack.com/Pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbidtellect%26uid%3D%7Bglobalid%7D%26obUid%3DTJRXe2q-V9Jac-p9zj2bkvlxk_r-S8jb3q0XfBQIfR99Mgypueh9b3...

35 B
380 B

525ms
103ms

Image
image/gif

192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/Pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbidtellect%26uid%3D%7Bglobalid%7D%26obUid%3DTJRXe2q-V9Jac-p9zj2bkvlxk_r-S8jb3q0XfBQIfR99Mgypueh9b3nhi3E_ccEb
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Fri, 16 Apr 2021 10:44:07 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

Redirect headers

Location: https://bttrack.com/Pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbidtellect%26uid%3D%7Bglobalid%7D%26obUid%3DTJRXe2q-V9Jac-p9zj2bkvlxk_r-S8jb3q0XfBQIfR99Mgypueh9b3nhi3E_ccEb
Date: Fri, 16 Apr 2021 10:45:03 GMT
X-TraceId: 72eb3bece7feb9f20c798efcb247e2b5
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame E4C7
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=d6587622-8dc7-46b1-b035-ecea55a374f9

35 B
237 B

128ms
45ms

Image
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=d6587622-8dc7-46b1-b035-ecea55a374f9
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Fri, 16 Apr 2021 10:45:02 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=d6587622-8dc7-46b1-b035-ecea55a374f9
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame E4C7
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=sta&i=0-8ba7bc75-a222-4b24-729d-0a97566eea1a$ip$82.102.18.251

35 B
237 B

54ms
54ms

Image
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-8ba7bc75-a222-4b24-729d-0a97566eea1a$ip$82.102.18.251
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-8ba7bc75-a222-4b24-729d-0a97566eea1a$ip$82.102.18.251
Date: Fri, 16 Apr 2021 10:45:02 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame E4C7
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-TSIbEiBE2pf5Eg5DiFP7DDFFK3r8pqznu8hc~A

35 B
237 B

61ms
45ms

Image
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-TSIbEiBE2pf5Eg5DiFP7DDFFK3r8pqznu8hc~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Fri, 16 Apr 2021 10:45:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-TSIbEiBE2pf5Eg5DiFP7DDFFK3r8pqznu8hc~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame E4C7
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
https://rtb.gumgum.com/usersync?b=vnt&i=cc7e7e7d-9ea0-11eb-8ae7-131d8a2ae458

35 B
237 B

45ms
44ms

Image
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=cc7e7e7d-9ea0-11eb-8ae7-131d8a2ae458
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=cc7e7e7d-9ea0-11eb-8ae7-131d8a2ae458
Date: Fri, 16 Apr 2021 10:45:02 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: cc7e7e7e-9ea0-11eb-8ae7-131d8a2ae458

GET
H2 204 services
sync.technoratimedia.com/ Frame E4C7 0
293 B 319ms
105ms Image
text/plain 150.136.26.45
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:02 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 560796131
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame E4C7 0
44 B 312ms
100ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:01 GMT
content-length: 0
server: b

GET
H2

200

usersync
rtb.gumgum.com/ Frame E4C7
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709&gdpr=0&gdpr_consent=&us_privacy=1---
https://stags.bluekai.com/site/23178?id=KbTxCYQTJaHXimPXI1KC&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2S3CKR4EGWKRKRFGCSCYNFWVAWCJGFFUGJTVONPXA...
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=KbTxCYQTJaHXimPXI1KC&us_privacy=1---

35 B
237 B

46ms
46ms

Image
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=KbTxCYQTJaHXimPXI1KC&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:03 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:03 GMT
P3p: CP="We do not support P3P header."
Location: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=KbTxCYQTJaHXimPXI1KC&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 118
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame E4C7
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=055f6e02-7151-46dd-8a4b-de69cbeb9227

35 B
237 B

58ms
58ms

Image
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=055f6e02-7151-46dd-8a4b-de69cbeb9227
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=055f6e02-7151-46dd-8a4b-de69cbeb9227
date: Fri, 16 Apr 2021 10:45:02 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame E4C7
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=206118694
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=206118694
https://sync.1rx.io/usersync/tradedesk/f68a42d6-0d5a-428e-932a-f5ee8ae93255
https://sync.targeting.unrulymedia.com/csync/RX-af4847fd-6bf4-4791-9786-f37f82b4a93c-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-af4847fd-6bf4-4791-9786-f37f82b4a93c-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-af4847fd-6bf4-4791-9786-f37f82b4a93c-003

