theinterview.top Open in urlscan Pro
18.158.98.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://theinterview.top/
Effective URL:
https://theinterview.top/
Submission: On October 26 via manual (October 26th 2022, 8:04:03 am UTC) from GB — Scanned from GB

Summary HTTP 264 Redirects Behaviour Indicators

Summary

This website contacted 60 IPs in 11 countries across 60 domains to perform 264 HTTP transactions. The main IP is 18.158.98.109, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is theinterview.top.
TLS certificate: Issued by R3 on September 23rd 2022. Valid for: 3 months.

This is the only time theinterview.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 54	18.158.98.109 18.158.98.109	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e0:... 2606:4700:e0::ac40:671c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	72.246.168.124 72.246.168.124	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:3a00:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:e0:... 2606:4700:e0::ac40:661c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:207... 2600:9000:2078:3800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	88.221.169.143 88.221.169.143	16625 (AKAMAI-AS) (AKAMAI-AS)
19	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.208.243.53 34.208.243.53	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.225.78.47 13.225.78.47	16509 (AMAZON-02) (AMAZON-02)
1	3.131.70.143 3.131.70.143	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 9	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	52.49.202.27 52.49.202.27	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 4	54.220.95.67 54.220.95.67	16509 (AMAZON-02) (AMAZON-02)
9 24	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
6 10	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5 7	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
2	74.125.206.156 74.125.206.156	15169 (GOOGLE) (GOOGLE)
2	2600:9000:210... 2600:9000:2104:6600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:1f18:1ac... 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7	14618 (AMAZON-AES) (AMAZON-AES)
3	3.67.250.232 3.67.250.232	16509 (AMAZON-02) (AMAZON-02)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
1	2a02:2638:1::1a 2a02:2638:1::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	198.148.27.134 198.148.27.134	19189 (PULSEPOINT) (PULSEPOINT)
4	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
4	104.22.69.131 104.22.69.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
4	18.193.141.251 18.193.141.251	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
2	88.221.168.201 88.221.168.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.123.150.182 3.123.150.182	16509 (AMAZON-02) (AMAZON-02)
1 1	52.203.140.205 52.203.140.205	14618 (AMAZON-AES) (AMAZON-AES)
2 2	178.62.202.251 178.62.202.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5 6	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
1 1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	162.19.80.92 162.19.80.92	16276 (OVH) (OVH)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:e223:977f:5d30:1217	16509 (AMAZON-02) (AMAZON-02)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
6	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2a02:2638:1::18 2a02:2638:1::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
264	60

54 18.158.98.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com

theinterview.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:671c (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.246.168.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-124.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:3a00:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e0::ac40:661c (United States)

ASN13335 (CLOUDFLARENET, US)

basher.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2078:3800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-143.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.208.243.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-243-53.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-47.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.131.70.143 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-70-143.us-east-2.compute.amazonaws.com

prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.130.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.202.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-202-27.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.220.95.67 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-95-67.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 216.58.212.162 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.210.153 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.206.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:6600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.67.250.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-250-232.eu-central-1.compute.amazonaws.com

pb-server.ezoic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.134 (New York, United States)

ASN19189 (PULSEPOINT, US)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.22.69.131 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.193.141.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-141-251.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.150.182 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-150-182.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.140.205 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-140-205.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.62.202.251 (Amsterdam, Netherlands) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.245 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.80.92 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:e223:977f:5d30:1217 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::18 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	theinterview.top 1 redirects theinterview.top	347 KB
46	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 bid.g.doubleclick.net — Cisco Umbrella Rank: 444 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317	335 KB
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147	178 KB
15	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 794 static.adsafeprotected.com — Cisco Umbrella Rank: 594 dt.adsafeprotected.com — Cisco Umbrella Rank: 546	201 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542	8 KB
9	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 495 image6.pubmatic.com — Cisco Umbrella Rank: 671 image2.pubmatic.com — Cisco Umbrella Rank: 894 simage2.pubmatic.com — Cisco Umbrella Rank: 706	26 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	140 KB
9	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 3938 cd.connatix.com — Cisco Umbrella Rank: 3576 cds.connatix.com — Cisco Umbrella Rank: 3681 capi-tier-1-us-east-2.connatix.com Failed img.connatix.com — Cisco Umbrella Rank: 4272	434 KB
9	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	1 KB
7	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	7 KB
6	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 627	3 KB
6	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5147	1 KB
5	yahoo.com 1 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1155 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426	1 KB
5	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786 bidder.criteo.com — Cisco Umbrella Rank: 763 dis.criteo.com — Cisco Umbrella Rank: 679	8 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	62 KB
4	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 998	629 B
4	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 5778	416 B
3	ezoic.com pb-server.ezoic.com — Cisco Umbrella Rank: 4841	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	140 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3373 google-bidout-d.openx.net — Cisco Umbrella Rank: 3217	573 B
3	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1623 m.addthis.com — Cisco Umbrella Rank: 1571	141 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com Failed	3 KB
3	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 8146 basher.ezodn.com — Cisco Umbrella Rank: 8569	102 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4553	562 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	87 KB
2	dyntrk.com 2 redirects c.eu1.dyntrk.com — Cisco Umbrella Rank: 5015	1 KB
2	bidtheatre.com 2 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2435	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 765	2 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 7026	238 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1160 bcp.crwdcntrl.net — Cisco Umbrella Rank: 818	10 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 948 pixel.quantserve.com — Cisco Umbrella Rank: 516	11 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	265 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 841	610 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 3981	290 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 40043	611 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 578	539 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2865	104 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1392	1 KB
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4694	612 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 777	363 B
1	contextweb.com bid.contextweb.com — Cisco Umbrella Rank: 2621	513 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4187	1 KB
1	uidapi.com prod.uidapi.com — Cisco Umbrella Rank: 3897	5 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 6602	2 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1193 id5-sync.com Failed	17 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 3439	904 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 680 csm.fr.eu.criteo.net Failed	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3591	8 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1822	207 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 404	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 876	631 B
1	ezoic.net go.ezoic.net — Cisco Umbrella Rank: 9406	2 KB
0	a-mo.net Failed prebid.a-mo.net Failed
0	spotxchange.com Failed search.spotxchange.com Failed
0	onaudience.com Failed pixel.onaudience.com Failed
0	amazon-adsystem.com Failed aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205 Failed
0	mathtag.com Failed sync.mathtag.com Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
264	60

	Domain	Requested by
54	theinterview.top	1 redirects theinterview.top
24	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
16	pagead2.googlesyndication.com	theinterview.top cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com tpc.googlesyndication.com fw.adsafeprotected.com www.googletagservices.com
13	tpc.googlesyndication.com	theinterview.top cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	securepubads.g.doubleclick.net	theinterview.top securepubads.g.doubleclick.net cd.connatix.com
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
9	s0.2mdn.net	theinterview.top s0.2mdn.net
9	dt.adsafeprotected.com	cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
7	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
6	c1.adform.net	5 redirects ads.pubmatic.com
6	googleads.g.doubleclick.net	cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com theinterview.top
6	adservice.google.com	securepubads.g.doubleclick.net
6	adservice.google.co.uk	securepubads.g.doubleclick.net
5	cds.connatix.com	cd.connatix.com
4	image2.pubmatic.com	ads.pubmatic.com
4	btlr.sharethrough.com	go.ezodn.com
4	prebid.smilewanted.com	go.ezodn.com
4	c2shb.ssp.yahoo.com	go.ezodn.com
4	fw.adsafeprotected.com	2 redirects cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
3	pb-server.ezoic.com	go.ezodn.com ads.pubmatic.com
3	www.gstatic.com	theinterview.top cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
3	www.googletagservices.com	theinterview.top cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
3	www.google.com	1 redirects theinterview.top cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
3	cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	fonts.googleapis.com	theinterview.top cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
2	simage2.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	googleads4.g.doubleclick.net	theinterview.top
2	connect.facebook.net	theinterview.top connect.facebook.net
2	c.eu1.dyntrk.com	2 redirects
2	match.adsby.bidtheatre.com	2 redirects
2	pm.w55c.net	2 redirects
2	ads.pubmatic.com	go.ezodn.com ads.pubmatic.com
2	static.adsafeprotected.com	cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
2	bid.g.doubleclick.net	cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	theinterview.top
2	capi.connatix.com	cd.connatix.com
2	oajs.openx.net	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	basher.ezodn.com	theinterview.top
2	www.google-analytics.com	theinterview.top www.google-analytics.com
2	s7.addthis.com	theinterview.top s7.addthis.com
1	img.connatix.com
1	match.adsrvr.org	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	dis.criteo.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	s.uuidksinc.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
1	cs.media.net	1 redirects
1	fksnk.com	1 redirects
1	cd.connatix.com	1 redirects
1	onetag-sys.com	go.ezodn.com
1	bid.contextweb.com	go.ezodn.com
1	bidder.criteo.com	go.ezodn.com
1	hb-api.omnitagjs.com	go.ezodn.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	pixel.quantserve.com	theinterview.top
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	theinterview.top
1	go.ezoic.net	theinterview.top
1	go.ezodn.com	theinterview.top
0	prebid.a-mo.net Failed	theinterview.top
0	csm.fr.eu.criteo.net Failed	gum.criteo.com
0	search.spotxchange.com Failed	cd.connatix.com
0	imasdk.googleapis.com Failed	cd.connatix.com
0	capi-tier-1-us-east-2.connatix.com Failed	cd.connatix.com
0	pixel.onaudience.com Failed	ads.pubmatic.com
0	aax-eu.amazon-adsystem.com Failed	ads.pubmatic.com
0	sync.mathtag.com Failed	ads.pubmatic.com
0	b1sync.zemanta.com Failed	cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
0	sync.srv.stackadapt.com Failed	cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
0	id5-sync.com Failed	cdn.id5-sync.com
264	89

This site contains no links.

Subject Issuer	Validity	Valid
theinterview.top R3	`2022-09-23` - `2022-12-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.ezoic.net Amazon	`2022-01-16` - `2023-02-14`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
invstatic101.creativecdn.com R3	`2022-07-29` - `2022-10-27`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.uidapi.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2022-09-26` - `2022-12-25`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.ezoic.com Amazon	`2022-08-30` - `2023-09-28`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-05-08`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-04` - `2022-11-02`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://theinterview.top/
Frame ID: 214F668803C3FC557B5684A7946A6B19
Requests: 133 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 442EDFE3368058B654B976D3C479D838
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 6678FF5512FDA9DCEE6CCE82F3B94281
Requests: 1 HTTP requests in this frame

Frame: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 60191542CE9D1C67645861443FF45265
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=theinterview.top
Frame ID: 488E272D7905B2F1C1517A1DC401D3FC
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: FCFFC39DAADE045395A232C0050ACD59
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1340AC91DC245D32CB300A40990945CA
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F2DB3B9211BB70ECF1C7356D99351F65
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js
Frame ID: C45A4BE190E25C076FD66661D4A29E01
Requests: 1 HTTP requests in this frame

Frame: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ACB27E3A64D8C28976FC0EAC37397C52
Requests: 22 HTTP requests in this frame