35 B
237 B

52ms
51ms

Image
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-af4847fd-6bf4-4791-9786-f37f82b4a93c-003
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:06 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Date: Fri, 16 Apr 2021 10:45:06 GMT
Server: Tengine
ETag: RXaf4847fd6bf447919786f37f82b4a93c003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-af4847fd-6bf4-4791-9786-f37f82b4a93c-003
Connection: keep-alive
Content-Type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame E4C7
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=LXeW1FX1UNbA&ev=1&pid=558355

35 B
237 B

45ms
44ms

Image
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=LXeW1FX1UNbA&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=LXeW1FX1UNbA&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-v9ggx
expires: -1

GET
H2 200 sync
ads.servenobid.com/ Frame E4C7 0
299 B 39ms
39ms Image
image/avif 52.210.177.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&cd=2695&uid=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.177.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-177-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 16 Apr 2021 10:45:02 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 3C78
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=77216079-6aae-4300-a8ad-1757c37c81d2&gdpr=0&gdpr_consent=

35 B
237 B

45ms
44ms

Document
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=77216079-6aae-4300-a8ad-1757c37c81d2&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=77216079-6aae-4300-a8ad-1757c37c81d2&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 16 Apr 2021 10:45:02 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Fri, 16 Apr 2021 10:46:05 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3660 495c301 master cdg-pixel-x28
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=77216079-6aae-4300-a8ad-1757c37c81d2; domain=.mathtag.com; path=/; expires=Sat, 14-May-2022 10:45:02 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=77216079-6aae-4300-a8ad-1757c37c81d2&gdpr=0&gdpr_consent=
Expires: Fri, 16 Apr 2021 10:46:04 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame DA4D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YHlqrgAAJ4OKAgA4
https://rtb.gumgum.com/usersync?b=atm&i=YHlqrgAAJ4OKAgA4&gdpr=0&gdpr_consent=&_test=YHlqrgAAJ4OKAgA4

35 B
237 B

46ms
46ms

Document
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YHlqrgAAJ4OKAgA4&gdpr=0&gdpr_consent=&_test=YHlqrgAAJ4OKAgA4
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YHlqrgAAJ4OKAgA4&gdpr=0&gdpr_consent=&_test=YHlqrgAAJ4OKAgA4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 16 Apr 2021 10:45:02 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YHlqrgAAJ4OKAgA4&gdpr=0&gdpr_consent=&_test=YHlqrgAAJ4OKAgA4
accept-ranges: bytes
date: Fri, 16 Apr 2021 10:45:02 GMT
via: 1.1 varnish
x-served-by: cache-hhn4054-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1618569903.637993,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-29 200 pixel Show response
cm.g.doubleclick.net/ Frame A343 170 B
188 B 41ms
40ms Document
image/png 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iZjBmNmM4Yy05Y2ZiLTQ1YWUtYThlNy1lZDE3MTg5ZjY3MDk=&gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV9iZjBmNmM4Yy05Y2ZiLTQ1YWUtYThlNy1lZDE3MTg5ZjY3MDk=&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkC7C5_RYlSkFwuzfALYfYXupIhMxKZJmOBG35ffJDm6_yK42ZqTSvMQs8R
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

content-type: image/png
date: Fri, 16 Apr 2021 10:45:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4422 8 KB
3 KB 32ms
31ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://g2.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=36826
Expires: Fri, 16 Apr 2021 20:58:48 GMT
Date: Fri, 16 Apr 2021 10:45:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 244F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=c459021b-6a06-4c50-b36c-e835e71ca695&t=1621161902

35 B
237 B

45ms
45ms

Document
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=c459021b-6a06-4c50-b36c-e835e71ca695&t=1621161902
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=c459021b-6a06-4c50-b36c-e835e71ca695&t=1621161902
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 16 Apr 2021 10:45:02 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Fri, 16 Apr 2021 10:45:02 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=c459021b-6a06-4c50-b36c-e835e71ca695&t=1621161902
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=c459021b-6a06-4c50-b36c-e835e71ca695; domain=.adsrvr.org; expires=Sat, 16-Apr-2022 10:45:02 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwiq4sG67bPAORAFOAE.; domain=.adsrvr.org; expires=Sat, 16-Apr-2022 10:45:02 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame 8BE8 0
0 1178ms
31ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

content-type: text/html
date: Fri, 16 Apr 2021 10:45:02 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame C312
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YHlqr8Co8XUAAL82f-oAAAAA

35 B
237 B

49ms
49ms

Document
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YHlqr8Co8XUAAL82f-oAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YHlqr8Co8XUAAL82f-oAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 16 Apr 2021 10:45:03 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Fri, 16 Apr 2021 10:45:03 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YHlqr8Co8XUAAL82f-oAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 4
X-SO-HostName: m-ad205.dc4p.scaleout.jp
X-SO-LB-Hostname: m-tgng17.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":36,"gdpr":true,"ipv4":"0.0.0.0","key":"YHlqr8Co8XUAAL82f-oAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad205"}
X-SO-Key: YHlqr8Co8XUAAL82f-oAAAAA
X-SO-IP: 82.102.18.251
X-SO-Cluster-ID: 36
X-SO-Upstream-ID: m-ad205

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame EA32
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1875819618998565093

35 B
237 B

57ms
56ms

Document
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1875819618998565093
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1875819618998565093
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 16 Apr 2021 10:45:02 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Fri, 16 Apr 2021 10:45:02 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAFslxmtoZmhhamZpaWBkamIOAOQ9LdIQAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 11 May 2022 10:45:02 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQztLC0tDA1MzWwNBbiM9Q1CjRw9XUOcKkKTjeT4jUESpuaWVoaGJmamAMAlLPY5DQAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 11 May 2022 10:45:02 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQztLC0tDA1MzWwNBbiM9Q1CjRw9XUOcKkKTjcDAAd59ColAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1875819618998565093
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame A3F1
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=xcRe18n00qurOfnYI8ZH&pi=gumgum&tc=1

35 B
237 B

60ms
59ms

Document
image/gif

54.77.242.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=xcRe18n00qurOfnYI8ZH&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D2695%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-242-172.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=xcRe18n00qurOfnYI8ZH&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_bf0f6c8c-9cfb-45ae-a8e7-ed17189f6709
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g2.gumgum.com/

Response headers

date: Fri, 16 Apr 2021 10:45:02 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Fri, 16 Apr 2021 10:45:02 GMT Fri, 16 Apr 2021 10:45:02 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=xcRe18n00qurOfnYI8ZH&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame EC1C 38 KB
14 KB 39ms
39ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=150216
Expires: Sun, 18 Apr 2021 04:28:38 GMT
Date: Fri, 16 Apr 2021 10:45:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 9C22
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHlqrJ2q2KbYEX7zx4aDSgAABLsAAAAB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEOc5CueqI_mHhUXlQRgMXg0&google_cver=1

43 B
315 B

35ms
35ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEOc5CueqI_mHhUXlQRgMXg0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hinative.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 16 Apr 2021 10:45:02 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEOc5CueqI_mHhUXlQRgMXg0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9C22 70 B
265 B 61ms
38ms Image
image/gif 52.215.237.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YHlqrJ2q2KbYEX7zx4aDSgAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hinative.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.237.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-237-248.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9C22
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHlqrJ2q2KbYEX7zx4aDSgAABLsAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHlqrJ2q2KbYEX7zx4aDSgAABLsAAAAB&dcc=t

43 B
433 B

104ms
104ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHlqrJ2q2KbYEX7zx4aDSgAABLsAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hinative.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:02 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:02 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHlqrJ2q2KbYEX7zx4aDSgAABLsAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 9C22 0
0 70ms
32ms Image
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hinative.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame 9C22 0
88 B 671ms
104ms Image
text/plain 52.45.185.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hinative.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.185.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 9C22 35 B
380 B 1307ms
103ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hinative.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Fri, 16 Apr 2021 10:44:07 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9C22
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=658b8d5e-9604-4444-8485-2bb48b7306ac

43 B
1 KB

55ms
55ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=658b8d5e-9604-4444-8485-2bb48b7306ac
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hinative.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 16 Apr 2021 10:45:03 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:03 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=658b8d5e-9604-4444-8485-2bb48b7306ac
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H2 200 YHlqrJ2q2KbYEX7zx4aDSgAABLsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9C22 43 B
564 B 36ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YHlqrJ2q2KbYEX7zx4aDSgAABLsAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hinative.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 9C22 43 B
425 B 32ms
30ms Image
image/gif 184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YHlqrJ2q2KbYEX7zx4aDSgAA%261211
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://hinative.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 10:45:02 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1848
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 16 Apr 2021 11:15:50 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 05E4 43 B
326 B 3157ms
56ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24486190&p=158977&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Fri, 16 Apr 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1062
x-powered-by: ASP.NET
date: Fri, 16 Apr 2021 10:45:05 GMT
content-length: 43