Frame: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 02E012FD2C8F5766F0B7FBF9F4046438
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuZmXARiTqfjQATAB&v=APEucNWDJjYfgKAmmPG-ZFYURKgXZfzNPkr0JiQkKLMW0kvf8GPijPtYaheaE_wcv2-Lc5OfHYJO03D0BoRk5dv5XSXYjV4R9kF8LiSB8PEHZP0ZGXcVcpMFEGJU4g-sB94DuYSAGfvaTV3qkWUqyjcae8CW_YXCrK_EBjy94FFbQCi7KZXydF6gdv-6oVID3ce2XrDE_W65PU385yXtICYqrJmj81Wo7Q
Frame ID: 56B92F981830F8E16F1FB2032FB6B46A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuZmXARiTqfjQATAB&v=APEucNWNRvVxA-8um-pTKZytqaQW_P6jUvLIus3WOyFsTfdw0hi8ZJ3V1a5P4pgIuPJ300mFxswgcI8QrJ0zQhwWgna-9Ag8mB7p56-Sl-5plPIoMOusl4gXdKPzUhU1-u-T7GelUKKZ_sW8SBKZ2fPPcKmE2EZeCtc77B48UxBm_d9x_MYGqJGi44t0s7zH0MDTDbXwICCwdW5fz5p4EB8yHzl-f7Un1Q
Frame ID: 4B19AAC55684C9BFE2D702EF4DE04DAA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CF33B8AD55B3CFB93BB94D1FA645F909
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5457ACA88F8C270EFA0FAEFE8DB7FF9A
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 825E9C1865D14BB5BCA9CC701FB75D02
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6EF695C27AFAA146C9D98B8591C8350A
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/193450/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Frame ID: E04AE20566DA57A4A1AC3C434FEC2E0E
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Frame ID: 978EF035AF4810B330114F9283CC6D7E
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D322BEC97A5A3D155D6AADBAE25BBF8A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D91DCCF1E360F1A54DE94ADDD3BE726C
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11228725504373706873/GLBL-ENG_CC-01_0_728x90_BAN-A_HTML5_TOFU-no-CloudNetworking-NexusCloud-Networking_otrdnc029639_105/index.html
Frame ID: 17B0B2F784394665C03D8AAFF000FBED
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/index.html
Frame ID: C459E38891EDCF835130886B6E3642E6
Requests: 5 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9
Frame ID: 143BF58C180FDE562086C6D069E8F9CB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7753244243191347369
Frame ID: 7D1262D45FC02AB1AF80F1E21825B1B8
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 661EAF00946ACAD5F882EDA5311FCA7A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 74E02F7F5165C1D2C23B5C098D5A5D40
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4976083974368326627&gdpr=0&gdpr_consent=
Frame ID: 89509BB4D3CE317521F71D2D6B02E8C9
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 77339F9B515E17E3BD56ED396C7CBCAD
Requests: 1 HTTP requests in this frame

Frame: https://pb-server.ezoic.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9
Frame ID: F24FE8A8C32E97A2567C92FC08DD4FCB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://theinterview.top/ HTTP 301
https://theinterview.top/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

264
Requests

82 %
HTTPS

40 %
IPv6

60
Domains

89
Subdomains

60
IPs

11
Countries

2308 kB
Transfer

6936 kB
Size

73
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://theinterview.top/ HTTP 301
https://theinterview.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://oajs.openx.net/esp?url=https%3A%2F%2Ftheinterview.top%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Ftheinterview.top%2F&rid=esp&cc=1

Request Chain 96

https://gum.criteo.com/sid/json?origin=publishertagids&domain=theinterview.top&sn=ChromeSyncframe&so=0&topUrl=theinterview.top&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=3ScQhHw5T1ZHNzRTU2ZoalRUdXN3OVR0Y3I1ZXZ5TDl3cXYwTGVGYnVSR01qUTdISTZLeHVaeUVXMCtMemwvalpzNCtlUkRUcFJNQkpwM0FtRmR5N2lFN2FuZG1YM3lxcVc3ZTZyUDlXV0dLZ2hJQ04vbUlNYnphcGEvRDFOdWRWUHZRZUNoN2dmaUUwVngrUnozRzVwNjVQdjQxM3B2UWVxMDR0L1FyQWJTajFhaFJaSFFwdGNEbkRTbmxhZzZjVUZlK1hIdHRFM1dCQnVMQXJQNEVXVWdLaUFLdlQwVDU1Vy94M2ZLVm1ZQkVyVHhSVzhiU1BLdG52OTJ1OWhjM2VHdytxRmJFMm5TckJKK1lGUnJlTDZtOHpWQT09fA&cppv=2

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1&C=1

Request Chain 133

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1jp8C-4cPFSGnwwl3DmoAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAUscoSt4B5A0ueqYPWQvo0&google_cver=1

Request Chain 135

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjA4Mzk3NDM2ODMyNjYyNw%3D%3D

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1&C=1

Request Chain 137

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1jp8C-4cPFSGnwwl3DmoAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAUscoSt4B5A0ueqYPWQvo0&google_cver=1