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame A6EA 35 B
134 B 3211ms
74ms Document
image/gif 213.155.156.165
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24486190&p=158977&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.165 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method: GET
:authority: d5p.de17a.com
:scheme: https
:path: /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2FAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vWo5eXkSQg-NZNq_l-ujZg%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

49ms
49ms

Image
text/html

184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 10:45:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=36826
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Fri, 16 Apr 2021 20:58:48 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 2FAA 95 B
596 B 51ms
35ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=BD6A3979-7912-420F-8D64-DABF97EBA366
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 640cd262ee7b4e2b-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 097be1d1d400004e2b6a8a7000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 2FAA
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BD6A3979-7912-420F-8D64-DABF97EBA366&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BD6A3979-7912-420F-8D64-DABF97EBA366&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

54ms
54ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BD6A3979-7912-420F-8D64-DABF97EBA366&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
frontend-id: 3
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
frontend-id: 2
location: /pubmatic/1/info2?sType=sync&sExtCookieId=BD6A3979-7912-420F-8D64-DABF97EBA366&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 2FAA
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BD6A3979-7912-420F-8D64-DABF97EBA366&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BD6A3979-7912-420F-8D64-DABF97EBA366&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BD6A3979-7912-420F-8D64-DABF97EBA366&addseg=12,35,41

7 B
147 B

1153ms
39ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BD6A3979-7912-420F-8D64-DABF97EBA366&addseg=12,35,41
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 10:45:04 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Fri, 16 Apr 2021 10:45:03 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BD6A3979-7912-420F-8D64-DABF97EBA366&addseg=12,35,41
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 2FAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkQ2QTM5NzktNzkxMi00MjBGLThENjQtREFCRjk3RUJBMzY2&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

188ms
36ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 10:45:01 GMT
X-lat: amspug013:0:368
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 2FAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHcsZtoKJYWGwtTH8X8p34E&google_cver=1

42 B
855 B

228ms
38ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHcsZtoKJYWGwtTH8X8p34E&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 10:45:01 GMT
X-lat: amspug009:0:371
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHcsZtoKJYWGwtTH8X8p34E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 2FAA 43 B
609 B 1119ms
31ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:45:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 15 Apr 2021 10:45:03 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2FAA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6e20a4f5-a9d9-41d5-8d76-e11d5b4d4ab0

42 B
882 B

1137ms
37ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6e20a4f5-a9d9-41d5-8d76-e11d5b4d4ab0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 10:45:02 GMT
X-lat: amspug008:0:451
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6e20a4f5-a9d9-41d5-8d76-e11d5b4d4ab0
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2FAA
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4613669298233970573

42 B
801 B

38ms
38ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4613669298233970573
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 10:45:03 GMT
X-lat: amspug003:0:387
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:45:04 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4613669298233970573
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2FAA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:00866079-6aae-4700-aab8-3f87da7a5375&gdpr=0&gdpr_consent=

42 B
947 B

1136ms
40ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:00866079-6aae-4700-aab8-3f87da7a5375&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 10:45:03 GMT
X-lat: amspug004:0:2706
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Fri, 16 Apr 2021 10:46:05 GMT
Server: MT3 3660 495c301 master cdg-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:00866079-6aae-4700-aab8-3f87da7a5375&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 16 Apr 2021 10:46:04 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 2FAA
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6341490155026953278&gdpr=0&gdpr_consent=

42 B
769 B

160ms
37ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6341490155026953278&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 10:45:01 GMT
X-lat: amspug009:0:649
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:02 GMT
X-Proxy-Origin: 82.102.18.251; 82.102.18.251; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.83:80
AN-X-Request-Uuid: 68b95536-014f-45e9-9eee-009dc9de166d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6341490155026953278&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2FAA
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99a472d0-b04d-428f-a634-b694d1b7654b&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

38ms
37ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99a472d0-b04d-428f-a634-b694d1b7654b&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 10:45:02 GMT
X-lat: amspug018:0:385
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99a472d0-b04d-428f-a634-b694d1b7654b&gdpr=&gdpr_consent=&gdpr_pd=
date: Fri, 16 Apr 2021 10:45:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 672A 0
745 B 43ms
43ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Apr 2021 10:45:03 GMT
X-Proxy-Origin: 82.102.18.251; 82.102.18.251; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.109:80
AN-X-Request-Uuid: 9e613c9b-fdaf-47b8-8028-94c0308466f7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 2FAA 0
418 B 157ms
47ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158977&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Apr 2021 10:45:03 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/v1/prebid/bid