Request Chain 139

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjA4Mzk3NDM2ODMyNjYyNw%3D%3D

Request Chain 146

https://fw.adsafeprotected.com/rfw/bgd/1132697/64943729/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-AqojwaCP09I2ZTi3aWf02VCt-nFfhblWk0QbhBNMQWmTvMRXhbDAFsg0VBF9f_aCMTwwyzss9Ei1Pz1NifMRZNzUfDsMvqSeYr-IRekfKfvJsHs_qApubwrHrCKmRy2DVHN_ZMj5J3HOTRjAod-GEpSeGcl8h8ReEAr12QP8ENIfKmO5AS-RIAoCZ_4Aof9_E-mqdKjWeQoPjA3PY6MQxPoY3WP2alDWjSkqYhjJ5Rj6W1QULDObtx2RgcaMtW8-pQaM-bjFEMfpHK83E25ty8Dem9Erz_DbWEFXilznrWCnfQFm2BGEFY2ZSzp_usCY09u6oR0jyipUF6MortQZcFM-bRWcKTrorzkLSwPEx-bUb8VZyzvQDKCunLxKeVrvaUXo1u4NW7dDxGKxf8ZCLhnjCQOsMXgtx-biJPodmT4hnDTvAvGfURj9eF0CoISMeAEsw9Cy9ifglmksX66cjI3NGqXrtd_v5nsmZswyf41HpTyKznHSqDCphFOeNw3tsoczO_xjot7Df1_YLXTEOSa-6MBOlwo2nA0EHQVAinnLCT4rFpnUWoELcoClSxwtcGbBRont6PJCItCXqyhKADxT80Omaxrn1rpnQ6qfGnrxedumG_ukl6zGqEs1H6rmwx5t_QYMDaGVa69hF5Hfvx2XjpL8aL4iVheBC9aHZu6eK2rWq3B1IXjDs5EaEvzU5nf-vnl4XfYDT7f6FIjsM6TIxpHSSM4PKqHWJal6Fiyyi8q3hW0QIunnDx_TjP8orXsi5yU7-D-EmjY-gHMlJoSZzMsckQdsuAzlcsxoGLqW2G5TF3Vd_gCPb9rOIdzvoxHaEyEK_zzViTjHBN-V8ew6374KYFLUNenOy9zNtEgJDW-z5DPx8Svgqdy6k0h9OERyRGWhJJjjzjLQ-OnFL9Y2sGU4YFdp42Js15362sj36Wzuj3yZzvApZ2hzcwdNvEYXmERrCH2F1dOp2B9Vb5IpvYSq8iZdZXyfDMmICP1yPcqXNlubQ88cS1Reqyg-HupO5UfAMfZphqsY1au6lXW2kNM4G--gVJbD2s7y2RGyYDuALlZ5nSqw7ENfIOlgJW0cNfPWRKmgmUk25Mjm1zfNv-cGAG8oiocIgN6rGVJaMkYCPgNnUW4C4iQ0umz6M7AKx6RyvU_dISYprwjNC3UBUqhBMXbU5qsB2TiLutnQHXNWrGaNr-pVPKxjTCv0P7gEZ9ASFtg4GD51IV208ftmiesqQZWrByG5bobbSsUMhoub0vsilGYHRPF-LD2GukVzgY4VoYIn8kKR_JI6Jr0MG2Jbysb1Qwc6ZZeg3PWsU8tYl_ds_8a6R30SsLxyIz6EEtf_XA8KyxCKQtv8cOdKDmu_lZDo5Y44NYrPrDtShyAb2IFAPtYfPj01P6l30OdGEuYTqg_pX6GBM67LA57Alpj8tZXEwUhLFmjKHk8ABkcdxlFm2DoA4X-zML9Vnn998xDOiZti_2j632kPvYE_FlKLp31ZpvlWyUdIz9SVJIBvnYrqDAgR1tCX4umXw_Y8DtRt18slJSbVx0ndG5Ui_Ew2BOrbKadF6_9NNd2OZ1T0yRjPPulSS9Ygnv7gOCtdgo2pPJXsM577TtikTBCXUeeehucDDVhcdxHvbiN45zDTA_sng66fMC2RTArbqTXsfLQWXKGxqaownA9YpLeuky2nnL0gHOWWU2dwKwPFg2feREU6miZLqf0K1Woq7cwcaZ9rzvBXvsfMId8M7N59EcDAJzDP9BvvhGvtGRDUcUtgwjtOOMWS2oWCeQc2SExd71nO_SvwxiMK3aiTPds5mehezCB-P7tA6_NEl40HUCed0x_SadWc-sKtw0Qc6rmI5ddjgDKwqUn7lGd4xJ4p4juicYFkTlOEXSnBNZ_A4VH3o2VB-CA9353d2ECWGrrvRy26WbBZUHssREIeNIdA7kYQX2oe27-8Xpa3l9hp_4ZXB5a10cPBLSn0EoHqVy4o_ahauNIUWY4VdIICrdfe0bWHIIiEewwwmiSCKMctcl6Kjn6HkbBZdy0WL_wJeKXfN-LbHbpT5iBndbwrgL6XWoRaHLHrVB2Lhh0RHVOcIvXUL_2Kb2WXSWZrX2mSUkhD2JiLK6IQDQ4Gvrz-GYeI1IjidoeJnGhuiz8ephHGKSg7JjCfm59tdJ_PJ1RZiFa6kgwoFR1iCDbl7kGne1ZxNK845pRUbwVbiPjn0S2SlOF0aSGVNInlSgoI9O4YJxqmHL9lt2oWd7WyY16Y5ylh5j_4DrqxFpNw_nWJCKA885yufSqSK5ZOvyFQmUQ6BA8E0ruTEt24Dco9dHU9b_eEeijySm5lofbsA9oxSPiNqqOtGK--dtks4p5Z-3X8RzxASDf4_kLOT9wonHzdpwNas4pW7rH-tvLGtcXVy1nCRqTigI4Als4gnB-zhDLcc0HyTV5lngPuCaIv9HiBY1mfr0rP9_8E9_9N3gAFPQaBUloF9Q3rix-RNfy-TvzCcu6B1zo1DDuu9bS0Z_VqrLWNRD-CiFe-I_g5iZJEcuMvwtqRENfRP_JZa1QnWs8zASp1ptaWG9qZ1DM1Ihw8P68U5K4MgG_mcS-uN1ZMjIo-n11WW_es2gk5uIBkGttd6EjP9BnfDN9K04nuDJGJ5ZbvsHS8u7Kc7SqAWMXbzhQhDZtzpYSrVQntusjRR2-0wnaiBdcG0bREhtYxrnPFVADLmaeA_tEIs6Wm5ex_AukYSRiTEXJSCom6A-wSFuvrmvg_sGpp-VW7ii3Sh61N0Lavof3mTDIIbblUgKfIUS7u1qrT4AvCzV0qlN-5Gogfz_V8NLElx9SiV07fWt_9Z3l7a9aSDGtshr_hA4kGyuHZf-OkDvtQsgCQGETPtN6Qkmenga41t6IFNHJTq86P4hE9gARYF8KFcQSNhlFmZSj-1OJI7NEJBEahYIGSXLBlz-9m8Iw3eCXcMbmCBRN6uC12qS50HWNNNUDDn8rIru7ibERRcxGEKBlmxJLi7KUc8whCA-tOkOTLgEesHYWud8yojqeHNxBexRiCGcurW8wDweV_j4iaZ4QGokOZL_FQgHt04PWLBw89naz_ltZ5iGrIcCZ1DkSx1xCfwoG76if1C0NIThovAXeCNLxL_OXjYaVSpUY9zUD5nZ90BTfzj_NjY6gBGiYfwK8lBJBWwuQGzjhPMDMLWYLohpIwdcSk33V6H2dKLulaOoOqXDh9SZwUJJ1zm1l2ELk_ksmVaq4_SA9wqzH-WZdrmf-xOFHrU7WKrd8FoJIuuV-KDQ0EfP7o0Tlpmk5z_IQ5BaSBxSE16gMinGRwC03NLaKsYXvX35xxPQRBdsLEScq_cFs-ohhZuaSLh2tIXzIVn6J6FB8XJRR4H-ykK3Tg5TBc7g1zqAHOX9lG73VpMC3F7uzw8KGigIABIk5GjPt5yXms6UFmRYovX7xvZ7IsgFWKotqXaO7ciGElA2jN2-YAE&ias_dspID=3&ias_campId=1008765121&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=18081294602&bidurl=https://theinterview.top/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g5RdX0wd5AaxYfbjv9rMRT&adsafe_url=https%3A%2F%2Ftheinterview.top&adsafe_type=y&adsafe_url=https%3A%2F%2Ftheinterview.top%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fcbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fcbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:99885c26-b48e-35c3-45e0-c085d380f567,c:s8qtKz,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7577479748-9xz8z,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tlm36wn+11%7C1211%7C1212%7C13%7C14%7C15*.1132697-64943729%7C151%7C1521%7C161%7C1621,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:bff2e4c8-5504-11ed-84a3-b60439ba132d,v:19.8.358,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-AqojwaCP09I2ZTi3aWf02VCt-nFfhblWk0QbhBNMQWmTvMRXhbDAFsg0VBF9f_aCMTwwyzss9Ei1Pz1NifMRZNzUfDsMvqSeYr-IRekfKfvJsHs_qApubwrHrCKmRy2DVHN_ZMj5J3HOTRjAod-GEpSeGcl8h8ReEAr12QP8ENIfKmO5AS-RIAoCZ_4Aof9_E-mqdKjWeQoPjA3PY6MQxPoY3WP2alDWjSkqYhjJ5Rj6W1QULDObtx2RgcaMtW8-pQaM-bjFEMfpHK83E25ty8Dem9Erz_DbWEFXilznrWCnfQFm2BGEFY2ZSzp_usCY09u6oR0jyipUF6MortQZcFM-bRWcKTrorzkLSwPEx-bUb8VZyzvQDKCunLxKeVrvaUXo1u4NW7dDxGKxf8ZCLhnjCQOsMXgtx-biJPodmT4hnDTvAvGfURj9eF0CoISMeAEsw9Cy9ifglmksX66cjI3NGqXrtd_v5nsmZswyf41HpTyKznHSqDCphFOeNw3tsoczO_xjot7Df1_YLXTEOSa-6MBOlwo2nA0EHQVAinnLCT4rFpnUWoELcoClSxwtcGbBRont6PJCItCXqyhKADxT80Omaxrn1rpnQ6qfGnrxedumG_ukl6zGqEs1H6rmwx5t_QYMDaGVa69hF5Hfvx2XjpL8aL4iVheBC9aHZu6eK2rWq3B1IXjDs5EaEvzU5nf-vnl4XfYDT7f6FIjsM6TIxpHSSM4PKqHWJal6Fiyyi8q3hW0QIunnDx_TjP8orXsi5yU7-D-EmjY-gHMlJoSZzMsckQdsuAzlcsxoGLqW2G5TF3Vd_gCPb9rOIdzvoxHaEyEK_zzViTjHBN-V8ew6374KYFLUNenOy9zNtEgJDW-z5DPx8Svgqdy6k0h9OERyRGWhJJjjzjLQ-OnFL9Y2sGU4YFdp42Js15362sj36Wzuj3yZzvApZ2hzcwdNvEYXmERrCH2F1dOp2B9Vb5IpvYSq8iZdZXyfDMmICP1yPcqXNlubQ88cS1Reqyg-HupO5UfAMfZphqsY1au6lXW2kNM4G--gVJbD2s7y2RGyYDuALlZ5nSqw7ENfIOlgJW0cNfPWRKmgmUk25Mjm1zfNv-cGAG8oiocIgN6rGVJaMkYCPgNnUW4C4iQ0umz6M7AKx6RyvU_dISYprwjNC3UBUqhBMXbU5qsB2TiLutnQHXNWrGaNr-pVPKxjTCv0P7gEZ9ASFtg4GD51IV208ftmiesqQZWrByG5bobbSsUMhoub0vsilGYHRPF-LD2GukVzgY4VoYIn8kKR_JI6Jr0MG2Jbysb1Qwc6ZZeg3PWsU8tYl_ds_8a6R30SsLxyIz6EEtf_XA8KyxCKQtv8cOdKDmu_lZDo5Y44NYrPrDtShyAb2IFAPtYfPj01P6l30OdGEuYTqg_pX6GBM67LA57Alpj8tZXEwUhLFmjKHk8ABkcdxlFm2DoA4X-zML9Vnn998xDOiZti_2j632kPvYE_FlKLp31ZpvlWyUdIz9SVJIBvnYrqDAgR1tCX4umXw_Y8DtRt18slJSbVx0ndG5Ui_Ew2BOrbKadF6_9NNd2OZ1T0yRjPPulSS9Ygnv7gOCtdgo2pPJXsM577TtikTBCXUeeehucDDVhcdxHvbiN45zDTA_sng66fMC2RTArbqTXsfLQWXKGxqaownA9YpLeuky2nnL0gHOWWU2dwKwPFg2feREU6miZLqf0K1Woq7cwcaZ9rzvBXvsfMId8M7N59EcDAJzDP9BvvhGvtGRDUcUtgwjtOOMWS2oWCeQc2SExd71nO_SvwxiMK3aiTPds5mehezCB-P7tA6_NEl40HUCed0x_SadWc-sKtw0Qc6rmI5ddjgDKwqUn7lGd4xJ4p4juicYFkTlOEXSnBNZ_A4VH3o2VB-CA9353d2ECWGrrvRy26WbBZUHssREIeNIdA7kYQX2oe27-8Xpa3l9hp_4ZXB5a10cPBLSn0EoHqVy4o_ahauNIUWY4VdIICrdfe0bWHIIiEewwwmiSCKMctcl6Kjn6HkbBZdy0WL_wJeKXfN-LbHbpT5iBndbwrgL6XWoRaHLHrVB2Lhh0RHVOcIvXUL_2Kb2WXSWZrX2mSUkhD2JiLK6IQDQ4Gvrz-GYeI1IjidoeJnGhuiz8ephHGKSg7JjCfm59tdJ_PJ1RZiFa6kgwoFR1iCDbl7kGne1ZxNK845pRUbwVbiPjn0S2SlOF0aSGVNInlSgoI9O4YJxqmHL9lt2oWd7WyY16Y5ylh5j_4DrqxFpNw_nWJCKA885yufSqSK5ZOvyFQmUQ6BA8E0ruTEt24Dco9dHU9b_eEeijySm5lofbsA9oxSPiNqqOtGK--dtks4p5Z-3X8RzxASDf4_kLOT9wonHzdpwNas4pW7rH-tvLGtcXVy1nCRqTigI4Als4gnB-zhDLcc0HyTV5lngPuCaIv9HiBY1mfr0rP9_8E9_9N3gAFPQaBUloF9Q3rix-RNfy-TvzCcu6B1zo1DDuu9bS0Z_VqrLWNRD-CiFe-I_g5iZJEcuMvwtqRENfRP_JZa1QnWs8zASp1ptaWG9qZ1DM1Ihw8P68U5K4MgG_mcS-uN1ZMjIo-n11WW_es2gk5uIBkGttd6EjP9BnfDN9K04nuDJGJ5ZbvsHS8u7Kc7SqAWMXbzhQhDZtzpYSrVQntusjRR2-0wnaiBdcG0bREhtYxrnPFVADLmaeA_tEIs6Wm5ex_AukYSRiTEXJSCom6A-wSFuvrmvg_sGpp-VW7ii3Sh61N0Lavof3mTDIIbblUgKfIUS7u1qrT4AvCzV0qlN-5Gogfz_V8NLElx9SiV07fWt_9Z3l7a9aSDGtshr_hA4kGyuHZf-OkDvtQsgCQGETPtN6Qkmenga41t6IFNHJTq86P4hE9gARYF8KFcQSNhlFmZSj-1OJI7NEJBEahYIGSXLBlz-9m8Iw3eCXcMbmCBRN6uC12qS50HWNNNUDDn8rIru7ibERRcxGEKBlmxJLi7KUc8whCA-tOkOTLgEesHYWud8yojqeHNxBexRiCGcurW8wDweV_j4iaZ4QGokOZL_FQgHt04PWLBw89naz_ltZ5iGrIcCZ1DkSx1xCfwoG76if1C0NIThovAXeCNLxL_OXjYaVSpUY9zUD5nZ90BTfzj_NjY6gBGiYfwK8lBJBWwuQGzjhPMDMLWYLohpIwdcSk33V6H2dKLulaOoOqXDh9SZwUJJ1zm1l2ELk_ksmVaq4_SA9wqzH-WZdrmf-xOFHrU7WKrd8FoJIuuV-KDQ0EfP7o0Tlpmk5z_IQ5BaSBxSE16gMinGRwC03NLaKsYXvX35xxPQRBdsLEScq_cFs-ohhZuaSLh2tIXzIVn6J6FB8XJRR4H-ykK3Tg5TBc7g1zqAHOX9lG73VpMC3F7uzw8KGigIABIk5GjPt5yXms6UFmRYovX7xvZ7IsgFWKotqXaO7ciGElA2jN2-YAE