Domain: d.socdm.com
URL: https://d.socdm.com/adsv/v1?posall=SSPLOC&id=127399&sdktype=0&hb=true&t=json3&transactionid=d2251e83-cabd-494a-b5bd-f9ea049d4475&sizes=300x250&currency=JPY&pbver=4.33.0&sdkname=prebidjs&adapterver=1.0.1&imark=1&tp=https%3A%2F%2Fhinative.com%2Fen-US%2Fquestions%2F18830027

Domain: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=8496682480

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hinative.com/	1969-12-31 23:59:59	Name: hn_excurse_session Value: 2021-04-16T10:44:57.156Z-oxxu6owl
.hinative.com/	1970-01-20 11:07:21	Name: _ga Value: GA1.2.1216605840.1618569897
.hinative.com/	1970-01-19 17:36:09	Name: _gat_gtag_UA_452011_21 Value: 1
.hinative.com/	1970-01-19 17:37:36	Name: _gid Value: GA1.2.1470492240.1618569897
.hinative.com/	1969-12-31 23:59:59	Name: _hinative_session Value: dXI0cE1CeW5FbnROWWxtSWl4UjFFTW1PdFoyZVVUaWEvSmJ0a2pJZkQzU3pYYXc1b1dDSVpoQkhKM1YvaVRlOCtwcDVQbnl2SEpJTDdCVlZhdEZUVkJYYzJza1JGNVZVVnlkaVpva0p4cTBZTCtQZ0VoYlcrR3NFRWhsUllsaGJCY2Nad09MMEduOXNEODU2RkJPWjFXdEUyTXVWamhwWG5oeVczd0NiSEhkcG1XR1V5MGhORUNycTk3MU5uTFJnTm1lRDdDUThKM2cwWVA5VnpqZWE5QT09LS1vcjE0RFl2L0lPd2ZrRDRDd1d5S2xBPT0%3D--54268623a980923566a90afe8b105eb2682efec6
hinative.com/	1970-01-27 00:55:21	Name: identifier Value: 51232127401598181026282

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://cdn.hinative.com/packs/js/vendor-2ee8aa61c94238f31606.chunk.js(Line 2) Message: [bugsnag] Loaded!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4719d9be3cf638e690598ee512d36abe.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ad.as.amanad.adtdp.com
ad2.apx.appier.net
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ap.lijit.com
aud.pubmatic.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.hinative.com
cm.g.doubleclick.net
cr-p31.ladsp.jp
cr-pall.ladsp.com
creativecdn.com
cs.emxdgt.com
csi.gstatic.com
currency.prebid.org
d.socdm.com
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
flux-cdn.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hinative.com
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pb.ladsp.com
pixel.33across.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.flux-analytics.com
public.servenobid.com
r2---sn-25glenez.googlevideo.com
r2---sn-4g5e6nsd.googlevideo.com
r3---sn-25ge7nzs.googlevideo.com
r3---sn-25glene7.googlevideo.com
r3---sn-4g5e6nz7.googlevideo.com
r3---sn-4g5ednz7.googlevideo.com
rtb.adentifi.com
rtb.gumgum.com
s-rtb-pb.send.microad.jp
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
sessions.bugsnag.com
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
us-u.openx.net
visitor.fiftyt.com
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ad2.apx.appier.net
d.socdm.com
sync.richaudience.com
103.132.192.30
104.111.230.142
104.111.242.245
124.146.215.52
13.32.25.102
142.250.185.130
142.250.74.194
150.136.26.45
151.101.114.49
159.253.128.188
168.119.138.54
169.197.150.7
172.217.16.130
178.250.2.131
178.250.2.151
18.156.195.47
18.181.155.39
18.195.155.181
184.30.20.185
184.30.20.198
184.30.20.241
185.184.8.30
185.29.135.227
185.33.221.50
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
192.132.33.46
193.0.160.128
198.148.27.139
202.233.84.2
208.100.17.173
213.155.156.165
213.19.147.151
213.19.162.61
23.111.200.118
23.21.122.188
23.37.38.181
23.79.152.128
2600:1901:0:7a0b::
2600:9000:206f:ba00:19:2cf2:a900:93a1
2606:4700:10::6816:1957
2620:1ec:46::19
2a00:1288:110:c305::8000
2a00:1450:4001:3d::8
2a00:1450:4001:61::7
2a00:1450:4001:65::8
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:801::2006
2a00:1450:4001:801::200a
2a00:1450:4001:802::2004
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4007:2c::7
2a00:1450:4007::8
2a00:1450:400a:803::2003
2a00:1450:400c:c0d::9c
2a00:1450:4020:1e::9
2a02:2638::1c
2a02:2638::3
34.192.210.97
35.169.29.160
35.186.217.60
35.201.96.126
35.244.159.8
37.157.3.30
37.252.172.250
51.75.146.159
51.89.9.252
52.210.177.43
52.215.237.248
52.45.185.178
52.57.167.187
52.58.206.142
54.155.128.114
54.175.105.62
54.239.17.112
54.77.242.172
65.9.66.8
69.173.144.165
70.42.32.191
72.251.249.14
77.243.60.138
99.84.156.103
99.84.156.16
99.84.156.52
00dd73eea0213d99a6ab3f5dd9e7674e0900f1256dbae7763d79be52e0975a26
0189acce4e2d92e726249143edaddfa4e3a07b637b72e55da5719639deb7063c
02ec79f33c55cef9be6edd3c069dd9f34c99d016d35ef230031662155d517195
06692a5ddac9769d576a854810abe23b76d6065cda8cd03aa71aff953d27f63b
066cd0f37b266f5d0059963295ab279890b637078a462f63662bc4eaefd23484
06ba26b4755ece0fb20384a6390dcf606779982cf9c170fdafd2a2071aea2f0b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0be66e7d40057fe960ef3bf0732572b78e997497c439124f03f9033e2c68309a
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
101ff43bf916725af56a85e671473849e8b3099b7a58f24ffd71836dc96cf08d
1152be785978aa809034ab61de86ce4d03c5a301c95e96995e336d2462832a10
11ab0272476b634ed9b205e6fce92943fefba351ca9cc9750cc246c2fbaff39d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a786fdabb8f6a7dd3ffdb3c24599fc0a639c434b47f10cb3d7088abc13471f
14266540aa575e640ca2b7cd8eb85b01761666c03f4709f99a4fddaefeae0b2f
1b3aa3c86e5c11afeae88efe48e0bde1523b57d716466f8f58671f1284c969d5
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d7b42125066267ee7e6450f3690e9f66f0eec6848a968113dfda4ad9fa32eb0
1dc2b77a11cb5084fed0a62ad294a9f864edd374a2c092a524ae8a9813e7a021