Request Chain 148

https://fw.adsafeprotected.com/rfw/bgd/1132697/64943729/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-Bjh2auWtteFShuIuA5u0JzNHXaUi5T9qJayfEI5Tj3CbSsAwuStJ_ytANEYzRS2nfTzF1kuD3bh042r85VignI5324EFCeNmIe6dFPajJJDWhUeD-FpJBHof7g__5a55OIozAQpsNnn8UFqXRt8h2dQ1XUmcEBmJbwLV9_0m8zUNm86tsS-RIAoCZ_4ESRNq0g5-1YFhg-OcKcLQqmUrgyE3_4ujDSMpVDrlHr1ftgunB_IVYPv5NUKg87a0BuStdtRzVISfk4_Qe0-dVF7phi8YkAEjCwYUlBNUBuSKJQuJoee4EpQZXJbsNBv_bgSm9t8boqKG6xaGvRy9STn1-cMyTrXqpn8N1NLLpwgoHmUP050RyGz9af7DwcaPBDe6JqOCBR5a0hAnuImh2NYWfDMGkNWdTgjJ_T2Ocgdhp1EHLyNd2q27eCY4V81lrH4hq7vKWR3_Z7y9UIGuMAzV9srnRA5TsWNM5KiAoC-Y-Cz3ppKCpGTsTGc29rcfjnlL7la61-cHQBGrZzvpo48xwWk5rI4ajGawfJBGCRZpktfbZyuLJuIrifPT10JG6p25N5fRBhrNCDxCs2p6kt_2uvtx1NOGicTWLhCBfluYO-4pY6B26K-w4X8V-NkFxjoZGKKkJ2hqKaOmfznfPmTvksshOg-_BIBFbxceBiYkMuZualCYtEl0Y6x6UudoMzbA0XgMTQdwvrmQC6AoGlWCLobQBiHtG6hEYzkfIPbznioD5HzDRDONNXGHSh5Qp9c1E_PipjpA0yr6QovyrEI9NZvdQ80UWIDRu-2Sz2xgwXoqKwADBToW6EqdTki82ppNpEMsi9cZ84_AJpa9KsG513ziCiiN65cNbefSzw-SzQlSRwXeJVs_cwH7S4Si6qWXNSIfMd3Vt9Iz6w6pYaHQkvHT5c29Y5r5524wSlBnY0gneMC1r1tYNsH4PJ8z3JcR8NWeiwcbus25KnO89Rqfexopoj1SQptbIhy57w3s0JCd2mWddHKjNNHHZIw20PGiaUMNjYKmuQFfPzwB6EAtQqdrHAu_qInHbZIDTP2oM765DfUpy_jZlX91jNk0RZXIFKNvmMlvCpscOJPZo2XHqYNX-rVb7Qmk9T7L-UttHYiyLmespEnoJpKsa_hVDUYbZEkZQ-69a_AOkvcSsGT_MAN_EHymrPUV8t2xdtqaSp_J-uOLj0Q5BRtcj40f2pm2VCmN5vNfrf1rXqTchSY5n--n21W735c6W7lNwsoFJAXldxHQGULixaRVG6ORqUDT3WqV_a7BZWJZOYx8SVwWhJ-0tBVqIo1aeEkLbu1BLb47LEVeUZz47WiOSvOONRowwdmjMPMKLwSAcgBEBNAvWwZhv9g9jxVw5h7QvYN0d8qebTao5ZKN-QzbihUZ2HbwA9gr3UVum6-PKQTQ9neiUaJsvAJLn2z4_UOWoUKtbX0P7C6V7FgDyHbVmJToMImTdm61GJ3WsHyMHBx5XyxlcVb2r56cNBCdT_oUhSueYr-9YhCs6eXcBKTC6J88qx9uFM2PZMafY6YCbdoC_vricsiEOOMyW8KMhrLw2l99QtQKdUFaVMyGN14juCd6ApD5AHSw_HFK_Iz4wg46shnGWwZxwSEVVEbdDIZkvMUMfhRC_zhz8Kt2aqzp4S7Vn3I_agOpv1ji-W3QZnv9Xau_Qf9EbLiYk3mJXzGxDAKJVQLdZw4FkeZMOja4UXeFyxR7uhkuB8hNmlcILFuTTj8F5xrEXcQsp7jgmuzXNg0wgT7JeLwhQy7uiT_t8LM4MLKpeiLVA1vrxT4IycGViKqOBy3OMOmj_HiURD1Bgl9d_Jk24Pnuz66JDzo9qs4hXbqh808SVcyKfFSZukzq1Y8T9crsNIgekwcoqBqQ0FIt1-gvNBgta1ogdKxjUUVWmXjto5uW9FAoYNK9w9DZip7gfUy9_IOctnZfSpIRcuMkKnD_WrymauLBdqzPuzvxVFse9zi2UP-7Uj2FaphcRvzRmZxKecrj_XOTJjzmcG3cU3kz5rbpjtAp3tRL5hVNiyXOfdKlFDuzSFdhZmpnYXGLfmiCMrkXzRlBWZlsrVr80V3faQrcDmagmOzUy3eWavxC8i4PB9XCrjYoo87gGmEmOTxuX-jMsUTmTdM_HUoE6Eq6tdFvHumKfJH2AGMPMr4GvYPuYsGS5KGFRzP_-3K6u-_HGOEdNRKi9Wy0RaQSpmLNpyDZrN6sewcXX95rpwjDGy81rp2X8swqGu6tJ8cb0TX3JxfdCr0IeteW7NZBkAZsaRYDo9qLtRxQB_2sHvns0DMSV6Fs_YlhEvLJ7HB5WU4Lckkqvg-B0F4fhnQE3bRoCkp91qqcneMT6qVzhRISvX9XQOaSiZp_CtEwqsgCpCLvZ7UZEspYJ_IaAWwGaH4WYVG3ZvMqu3DiVdBpi0um4HKCsr6hjx5sRdpQfGsmcNGR3CPy2s4yIgIoh_u6LEC-AqFNJyVdgHlZI8Qqtf48-FSVS5NIIeUGmJtc2wQQqs-vyGtomVBC8JdUXBGX-dBgn_1CYHX70rPwmZQ69wzMmOx3MsHVEDxyl-76N4ikdx8WErPh-T9AYaHQZY9qGAPxwFLlf4GaILM_0kVEMEc-yiISeqM2rMyYnNiS66nlbxoYQinNuS_eSxrOeObtsLBYKbXyGIH0E6jvLU4YBgITdTFEUfT4fBOmIeoihfBDQd7ZG5vG9Y71itHyFkA-wYygwVj9ajcqnsqOqBEJckMDPv2U5rCU2OEVqtMF4GfmBsOQdC_Qk48J-5yNoGMoU7Vue-2pcVgnndnsKvEdaqOmCXrxE52kfThOaFp50EzREhvTxloFtunzqGI_6nRuyUOly_Y-dBmuYgXFjIjh1ViF-yCI3a5MgRPIABWDa7wmeBINvMZJmneW4R9vASvlqhwm-NF9oN_Q493e2uGmz7CeCG4WiUU3p8xcjyFLSGnFpeG2tiW1dvmNU4Q9NJtgTbOfNph_IR5qr7MlSnGLyQs56SZVF-K1V8LvBzk5lBaHhtoRmPR-ZFqkKjiFc6YVdlgnq7NlNIoAsFoPmDNFu_ZEIMSGbKpQrWEMhpnONesFHXR26wrcfAiaIZvIcb7fk5mBIaTCsFsRwwDS-8xwG5O9c7Tjx31ZuLo1kxmv-qd1TmF-_EUL30RDQuBJ-_YihiXbz2uRiMBVfTUZXCm88bUSS5W1h4Na08bej0aoxYs7_r7HMYI31F__yjAV_qIhCKxPJYJyVL9xOKNg2kIVgu2Ltf2-iEqbHEiZOOOoJD9ytv8CkNypCcYgE1YF06-_WVvJrr69qMCrPa4BiCaWGdUGTmeeWqA2PtZbuIwaKzCtc8NObZCkxJJQF0uDvwOuxegphKv2dyQ4yy21onZNIEj98Y4lQfWK5_161TOINnfuoGGigIABIk5GigFBKgayGn4ECBtj9IKfX2D1tSjbtwQk-5nv5foaQfyKe1YAE&ias_dspID=3&ias_campId=1008765121&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=18081294602&bidurl=https://theinterview.top/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0igsVaT-ET_EJMQDRfJ10lf&adsafe_url=https%3A%2F%2Ftheinterview.top&adsafe_type=y&adsafe_url=https%3A%2F%2Ftheinterview.top%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fcbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fcbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:26d38a74-90bc-4c6e-bae2-d5668776c063,c:s8qtLf,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7577479748-tnlxn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tlm36x4+11%7C1211%7C1212%7C13%7C14%7C151%7C1521%7C153%7C16*.1132697-64943729%7C161%7C1621,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:19,oid:bff2e4ed-5504-11ed-a2f8-2a24ce032c71,v:19.8.358,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-Bjh2auWtteFShuIuA5u0JzNHXaUi5T9qJayfEI5Tj3CbSsAwuStJ_ytANEYzRS2nfTzF1kuD3bh042r85VignI5324EFCeNmIe6dFPajJJDWhUeD-FpJBHof7g__5a55OIozAQpsNnn8UFqXRt8h2dQ1XUmcEBmJbwLV9_0m8zUNm86tsS-RIAoCZ_4ESRNq0g5-1YFhg-OcKcLQqmUrgyE3_4ujDSMpVDrlHr1ftgunB_IVYPv5NUKg87a0BuStdtRzVISfk4_Qe0-dVF7phi8YkAEjCwYUlBNUBuSKJQuJoee4EpQZXJbsNBv_bgSm9t8boqKG6xaGvRy9STn1-cMyTrXqpn8N1NLLpwgoHmUP050RyGz9af7DwcaPBDe6JqOCBR5a0hAnuImh2NYWfDMGkNWdTgjJ_T2Ocgdhp1EHLyNd2q27eCY4V81lrH4hq7vKWR3_Z7y9UIGuMAzV9srnRA5TsWNM5KiAoC-Y-Cz3ppKCpGTsTGc29rcfjnlL7la61-cHQBGrZzvpo48xwWk5rI4ajGawfJBGCRZpktfbZyuLJuIrifPT10JG6p25N5fRBhrNCDxCs2p6kt_2uvtx1NOGicTWLhCBfluYO-4pY6B26K-w4X8V-NkFxjoZGKKkJ2hqKaOmfznfPmTvksshOg-_BIBFbxceBiYkMuZualCYtEl0Y6x6UudoMzbA0XgMTQdwvrmQC6AoGlWCLobQBiHtG6hEYzkfIPbznioD5HzDRDONNXGHSh5Qp9c1E_PipjpA0yr6QovyrEI9NZvdQ80UWIDRu-2Sz2xgwXoqKwADBToW6EqdTki82ppNpEMsi9cZ84_AJpa9KsG513ziCiiN65cNbefSzw-SzQlSRwXeJVs_cwH7S4Si6qWXNSIfMd3Vt9Iz6w6pYaHQkvHT5c29Y5r5524wSlBnY0gneMC1r1tYNsH4PJ8z3JcR8NWeiwcbus25KnO89Rqfexopoj1SQptbIhy57w3s0JCd2mWddHKjNNHHZIw20PGiaUMNjYKmuQFfPzwB6EAtQqdrHAu_qInHbZIDTP2oM765DfUpy_jZlX91jNk0RZXIFKNvmMlvCpscOJPZo2XHqYNX-rVb7Qmk9T7L-UttHYiyLmespEnoJpKsa_hVDUYbZEkZQ-69a_AOkvcSsGT_MAN_EHymrPUV8t2xdtqaSp_J-uOLj0Q5BRtcj40f2pm2VCmN5vNfrf1rXqTchSY5n--n21W735c6W7lNwsoFJAXldxHQGULixaRVG6ORqUDT3WqV_a7BZWJZOYx8SVwWhJ-0tBVqIo1aeEkLbu1BLb47LEVeUZz47WiOSvOONRowwdmjMPMKLwSAcgBEBNAvWwZhv9g9jxVw5h7QvYN0d8qebTao5ZKN-QzbihUZ2HbwA9gr3UVum6-PKQTQ9neiUaJsvAJLn2z4_UOWoUKtbX0P7C6V7FgDyHbVmJToMImTdm61GJ3WsHyMHBx5XyxlcVb2r56cNBCdT_oUhSueYr-9YhCs6eXcBKTC6J88qx9uFM2PZMafY6YCbdoC_vricsiEOOMyW8KMhrLw2l99QtQKdUFaVMyGN14juCd6ApD5AHSw_HFK_Iz4wg46shnGWwZxwSEVVEbdDIZkvMUMfhRC_zhz8Kt2aqzp4S7Vn3I_agOpv1ji-W3QZnv9Xau_Qf9EbLiYk3mJXzGxDAKJVQLdZw4FkeZMOja4UXeFyxR7uhkuB8hNmlcILFuTTj8F5xrEXcQsp7jgmuzXNg0wgT7JeLwhQy7uiT_t8LM4MLKpeiLVA1vrxT4IycGViKqOBy3OMOmj_HiURD1Bgl9d_Jk24Pnuz66JDzo9qs4hXbqh808SVcyKfFSZukzq1Y8T9crsNIgekwcoqBqQ0FIt1-gvNBgta1ogdKxjUUVWmXjto5uW9FAoYNK9w9DZip7gfUy9_IOctnZfSpIRcuMkKnD_WrymauLBdqzPuzvxVFse9zi2UP-7Uj2FaphcRvzRmZxKecrj_XOTJjzmcG3cU3kz5rbpjtAp3tRL5hVNiyXOfdKlFDuzSFdhZmpnYXGLfmiCMrkXzRlBWZlsrVr80V3faQrcDmagmOzUy3eWavxC8i4PB9XCrjYoo87gGmEmOTxuX-jMsUTmTdM_HUoE6Eq6tdFvHumKfJH2AGMPMr4GvYPuYsGS5KGFRzP_-3K6u-_HGOEdNRKi9Wy0RaQSpmLNpyDZrN6sewcXX95rpwjDGy81rp2X8swqGu6tJ8cb0TX3JxfdCr0IeteW7NZBkAZsaRYDo9qLtRxQB_2sHvns0DMSV6Fs_YlhEvLJ7HB5WU4Lckkqvg-B0F4fhnQE3bRoCkp91qqcneMT6qVzhRISvX9XQOaSiZp_CtEwqsgCpCLvZ7UZEspYJ_IaAWwGaH4WYVG3ZvMqu3DiVdBpi0um4HKCsr6hjx5sRdpQfGsmcNGR3CPy2s4yIgIoh_u6LEC-AqFNJyVdgHlZI8Qqtf48-FSVS5NIIeUGmJtc2wQQqs-vyGtomVBC8JdUXBGX-dBgn_1CYHX70rPwmZQ69wzMmOx3MsHVEDxyl-76N4ikdx8WErPh-T9AYaHQZY9qGAPxwFLlf4GaILM_0kVEMEc-yiISeqM2rMyYnNiS66nlbxoYQinNuS_eSxrOeObtsLBYKbXyGIH0E6jvLU4YBgITdTFEUfT4fBOmIeoihfBDQd7ZG5vG9Y71itHyFkA-wYygwVj9ajcqnsqOqBEJckMDPv2U5rCU2OEVqtMF4GfmBsOQdC_Qk48J-5yNoGMoU7Vue-2pcVgnndnsKvEdaqOmCXrxE52kfThOaFp50EzREhvTxloFtunzqGI_6nRuyUOly_Y-dBmuYgXFjIjh1ViF-yCI3a5MgRPIABWDa7wmeBINvMZJmneW4R9vASvlqhwm-NF9oN_Q493e2uGmz7CeCG4WiUU3p8xcjyFLSGnFpeG2tiW1dvmNU4Q9NJtgTbOfNph_IR5qr7MlSnGLyQs56SZVF-K1V8LvBzk5lBaHhtoRmPR-ZFqkKjiFc6YVdlgnq7NlNIoAsFoPmDNFu_ZEIMSGbKpQrWEMhpnONesFHXR26wrcfAiaIZvIcb7fk5mBIaTCsFsRwwDS-8xwG5O9c7Tjx31ZuLo1kxmv-qd1TmF-_EUL30RDQuBJ-_YihiXbz2uRiMBVfTUZXCm88bUSS5W1h4Na08bej0aoxYs7_r7HMYI31F__yjAV_qIhCKxPJYJyVL9xOKNg2kIVgu2Ltf2-iEqbHEiZOOOoJD9ytv8CkNypCcYgE1YF06-_WVvJrr69qMCrPa4BiCaWGdUGTmeeWqA2PtZbuIwaKzCtc8NObZCkxJJQF0uDvwOuxegphKv2dyQ4yy21onZNIEj98Y4lQfWK5_161TOINnfuoGGigIABIk5GigFBKgayGn4ECBtj9IKfX2D1tSjbtwQk-5nv5foaQfyKe1YAE