1e921f1dbad0a3e3afd17bdda77e62b0e5674f7c46fa622b34d8d14764da2524
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
241d8e3fdf13d19e35f50866ebb6e9a6a27bdb3fb4c6da0a698dbd94dc763ff3
2b1d5ef5aa0e02754213bd12266f53c2739554747db14284de39304c2e1fdabe
2e73663f64a1d1e5b34489d0eebb6d43f123aa4b004211cc2062c0c1061b3527
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34afeb13ba8533227780dd9a7ccb2e0826c003b76d8b86deb6b80b2611356424
358e75ae40813fa07846b47995b9d224d0105a58b6c4e1ec4796f6b2c11e528a
365344a681f881c2d36db7a5f12d207cdd43aeea84d5b937c02d1296780911a0
36e3c64875e18bf03a73f297931f0b2d7bc2ac7bcf8e0f66d29a2b26dd357ce1
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38986e848a4addd02a466f3d8ab2f34d2f8f0497948fec7a853a5154b7f9dce0
3aa1174a7c4c6696533ee840312b05ff8dd9e183d745d36d72f9c6b1f2b7637f
3c47fcecd1833285b278af4323ab8e1bbdcef7a9c2bd44065e826bfc11884de4
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43ac730a0dbe335412c1db0ed794481c5b5f5b471c9666760d1cd5c2a91274ca
447988f7be5cbb6851576ab23623f2114fc49dd7a93ff93115737b3a7d93a46d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4aad518a9e4db9e9a4aece22d6a51551aac4f6cd95e5b5f4cac708c98c1c8c06
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b696d7f2835b35b4cf7779a7d07fbb2047362c2d28c959001dd4a5c558a40a2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0fd989ea582357754166789b3e0a896f231d21f237a6356671492f4b2bec8c
501bb884689ef574219a29d5701fe0180f42ab2cb78c23436818eb563fead693
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51366b91654054d4f6204cfcd692d399effdd6dd38b5f0ebeb6d070b3c88ce66
535dd672ffa99f83adf977282dd1a33b7145b91e35328df5cdc6a4e3f293752d
5574b7b2b33e0ea3ff3dc730c2e9bdc0120a8bc048434690e5bb2b892f26378b
5a522169cfdfbc213b05739b57073f2f51f97c0fae8cf2feef524c4e1e03364d
6039b2cbe3d22cacc7c1aa44b567bffe633a23752326a1c53070e6e7c1c4a2e8
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61e69fedecc3630d083ede6f04a0148c3b8f968afc684c9a9bba5e014eec4af2
66c5f894454c1306c3a81b8c080f9875f03d92b13902c85d27a03448c36d8d30
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
696f2ae2d6b10bc9948443a31844a85224d226a656529154c28c6df92e8a9fa0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cb206604c783f4e1ba6608862b9cb565a13e7c29925d18bd594c243c98d3b70
6ce2229e8f5ded997c947036b18d2433ba635c0c0997da02b8e940d13aab91b7
6deacaf15b0f30663be96662566366a4030205f2289105adc1b856e901e6d133
6e6421f2d034cb3f2c6f59d016c5e0243267029d193cdc23e5f5309a49ecedf3
716bb0629be1f6a31f3f6af4ca0d07156adbcb7226ef49e6bf8212278637c3c6
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
76680ac6ec4cc807aa8bc85bcfd0c4ed4dee3f2d7f616cde0257e9cd05cd4587
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
775e502556a8e04427e9120e315f88a7fad6080b913da183fc200e96f0d3ebe9
7761d934415231a42d6179886b22ec72d193a4e8c9b712a7c01ea39ef408fdf6
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
78e5d732d75393501f145dc3b8a0b26f1dcfffcf6854013dcdeb444f3d26d73b
7c4633d2bf1c5c299b332e539814d5a2296afa6ff5d2a5966479621982b97791
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fdc252a38284481f22cbb240b401260d7dd6c44345db96bd9577f8374e59f2a
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849309795b4b1689fed5bb2a126fd92aa868aaae08d3f83c72c499dcf263c6cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8666ce5927ea693026d10c34099685f4cf55f4ad29127be9cf2ff70282c7fdb7
879e10168ed4ab25bd5114d683aba07c780ffd58480f2c29cf5b037dc54fe64f
8867bba0925a430222a8608d16cfbaffcaac3c3d107e745f3ce263b42c53e26c
88def5711cbf82ce2bee4fbcea58b426cacec4391c30bb9c937379e680d6f04f
8c30897ea16d135967cbabb2d7e76c1153175f3d403f9d49d272a39248f2804e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a
8f6f549d8121eadafba3e43ee0e0ed2b370b2ee8ea5c26e98977f8bccd55dfbc
92afb6ead899ef561eca07a2a33f7e2f7611e9c050d62a6306f56334090e788d
94d8a7cdea2943b11077cf371e58afedc99b38e288778d2129e5510c453d5bf3
952cc48a08d19a8b25d7ae2978062a977005c09ec74f28f6b5ebc5f0d510ad5d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e4407962ae8468dd999b7c99ad6fa2e5e284b30d1e1e25954716ee06c743cb