Request Chain 175

https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 HTTP 302
https://cds.connatix.com/p/193450/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Request Chain 191

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPkItKGijTbRxyOFdzixsaE&google_cver=1&google_push=AZmPxg8kqYpa2unYOLMK0GqLKXJa49C6dRy3raH3N7D6iCg3iKMpRs7Gb5BvjO44Rte6rTNQApMioRKygghL1f_oaGy2HNS19Uuq HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPkItKGijTbRxyOFdzixsaE&google_cver=1&google_push=AZmPxg8kqYpa2unYOLMK0GqLKXJa49C6dRy3raH3N7D6iCg3iKMpRs7Gb5BvjO44Rte6rTNQApMioRKygghL1f_oaGy2HNS19Uuq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXNKc21lazkxT05Cb2w1&google_gid=CAESEPkItKGijTbRxyOFdzixsaE&google_cver=1&google_push=AZmPxg8kqYpa2unYOLMK0GqLKXJa49C6dRy3raH3N7D6iCg3iKMpRs7Gb5BvjO44Rte6rTNQApMioRKygghL1f_oaGy2HNS19Uuq

Request Chain 192

https://fksnk.com/cs/google?google_gid=CAESEMa0dhgqXFZQQ0vbAZi2QFI&google_cver=1&google_push=AZmPxg_ddxxberi8XGj750CFV2c_EpyFS69CeLuG-YO0APFUU6_934SNgtoWE7xT62zZi72iNpGDfRctmiQeudmSq9Y2OIiZIJ2p HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RDhCM0MxODcwOTQ1MkMzOA==

Request Chain 193

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIyG3Qz_ClOP9_qTEI8bqfE&google_cver=1&google_push=AZmPxg_mxWmHmS0fO4tPKocwYhC7o3wqp_p-CbdE6-EdwI2ZDg3J-fi-gjjhbZAxLPXxNRmoD4rqgsSJohzJHTLtFVT6lUQpmsQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg_mxWmHmS0fO4tPKocwYhC7o3wqp_p-CbdE6-EdwI2ZDg3J-fi-gjjhbZAxLPXxNRmoD4rqgsSJohzJHTLtFVT6lUQpmsQ

Request Chain 194

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELfsmacdiKvcpGyig4WDUso&google_cver=1&google_push=AZmPxg_EN4ccB_vdcR8P6pn1wb-5Tv7XBhXjdf9S0IUZZCRk4HTapDz4a46wUv-AYU8l9wHJiMiviviJI0cma0QRvXlTZYekvNc2 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELfsmacdiKvcpGyig4WDUso&google_cver=1&google_push=AZmPxg_EN4ccB_vdcR8P6pn1wb-5Tv7XBhXjdf9S0IUZZCRk4HTapDz4a46wUv-AYU8l9wHJiMiviviJI0cma0QRvXlTZYekvNc2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI5NjExODk3ODIzNDc0NzIwMg&google_push=AZmPxg_EN4ccB_vdcR8P6pn1wb-5Tv7XBhXjdf9S0IUZZCRk4HTapDz4a46wUv-AYU8l9wHJiMiviviJI0cma0QRvXlTZYekvNc2

Request Chain 196

https://cs.media.net/cksync?type=g&google_gid=CAESELYVfG0WtP0WEPp-HwuuOiQ&google_cver=1&google_push=AZmPxg9vP2QqGo74lVDoufHbLwtc-Cu6H2B53-QAvo1bEN3el1qlHR2DAvB1NOxhe8L8_5qqgee4AdfQHW7k3mUApaZk9EKrJYQ- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA5NzczMDQxNTAxMTc5MzAwMFYxMA%3d%3d&mn_hm=MzA5NzczMDQxNTAxMTc5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9vP2QqGo74lVDoufHbLwtc-Cu6H2B53-QAvo1bEN3el1qlHR2DAvB1NOxhe8L8_5qqgee4AdfQHW7k3mUApaZk9EKrJYQ-&gdpr=&gdpr_consent=

Request Chain 200

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHsM7xn_dmJrQvit5ZVpQtU&google_cver=1&google_push=AZmPxg8p8jCCYZNH7SEEY8QOT6-sGFewcleFQ9W3HwveHNjoxQ3zg9cWpq4-eU_lUB2ahTsmkrxwO4-tZ0Hmrkp7zoD1QTznldVK7Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHsM7xn_dmJrQvit5ZVpQtU&google_push=AZmPxg8p8jCCYZNH7SEEY8QOT6-sGFewcleFQ9W3HwveHNjoxQ3zg9cWpq4-eU_lUB2ahTsmkrxwO4-tZ0Hmrkp7zoD1QTznldVK7Q

Request Chain 201

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEJURvNhmqd4EJkc2LtNrzQ&google_cver=1&google_push=AZmPxg9-DLzPaT0kCiwZ9mBbrAYItTQHO6Id84Q1q25MR2GyTXDQ0faUlOQE2aegKU48gjmzNcM4K3buX6yC5mGyI5WXsJEE08PQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg9-DLzPaT0kCiwZ9mBbrAYItTQHO6Id84Q1q25MR2GyTXDQ0faUlOQE2aegKU48gjmzNcM4K3buX6yC5mGyI5WXsJEE08PQ&google_hm=EwYPUgXZSEOyx5jSEjVxlmU

Request Chain 202

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIyG3Qz_ClOP9_qTEI8bqfE&google_cver=1&google_push=AZmPxg95u5kcUyYUd9T0UnHcXopw8Bnb14-wQAcuofocr0eEE-LDgtSXI6xiB0JYZ_8PeMbnPC0uyQRixigif9z6cmHtvdifhXht HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg95u5kcUyYUd9T0UnHcXopw8Bnb14-wQAcuofocr0eEE-LDgtSXI6xiB0JYZ_8PeMbnPC0uyQRixigif9z6cmHtvdifhXht

Request Chain 203

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEM7AzNJ19TriSacf1100X2A&google_cver=1&google_push=AZmPxg-yVy6BilqNyuY7txJbiztFeLJSTdI6E9W-yaxQ8eBQbJ5G_8jmP15cHJAW4pa3-JlV68Ryj7XqyG50M3SOSmGz9wXUrwAV HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEM7AzNJ19TriSacf1100X2A&google_cver=1&google_push=AZmPxg-yVy6BilqNyuY7txJbiztFeLJSTdI6E9W-yaxQ8eBQbJ5G_8jmP15cHJAW4pa3-JlV68Ryj7XqyG50M3SOSmGz9wXUrwAV&prevuid=&knw= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg-yVy6BilqNyuY7txJbiztFeLJSTdI6E9W-yaxQ8eBQbJ5G_8jmP15cHJAW4pa3-JlV68Ryj7XqyG50M3SOSmGz9wXUrwAV&google_hm=

Request Chain 204

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBNfVTCmqtlVKAv_-4m87cs&google_cver=1&google_push=AZmPxg9UBdrW5ObgVrkOwg2Dh8qNInsh5il7r0aQbbTowiPtozCYsScIYNw13zi57ImN4H2TfIE-uFrYj0PCuxKZ1dyAEVNM4unX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9UBdrW5ObgVrkOwg2Dh8qNInsh5il7r0aQbbTowiPtozCYsScIYNw13zi57ImN4H2TfIE-uFrYj0PCuxKZ1dyAEVNM4unX&google_hm=OTA5NDQwNTMyODMzMDIyOTY0MA%3D%3D

Request Chain 205

https://s.uuidksinc.net/match/47/?remote_uid=CAESEJ36MceMjEks14Dx-5WdQkc&c_param1=AZmPxg_NDk60n4LvffBvC3VY0KjRUTDxgQ-ZN8826WLl1kkafPwVWMwwz-mcXEhQkxg6Qs13oThMBua6P3fE1C6gLsQ5rli68zyV&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg_NDk60n4LvffBvC3VY0KjRUTDxgQ-ZN8826WLl1kkafPwVWMwwz-mcXEhQkxg6Qs13oThMBua6P3fE1C6gLsQ5rli68zyV

Request Chain 221

https://c1.adform.net/serving/cookie/match?party=14&cid=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9

Request Chain 222

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7753244243191347369

Request Chain 224

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 225

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4976083974368326627&gdpr=0&gdpr_consent=

Request Chain 226

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6NHs4O7VRD-hov3AFLqh6Q%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RThEMUVDRTAtRUVENS00NDNGLUExQTItRkRDMDE0QkFBMUU5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEETBj4OB6vioYeCfGewUww8&google_cver=1

Request Chain 234

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6866250229661616286

264 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
theinterview.top/
Redirect Chain

http://theinterview.top/
https://theinterview.top/

171 KB
32 KB

1030ms
932ms

Document
text/html

18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: e38cec42de067f98f682ad5fa5364b9c951ac92d7ac5dda97ca833144d57f1af

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html
date: Wed, 26 Oct 2022 08:03:55 UTC
display: pub_site_sol
expires: Tue, 25 Oct 2022 08:03:55 GMT
last-modified: Tue, 25 Oct 2022 22:09:22 GMT
pagespeed: off
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Miss
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=0
x-sol: pub_site

Redirect headers

Cache-Control: public, max-age=2592000
Content-Length: 707
Content-Type: text/html
Date: Wed, 26 Oct 2022 08:03:54 UTC
Display: staticcontent_sol
Location: https://theinterview.top/
Pagespeed: off
Response: 301
Server: LiteSpeed
Vary: Accept-Encoding,User-Agent,Origin
X-Ez-Proxy-Out: true 2.3
X-Ezoic-Cdn: Hit ds;mm;d878a0a77fa52831abfa4047fbf930b6;2-205805-7;5c86b44f-e179-486c-44d9-ab8c70c61f66
X-Middleton-Display: staticcontent_sol
X-Middleton-Response: 301
X-Origin-Cache-Control
X-Sol: pub_site

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 146ms
58ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd2cee9520cf71fabdd3743f57756003bcdb47ef6461c2d06768210027aae9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27345
x-xss-protection: 0
server: sffe
etag: "1374 / 848 of 1000 / last-modified: 1666747876"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Oct 2022 08:03:55 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 331 KB
101 KB 118ms
47ms Script
application/javascript 2606:4700:e0::ac40:671c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:671c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dbc1e82d9a5c698995e2f9e5dfa5672aa3a389075a127fe55eebad60787c0b2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Sep 2022 14:04:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2224751
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZU1ek05BcXVJQXITJhH%2F7X4B1KwmPYJT2dnNOQWEiqcmfaYbgloce%2F6QOwPvz%2BAlP3mZz5JnRoFBYRjAVe5IMlVDSRaoG7%2FfvF7C0VBfu6l2GoJRwCOaotHvMuRPbQxDMmsF57UcUIbqq0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7601ada25f8306cd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fads.js Show response
theinterview.top/porpoiseant/ 8 KB
2 KB 44ms
43ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/fads.js?gcb=195-0&cb=6
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: f08bda7e60fadca736bd7ed81684d6dd9bd11951aada10c84e66cbeac3c52197

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 banger.js Show response
theinterview.top/porpoiseant/ 52 KB
13 KB 47ms
45ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/banger.js?cb=195-0&bv=166&v=67&PageSpeed=off
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: f09e6a14209bad208f376135759a7ede7553052c97ca91ee106424f4ae1e89ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 style.min.css
theinterview.top/wp-includes/css/dist/block-library/ 1 KB
381 B 72ms
71ms Stylesheet
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/wp-includes/css/dist/block-library/style.min.css?ver=5.7.8&ez_used_css_s=13
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: b31152f20482b0fe704bf31430fec9cbb90d15acdf2891384f44a379e049f6f5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;d40068c6512863d94c016958310809b1;2-205805-7;1514090c-e687-47e5-421d-9d49caf716c0
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 274
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 8d88c31ecd75bc88f8c018021ec6fc2d.css
theinterview.top/wp-content/cache/min/1/ 2 KB
689 B 60ms
59ms Stylesheet
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/wp-content/cache/min/1/8d88c31ecd75bc88f8c018021ec6fc2d.css?ez_used_css_s=13
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: e9710b1f879a5dd922b5ae8e11e578449dcd97f00e7ae18b4746f1ae8329716e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;dd1d27b511ad62f8683a4e7616f6c073;2-205805-7;5f2273d0-1506-4f6b-6d1d-11216c3f5b1a
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 556
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000

GET
H2 200 screen.min.css
theinterview.top/wp-content/plugins/table-of-contents-plus/ 778 B
532 B 59ms
58ms Stylesheet
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2002&ez_used_css_s=13
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: 389e1f893b77970f3ea973d6270f4c658d6501bcd5f0efab1b0f59720ee2ac73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;16e9b5dab9d8fd9b24f4b7378f636ca8;2-205805-7;8150e75c-4c5d-4dc5-4751-5079b3124a04
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 266
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000

GET
H2 200 c6075925ac4cfffe94b68b50fc2aeec5.css
theinterview.top/wp-content/cache/min/1/ 0
96 B 62ms
61ms Stylesheet
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/wp-content/cache/min/1/c6075925ac4cfffe94b68b50fc2aeec5.css?ez_used_css_s=13
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 UTC
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;99fed9fbf6e4c27c3f997d118600135b;2-205805-7;645162c8-0dde-4c6b-74c3-ef3d408bc8a3
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 140ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Baskerville:400|Merriweather:400&display=optional

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d21ce859ca8be253a0b73ee6a36f05795583222d47002b3b8b6316f763ac183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 08:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 08:03:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 08:03:55 GMT

GET
H2 200 98134e187c3592b2cbab7646292a3200.css
theinterview.top/wp-content/cache/min/1/ 87 KB
12 KB 78ms
77ms Stylesheet
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/wp-content/cache/min/1/98134e187c3592b2cbab7646292a3200.css?ez_used_css_s=13
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: 2e3beaa175655a6b53a42a1a70b215410c6ff6b7303822aac7916353a4cf2a96

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;32c16f98ba59b0118fc42e04392f6b65;2-205805-7;5c59a7dd-7fd0-4f44-499c-ca3b54d1667e
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000

GET
H2 200 default.min.css
theinterview.top/wp-content/plugins/tablepress/css/ 2 KB
1 KB 60ms
60ms Stylesheet
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/wp-content/plugins/tablepress/css/default.min.css?ver=1.13&ez_used_css_s=13
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: 3a8925df57357c2a71893114e307cd622fe64be676362017ec47f821cf7b2b78

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;a330aec5b6a5ab294fea379ff512c8ef;2-205805-7;a155bee8-84dc-48bb-6fc9-6d8c3f7c4964
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1140
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000

GET
H2 200 addthis_wordpress_public.min.css
theinterview.top/wp-content/plugins/addthis/frontend/build/ 244 B
333 B 57ms
57ms Stylesheet
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.7.8&ez_used_css_s=13
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: 159d288073a6f8705a8eb288dc6ddbfd192afd31da95800c5fc8f78a41e06773

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;b9b6c5f5f52f6c5460cf6d2c5bc03c02;2-205805-7;91f10da9-9929-43d6-7fc8-426d403dce20
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 98
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 820ms
59ms Script
application/javascript 72.246.168.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.168.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-168-124.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 26 Oct 2022 08:03:56 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116407

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 07:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3718
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 26 Oct 2022 09:01:58 GMT

GET
H2 200 cookieconsent.min.js Show response
theinterview.top/ezoic/ 4 KB
2 KB 44ms
44ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/ezoic/cookieconsent.min.js
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 GMT
content-encoding: br
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "11a4-5ebcec1840b80-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
expires: Thu, 26 Oct 2023 08:03:55 GMT

GET
H2 200 theinterview.png
theinterview.top/wp-content/uploads/2021/10/ 6 KB
6 KB 52ms
51ms Image
image/png 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theinterview.top/wp-content/uploads/2021/10/theinterview.png
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: b7cf70f0bf5147acae2ef467a5a8446dd6a9a4aa5e90736c63ac8408cd0fc9bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 UTC
content-encoding: br
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
display: staticcontent_sol
x-origin-cache-control: public, max-age=2592000,public
x-ez-proxy-out: true 2.3
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;mm;ffd3e6dd88bec4c5066fd2c13bea66f6;2-205805-7;d699297b-a4cd-46ab-5f4f-731d4dd5add9
content-type: image/png
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 augusta.js Show response
theinterview.top/detroitchicago/ 2 KB
990 B 45ms
44ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/detroitchicago/augusta.js?cb=24
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 958

GET
H2 200 ezcl.webp Show response
theinterview.top/utilcave_com/inc/ 1 KB
1 KB 53ms
52ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/utilcave_com/inc/ezcl.webp?cb=4
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 GMT
content-encoding: br
x-sol: middleton
server: Apache/2.4.39 (Ubuntu)
display: staticcontent_sol
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: staticcontent_sol
cache-control: max-age=86400
content-length: 606

GET
H2 200 cmbv2.js Show response
theinterview.top/detroitchicago/ 77 KB
22 KB 52ms
51ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 4436635e94108fa053f9ddc3fda722679db9ca393391ec488ae4373cabe1e72f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 houston.js Show response
theinterview.top/detroitchicago/ 5 KB
2 KB 44ms
43ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/detroitchicago/houston.js?gcb=0&cb=29
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 133157c66e35c2404dc6b8219ee27e6d86e3f13f14635cb85967e28b4ff7ab7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 159ms
41ms Image
image/png 2600:9000:20eb:3a00:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 09:30:33 GMT
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
x-sol: middleton
display: staticcontent_sol
x-amz-cf-pop: FRA2-C1
age: 513203
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
last-modified: Mon, 17 Oct 2022 23:51:05 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "49d-5d9576f862e00-gzip-gzip"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-id: Qf5P2MBg7SXFY5yv_U4Oe3uGxl5ysHfghPLA85RD_DZOUs5fDTKKSA==
expires: Thu, 27 Oct 2022 09:30:33 GMT

GET
H2 200 fontawesome-webfont.woff2
theinterview.top/wp-content/themes/herald/assets/fonts/ 65 KB
65 KB 59ms
59ms Font
font/woff2 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/wp-content/themes/herald/assets/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: theinterview.top
URL: https://theinterview.top/wp-content/cache/min/1/98134e187c3592b2cbab7646292a3200.css?ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://theinterview.top/wp-content/cache/min/1/98134e187c3592b2cbab7646292a3200.css?ez_used_css_s=13
Origin: https://theinterview.top
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;c0116963fdab8435e9ef41a5dd9e8602;2-205805-7;5f82b108-5498-4f2a-4e0e-0c70c1b13456
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=2592000
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://theinterview.top
cache-control: public, max-age=31536000
vary: Accept-Encoding,User-Agent,Origin

GET
H2 200 / Show response
basher.ezodn.com/ 2 KB
1 KB 50ms
49ms XHR
application/json 2606:4700:e0::ac40:661c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=205805&bf=700&dc=1254144
Requested by: Host: theinterview.top
URL: https://theinterview.top/porpoiseant/banger.js?cb=195-0&bv=166&v=67&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:661c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c8df5d029f6c7bec0db3c33e6d752b958a50d1c4cb92f0ef2a8c20329240a5e

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
X-PINGBACK: pingpong
Content-Type: application/json