9d3b8caa08f7aa4a413c0223ba7caa801a4ffb28d4b26b3ecbcf7f7a9adf0ea6
9de198aa21f39bc2433bf99366734057a71bdf7d3e1c93faa9f3ceaf833f3ab4
9f47d36468bdc2e7307f13dc8cfbe14203b6a5050918e833534377eb9956989b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0b73529d7da4c1a8d82598845d35b5dd34f6b0b1d67847df8c0262cba886a1d
a14d1a7f7fa4b8ccbabe55b417ddc660997ef1cb5290f94c7f4f39c69bb640fc
a19b71be634139449585d1be218402fe89225920666324d12681a1c81d01649e
a329286a927f4f0b9ad1bb7365560a00d2e4feb878f630c0963cfa5eec0f7c38
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a572a75a15e12c3e6c84837e96b118c63dc95463e7a1d422d3e2fc45dec75b77
a6274d3d2de3f15ac58ea3f85c7581d9d71b13d26de828f6a40008121c2508bd
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7dc1818b192d4cef7ea21ede4002690a5c8e7ed2727386e9980cc232cd43d4a
a80cccda28adcb9a7f25ef969a93a669f9b5e9a3695aaa0cb200fd32cb9f634b
aa5ade5e4cfbbfdc9ae3676242aa9a18ac6d69a5014a6514510e24214fc7b4c5
aab475e61325aa8b10d5fc1127dc89c6562731d9a0dbd32db36b85a5e792ced5
abad0cadaed2c2e92df5d56d60dcdd21b82343797a43d73af49381aa1abfb047
ae9d1b5881713e062fec4d967c72a8faa1a5a5ef8a060f7f08633d7c31ba0f56
af84b1c3e80ce2c876649e94cbe55745b37b2ac963e32659d56774316df0e661
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b2f1b39785fdad8e448d3dc5bd970defaf35afecea1791531000ed9de3c1f10d
bd3fa44df19932bbcb238e503ec4d16f14151be1ec021eeac2cdad2bc0685889
bee56114f9f3494082ec899968de9b844bfbffbb6ca61ac1eadf3e6f23ddb420
c07a899d01c4a24bbbfddc06be70e125e28fadfdc1052cb3bf66d82e60653e39
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
ca5bee3cce9cd1eeafe3595225255823e2d0db86968da1355fbc34c39d2da3a3
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d002f7879a041c7dc85f286274400dd37e3e4450fb13378f35f4c91a50f6e294
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3c28ede77a8e618a6527525d90231d67937b8eb47d308ab9c6fc39650328148
d5ecb423a9abf2db69cd65460c3c2fb74c02f6c4e1dc2c6a2477122e5bcc7e98
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
d8562274d87e86fe80e457d1c04ec73fd6cac0c697916b7ffbd7089d104131f4
ddbd9db2b3c2bda537c2f70e72c13eea5d32e617ae8f75ea165efdf65b5a67d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df66cc8b39f9dece3c2f22e244e83129fe5a0cfa44978a58ee371e91386b3f0d
df8f27de3d0224c3880364fa79abf192fd6eb2bb58b525d9c78ae72b8cd058b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5162bcf4e1011a5d8df3cc074fc2e3e848b477f2cca7c94ef449bbcae1c876c
e7168330bfc65f7f8c573c9d28989b70a6924ad208a8ba2b305888b9a736c3e7
e7d76c60c8718d37f86a38e8336e2339e54e2f3129ae7cc4ff248ce591dd06bb
e7f7850d50d36b2e310895503568d179944bedaa5317610f1e2b3f59dfce47d0
eae68a8b34bf4a213b8dcf3c09109065a951e7c9439e5430dc1a42b79c60d4bc
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
ec0f01ea70d6a324eba8856e4c51cc836904c06e4dfc4e1323fb9fd096d128ca
ec4e5976da9cdf8ada9ef2329d7755b7d5698196b5a5d3e0f6688286bc248a1f
ed4cb114d841ebaa730a9bb63b32c93e2d6e020c255217b7c716969b8e7a66fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f741ca49a8ea1e90a3d2a89099186a43388a4762cf20bc3c6737311b848e1bd0
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7c7e2386b07dc1d47840ed788d4290165a9989ef6f38e74a99d5a1fc0ca22f5
f9b0195ab22815c68db0b05e89abfc88fcb0b46b8b9a28d70ca731f17e07053e
f9fc9f56878928de6d68f6e83b51d75256054f7f05c4d30b18b10248d4c5e07a
fa385535d382144027f72430c09dc6f5a8df30bb1e2e057ad14d198ef64aaec6
fb28083ed9717d0e1541ec0c6521e2bb18e95797c81a646341cd26fae218b67c
ff2224fbc10cb214d426eb791aa6d97010280513b0264a3d42d87d4255eaa19a

hinative.com Open in urlscan Pro 23.21.122.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

330 Requests

99 %HTTPS

35 %IPv6

68 Domains

105 Subdomains

82 IPs

13 Countries

6503 kBTransfer

10190 kBSize

6 Cookies

15 Outgoing links

Redirected requests

330 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hinative.com Open in urlscan Pro
23.21.122.188 Public Scan

Screenshot
Live screenshot

Full Image

330
Requests

99 %
HTTPS

35 %
IPv6

68
Domains

105
Subdomains

82
IPs

13
Countries

6503 kB
Transfer

10190 kB
Size

6
Cookies

330 HTTP transactions
9 data transactions