Response headers

date: Wed, 26 Oct 2022 08:03:56 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
vary: Origin, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://theinterview.top
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohpIE7XEqkC9C40wZFf3lCezINDVvXIxb1Ycz3BMYQwzctvcL3oiB6A%2Fja4uegOScu5pGdLZnQFPQ5aGGyyRVtJVi%2BEFR2TgsUOUb3aFYIxd2B5YPxYKQPXHOlkPBNdL4olAh%2F0jk7Yi4mF3GIV5"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=84400
cf-ray: 7601ada39b2b7783-LHR
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 /
basher.ezodn.com/ Frame 0
0 108ms
39ms Preflight
application/json 2606:4700:e0::ac40:661c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=205805&bf=700&dc=1254144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:661c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-pingback
Access-Control-Request-Method: GET
Origin: https://theinterview.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-pingback
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://theinterview.top
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 7601ada35ab47783-LHR
content-length: 0
content-type: application/json
date: Wed, 26 Oct 2022 08:03:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iv%2BVfUZD5RYKefiapBiuRQFbXVFw%2FnvY6YGw9oV0eVgKY%2BabAFon706TUN%2B2R1uqjXT8hohF5D4FiJcZ%2BeArW436XFI23jb3KFvUgHwTPjrQ5BpX1%2Fez%2B1yuNGY4nvVDXDnmeV0rH%2FX%2FV4tq9Jw6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 nmash.js
theinterview.top/porpoiseant/ 22 KB
6 KB 46ms
45ms Other
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/nmash.js?v=166
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 2405c4349aef0da237dc6ddfe63a6bfe2440dc4461c20850ccc19fcc1d359aec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=0, public
x-robots-tag: noindex

GET
H2 200 cl.gif
theinterview.top/detroitchicago/ 43 B
156 B 41ms
41ms Image
image/gif 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theinterview.top/detroitchicago/cl.gif?pvID=70ebadc1-d04b-468f-6d52-bf5d115033ed&dID=205805
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 GMT
content-encoding: br
vary: Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Tue, 25 Oct 2022 08:03:56 GMT

GET
H2 200 imp.gif Show response
theinterview.top/detroitchicago/ 43 B
74 B 47ms
47ms XHR
image/gif 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A1%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C5%2C35%2C4%2C1%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A5%2C%22city%22%3A%22Manchester%22%2C%22country%22%3A%22GB%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A3%2C%22domain_id%22%3A205805%2C%22domain_test_group%22%3A20230803%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A1%2C%22ezcache_skip_code%22%3A7%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1116%2C1122%2C1140%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2270ebadc1-d04b-468f-6d52-bf5d115033ed%22%2C%22position_selection_id%22%3A46%2C%22postal_code%22%3A%22M32%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A102596%2C%22response_time_orig%22%3A490%2C%22serverid%22%3A%223.71.10.208%3A20445%22%2C%22state%22%3A%22MAN%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1116%2C1122%2C1140%22%2C%22t_epoch%22%3A1666771434%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Ftheinterview.top%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A904%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 GMT
content-encoding: br
vary: Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Tue, 25 Oct 2022 08:03:56 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 196ms
62ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 530ada81665d4f8f68e14afba4d6ae64128d80240dda6ddc8919b31d65a69702

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 GMT
content-encoding: gzip
etag: "bLcVTDhl2t9kvw7/36cOxA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 02 Nov 2022 08:03:56 GMT

GET
H2 200 style.min.css
theinterview.top/wp-includes/css/dist/block-library/ 1 KB
1 KB 62ms
59ms Image
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theinterview.top/wp-includes/css/dist/block-library/style.min.css?ver=5.7.8&ez_used_css_s=13
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:55 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;d40068c6512863d94c016958310809b1;2-205805-7;1514090c-e687-47e5-421d-9d49caf716c0
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 274
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 8d88c31ecd75bc88f8c018021ec6fc2d.css
theinterview.top/wp-content/cache/min/1/ 2 KB
2 KB 61ms
58ms Image
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theinterview.top/wp-content/cache/min/1/8d88c31ecd75bc88f8c018021ec6fc2d.css?ez_used_css_s=13
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;dd1d27b511ad62f8683a4e7616f6c073;2-205805-7;5f2273d0-1506-4f6b-6d1d-11216c3f5b1a
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 556
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000

GET
H2 200 screen.min.css
theinterview.top/wp-content/plugins/table-of-contents-plus/ 778 B
778 B 69ms
66ms Image
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theinterview.top/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2002&ez_used_css_s=13
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;16e9b5dab9d8fd9b24f4b7378f636ca8;2-205805-7;8150e75c-4c5d-4dc5-4751-5079b3124a04
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 266
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000

GET
H2 200 c6075925ac4cfffe94b68b50fc2aeec5.css
theinterview.top/wp-content/cache/min/1/ 0
96 B 69ms
67ms Image
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theinterview.top/wp-content/cache/min/1/c6075925ac4cfffe94b68b50fc2aeec5.css?ez_used_css_s=13
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 UTC
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;99fed9fbf6e4c27c3f997d118600135b;2-205805-7;645162c8-0dde-4c6b-74c3-ef3d408bc8a3
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000

GET
H2 200 98134e187c3592b2cbab7646292a3200.css
theinterview.top/wp-content/cache/min/1/ 87 KB
87 KB 105ms
103ms Image
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theinterview.top/wp-content/cache/min/1/98134e187c3592b2cbab7646292a3200.css?ez_used_css_s=13
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;32c16f98ba59b0118fc42e04392f6b65;2-205805-7;5c59a7dd-7fd0-4f44-499c-ca3b54d1667e
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000

GET
H2 200 default.min.css
theinterview.top/wp-content/plugins/tablepress/css/ 2 KB
2 KB 64ms
63ms Image
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theinterview.top/wp-content/plugins/tablepress/css/default.min.css?ver=1.13&ez_used_css_s=13
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;a330aec5b6a5ab294fea379ff512c8ef;2-205805-7;a155bee8-84dc-48bb-6fc9-6d8c3f7c4964
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1140
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000

GET
H2 200 addthis_wordpress_public.min.css
theinterview.top/wp-content/plugins/addthis/frontend/build/ 244 B
244 B 61ms
59ms Image
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theinterview.top/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.7.8&ez_used_css_s=13
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;b9b6c5f5f52f6c5460cf6d2c5bc03c02;2-205805-7;91f10da9-9929-43d6-7fc8-426d403dce20
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 98
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 cmbdv2.js Show response
theinterview.top/detroitchicago/ 41 KB
10 KB 56ms
55ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y18-5y5c-22&cmbcb=115&sj=x03x0cx18x5c
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 9662766ef45fe26a2de5437d7eabfcd797e625bbe023b0aa4c327c7f4c7052b7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 pubads_impl_2022102001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:29:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130516
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 26 Oct 2023 07:29:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 138 B
127 B 128ms
49ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=theinterview.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

588b559f74a6e1f3fd40683bf5bc2cc791f5acfdf91f712dc5adc875c5ddc79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102
x-xss-protection: 0
expires: Wed, 26 Oct 2022 08:03:56 GMT

GET
H2 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 26 KB
27 KB 129ms
42ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville:400|Merriweather:400&display=optional

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theinterview.top
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 17:13:18 GMT
x-content-type-options: nosniff
age: 53438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27120
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 17:13:18 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 169ms
82ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville:400|Merriweather:400&display=optional

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theinterview.top
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 17:07:15 GMT
x-content-type-options: nosniff
age: 53801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 17:07:15 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 47ms
46ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1433797178&t=pageview&_s=1&dl=https%3A%2F%2Ftheinterview.top%2F&ul=en-us&de=UTF-8&dt=Interview.top%20-%20Interview%20Questions%2C%20Interview%20Tips%20and%20Guides%20-%20Interview%20Questions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=114222300&gjid=1089326374&cid=1926362817.1666771436&tid=UA-83151804-1&_gid=988797340.1666771436&_r=1&_slc=1&z=2070888063

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:03:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 160 B
631 B 497ms
162ms Script
application/javascript 2600:9000:2078:3800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2078:3800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:40:40 GMT
via: 1.1 8137b7c010eb34abe62bebb7e7ae88c6.cloudfront.net (CloudFront)
x-amz-cf-pop: HYD50-C1
age: 1397
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:41:49 GMT
server: AmazonS3
etag: "af15ecfe46737cb2a37226fd060f23a6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: vaQ6MCleRYYstXkKoxDT69PtGkWU44--e2eKquI1Gcx3o8ipi0tAgg==

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 151ms
49ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=theinterview.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 142ms
49ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=theinterview.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
663 B 1267ms
1267ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3126539588222323&correlator=4272540515925666&eid=31070110%2C31069564&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=1254144%3A22490338074%2Ctheinterview_top-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=1654379291&sfv=1-0-38&prev_scp=a%3D%257C0%257C%26iid1%3D1442705282298647%26eid%3D1442705282298647%26t%3D134%26d%3D205805%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod19-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtheinterview_top-medrectangle-2-1442705282298647%26eb_br%3D8b07bae800b215e481d05a271b3e723b%26eba%3D1%26ebss%3D10061%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D700%26br2%3D350%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C2339%2C3430%2C3458%2C3460%2C3683%2C3933%2C4186%2C3676&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1666771436262&lmt=1666735762&dlt=1666771435815&idt=324&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftheinterview.top%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1926362817.1666771436&ga_sid=1666771436&ga_hid=1433797178&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10b6b6c74ee84617939b95a03d0effe04fd5b46480eb17b57751936d09d59871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 633
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 129ms
49ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=theinterview.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 130ms
49ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=theinterview.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
602 B 980ms
980ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3126539588222323&correlator=3014553257873731&eid=31070110%2C31069564&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=1254144%3A22490338074%2Ctheinterview_top-box-2%2Ctheinterview_top-medrectangle-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C320x50%7C250x250%7C125x125%7C300x250%7C120x240%7C970x90%7C970x250%7C200x200%7C180x150%7C234x60%7C728x90%7C320x50%7C468x60%7C320x100&fluid=0%2Cheight&ifi=2&adks=1206242009%2C439780683&sfv=1-0-38&prev_scp=a%3D%257C0%257C%26iid1%3D3578579878260585%26eid%3D3578579878260585%26t%3D134%26d%3D205805%26t1%3D134%26pvc%3D0%26ap%3D1140%26sap%3D1140%26as%3Drevenue%26plat%3D1%26bra%3Dmod19-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtheinterview_top-box-2-3578579878260585%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10061%26bv%3D0%26bvm%3D1%26bvr%3D2%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D400%26br2%3D180%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%2C2339%2C3054%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C4184%2C4185%2C4186%2C3676%7Ca%3D%257C0%257C%26iid1%3D7089884492293115%26eid%3D7089884492293115%26t%3D134%26d%3D205805%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26as%3Drevenue%26plat%3D1%26bra%3Dmod19-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dtheinterview_top-medrectangle-1-7089884492293115%26eb_br%3D45a351e981f435b4c20fafca8a5d741c%26eba%3D1%26ebss%3D10061%26bv%3D15%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D600%26br2%3D300%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C2339%2C3430%2C3458%2C3460%2C3682%2C3683%2C3933%2C4185%2C4186%2C3676&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1666771436454&lmt=1666735762&dlt=1666771435815&idt=324&adxs=436%2C-12245933&adys=337%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftheinterview.top%2F&frm=20&vis=1&psz=1600x90%7C0x0&msz=728x90%7C0x0&fws=0%2C128&ohw=0%2C0&ga_vid=1926362817.1666771436&ga_sid=1666771436&ga_hid=1433797178&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fcac1f94c498b6d9c21d43efb5fa71f703c6fa6f9e1b9c5e8e883db14f6b0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 572
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1730803016;labels=Domain.theinterview_top%2CDomainId.205805;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Ftheinterview.top%2F;uht=2;fpan=1;fpa=P0-1269558372-1666771436690;pbc=;ns=0;ce=1;qjs=1;qv...
pixel.quantserve.com/ 35 B
372 B 66ms
56ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1730803016;labels=Domain.theinterview_top%2CDomainId.205805;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Ftheinterview.top%2F;uht=2;fpan=1;fpa=P0-1269558372-1666771436690;pbc=;ns=0;ce=1;qjs=1;qv=1ce15e3b-20221024154237;cm=;gdpr=0;ref=;d=theinterview.top;dst=0;et=1666771436690;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.Interview%252Etop%20-%20Interview%20Questions%252C%20Interview%20Tips%20and%20Guides%20-%20Interview%20Quest%2Cdescription.Interview%252Etop%20%E2%80%93%20Interview%20Questions%252C%20Interview%20Tips%20and%20Guides%20was%20last%20modified%2Curl.https%3A%2F%2Ftheinterview%252Etop%2F%2Csite_name.Interview%20Questions;ses=de54d077-e9ad-4b8b-83a2-96a18bc9b5bf

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:03:56 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 151ms
42ms Script
application/x-javascript 88.221.169.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-143.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:57 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: B402EDC6F7271ED7
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=19024
accept-ranges: bytes
content-length: 948
x-amz-id-2: 3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 50ms
49ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=theinterview.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 52ms
51ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=theinterview.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 142 KB
41 KB 809ms
809ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3126539588222323&correlator=3160568851091581&eid=31070110%2C31069564&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=1254144%3A22490338074%2Ctheinterview_top-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=2534433225&sfv=1-0-38&ists=1&fas=8&prev_scp=tap%3Dtheinterview_top-pixel1-5599019990266586%26bra%3Dmod19-c%26ezoic%3D1%26iid1%3D5599019990266586%26br1%3D300%26ga%3D2497208%26bvr%3D8%26ap%3D9999%26al%3D1006%26ic%3D1%26eb_br%3D90c3c48d0172916d27c102ea4aa9d49c&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1666771436953&lmt=1666735762&dlt=1666771435815&idt=324&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftheinterview.top%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1926362817.1666771436&ga_sid=1666771436&ga_hid=1433797178&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9373dfb95ea536a09faa24b4ed2751b1e416eca0a3c7a86ca1f06b916e66a501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41898
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2022102001.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022102001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fea7b0113ae6fdb085de4fda6c1c5d2920fc700be5fb52142a4d17b09c01f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13942
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 26 Oct 2023 07:29:43 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 171ms
75ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 dark-bottom.css
theinterview.top/ezoic/styles/ 3 KB
808 B 345ms
44ms Stylesheet
text/css 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/ezoic/styles/dark-bottom.css
Requested by: Host: theinterview.top
URL: https://theinterview.top/ezoic/cookieconsent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:57 GMT
content-encoding: br
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "bd7-5ebcec1840b80-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
content-length: 726

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/wp-5dd27714e8892d0d45681a36d995c454/ 27 B
207 B 284ms
275ms Script
application/javascript 72.246.168.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/wp-5dd27714e8892d0d45681a36d995c454/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-124.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:57 GMT
content-encoding: gzip
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 47
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 260ms
235ms Script
application/javascript 72.246.168.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6358e9ec541c80a2&bkl=0&bl=1&pdt=1522&sid=6358e9ec541c80a2&pub=wp-5dd27714e8892d0d45681a36d995c454&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=theinterview.top&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1666771437136&jsl=4096&uvs=6358e9ec83d6bebc000&skipb=1&callback=addthis.cbs.jsonp__74106498190512250
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-124.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 14670ce312747383c022d113b24b5fbea43ce3b45b4a0021340f6c9a127ce9b2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:03:57 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 442E 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 6678 71 KB
26 KB 66ms
65ms Document
text/html 72.246.168.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.168.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-168-124.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://theinterview.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Wed, 26 Oct 2022 08:03:57 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 204 greenoaks.gif Show response
theinterview.top/detroitchicago/ 0
45 B 343ms
41ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MGViYWRjMS1kMDRiLTQ2OGYtNmQ1Mi1iZjVkMTE1MDMzZWQiLCJkb21haW5faWQiOiIyMDU4MDUiLCJ0X2Vwb2NoIjoxNjY2NzcxNDM0LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMTAtMjYifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI4In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjMifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInRfZXBvY2giOjE2NjY3NzE0MzQsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInRfZXBvY2giOjE2NjY3NzE0MzQsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:03:57 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:03:57 GMT

POST
H2 204 greenoaks.gif
theinterview.top/detroitchicago/ 0
39 B 343ms
42ms Ping
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MGViYWRjMS1kMDRiLTQ2OGYtNmQ1Mi1iZjVkMTE1MDMzZWQiLCJkb21haW5faWQiOiIyMDU4MDUiLCJ0X2Vwb2NoIjoxNjY2NzcxNDM0LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiI1NDQifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjE0NzYifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjQxIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjEwMiJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjEwMiJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxMjQ1In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiMTU4OSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInRfZXBvY2giOjE2NjY3NzE0MzQsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMTU4OSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInRfZXBvY2giOjE2NjY3NzE0MzQsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MGViYWRjMS1kMDRiLTQ2OGYtNmQ1Mi1iZjVkMTE1MDMzZWQiLCJkb21haW5faWQiOiIyMDU4MDUiLCJ0X2Vwb2NoIjoxNjY2NzcxNDM0LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfV0=
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://theinterview.top
x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:03:56 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:03:56 GMT

GET
H2 204 greenoaks.gif Show response
theinterview.top/detroitchicago/ 0
61 B 347ms
42ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MGViYWRjMS1kMDRiLTQ2OGYtNmQ1Mi1iZjVkMTE1MDMzZWQiLCJkb21haW5faWQiOiIyMDU4MDUiLCJ0X2Vwb2NoIjoxNjY2NzcxNDM0LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiIxNjIyIn1dfV0=
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:03:58 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:03:58 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 98ms
30ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 22:06:30 GMT
content-encoding: gzip
age: 381447
x-guploader-uploadid: ADPycduLSP6Irat4tHB9fuv-07Z5eHrALNcqWbrYD_gsULqTLdO3eQAMwK0o2sbIhxS8BKdwjS6UU5HEm_DML3Yfy-9EuQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 21 Oct 2023 22:06:30 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 110ms
37ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Oct 2022 08:03:57 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 577ms
185ms Script
application/javascript 34.208.243.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.243.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-243-53.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:58 GMT
cache-control: public, max-age=86400
last-modified: Tue, 25 Oct 2022 22:19:16 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
17 KB 112ms
42ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
server: cloudflare
x-amz-request-id: 453PP7WYX2NX7RSG
age: 3399
etag: W/"52bb09fbb0a7c9360d68135b7668a1d7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7601adaeef48dcfb-LHR
x-amz-id-2: Ng0nbkCn6Hmq/rv4oZMD9BMxs6W70aK4UyYCAmowo+7B8eOVWHpsZxd4bRMS/oyfxveRD8hlLlo=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 119ms
29ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:47:20 GMT
via: 1.1 google
age: 997
x-guploader-uploadid: ADPycdvEYMVrMap998EE2Pp7TOvrLikTgOcTAB_fn8H6HZA6qpbnZMYYZJvqPCYNUthmBxin71EHPotncisT78HS5535
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Wed, 26 Oct 2022 08:47:20 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 31 KB
10 KB 143ms
42ms Script
text/javascript 13.225.78.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f242f280a342b863b71dc67408bcdde0ce2dcf2d02e9dfa8500605dc26a06ed9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 16:35:07 GMT
content-encoding: gzip
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
last-modified: Fri, 21 Oct 2022 16:32:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 55731
x-amz-server-side-encryption: AES256
etag: W/"a576cab5f14785e90bbbb12b6ee95a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: JZr4oDOibhuJqn3gQ74z6uakI0IHt1nNP1dsasBm4Ukz738mVaqsKQ==

GET
H2 200 uid2-sdk-0.0.1b.js Show response
prod.uidapi.com/static/js/ 4 KB
5 KB 408ms
126ms Script
application/javascript 3.131.70.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.131.70.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-131-70-143.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:58 GMT
cache-control: public, max-age=86400
last-modified: Tue, 17 May 2022 17:30:07 GMT
accept-ranges: bytes
content-length: 4559
vary: accept-encoding
content-type: application/javascript

GET
H2 200 container.html Show response
cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6019 6 KB
4 KB 180ms
63ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theinterview.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 08:03:57 GMT
expires: Thu, 26 Oct 2023 08:03:57 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 greenoaks.gif Show response
theinterview.top/detroitchicago/ 0
15 B 343ms
41ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MGViYWRjMS1kMDRiLTQ2OGYtNmQ1Mi1iZjVkMTE1MDMzZWQiLCJkb21haW5faWQiOiIyMDU4MDUiLCJ0X2Vwb2NoIjoxNjY2NzcxNDM0LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjIwMTAifV19XQ==
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:03:58 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:03:58 GMT

POST
H2 204 army.gif
theinterview.top/porpoiseant/ 0
74 B 342ms
42ms Ping
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU5OTAxOTk5MDI2NjU4NiIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJ0aGVpbnRlcnZpZXdfdG9wLXBpeGVsMSIsInRfZXBvY2giOjE2NjY3NzE0MzQsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU5OTAxOTk5MDI2NjU4NiIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJ0aGVpbnRlcnZpZXdfdG9wLXBpeGVsMSIsInRfZXBvY2giOjE2NjY3NzE0MzQsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI5MGMzYzQ4ZDAxNzI5MTZkMjdjMTAyZWE0YWE5ZDQ5YyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU5OTAxOTk5MDI2NjU4NiIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJ0aGVpbnRlcnZpZXdfdG9wLXBpeGVsMSIsInRfZXBvY2giOjE2NjY3NzE0MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMywiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMywiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NTk5MDE5OTkwMjY2NTg2IiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidW5pdCI6InRoZWludGVydmlld190b3AtcGl4ZWwxIiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MjA4NjExMDk1In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NTk5MDE5OTkwMjY2NTg2IiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidW5pdCI6InRoZWludGVydmlld190b3AtcGl4ZWwxIiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://theinterview.top
x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:03:49 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:03:49 GMT

GET
H2 204 army.gif Show response
theinterview.top/porpoiseant/ 0
15 B 344ms
42ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU5OTAxOTk5MDI2NjU4NiIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJ0aGVpbnRlcnZpZXdfdG9wLXBpeGVsMSIsInRfZXBvY2giOjE2NjY3NzE0MzQsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIyLTEwLTI2In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:03:57 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:03:57 GMT

POST
H2 204 army.gif
theinterview.top/porpoiseant/ 0
16 B 342ms
42ms Ping
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNTU5OTAxOTk5MDI2NjU4NiIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJ0aGVpbnRlcnZpZXdfdG9wLXBpeGVsMSIsInRfZXBvY2giOjE2NjY3NzE0MzQsImF1Y3Rpb25fZXBvY2giOjE2NjY3NzE0MzgsImFkX3Bvc2l0aW9uIjo5OTk5LCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiYmlkX2Zsb29yX2luaXRpYWwiOjMwMCwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjMwMCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6ODg0LCJtdWx0aV9hZF91bml0IjpudWxsLCJtdWx0aV9hZF9jb3VudCI6bnVsbCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://theinterview.top
x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:03:58 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:03:58 GMT

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Ftheinterview.top%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Ftheinterview.top%2F&rid=esp&cc=1

85 B
103 B

156ms
125ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ftheinterview.top%2F&rid=esp&cc=1
Protocol: H3
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 6d622dd9aa7439a2b0bdc437d5a36ed51efd2bdb2c683bd8293fa11cbbcda559

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:58 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-/D4DmDZWhqSiD03a97p5ML6eVPQ"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theinterview.top
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 26 Oct 2022 08:03:58 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://theinterview.top
location: /esp?url=https%3A%2F%2Ftheinterview.top%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 si
capi.connatix.com/tr/ 42 B
42 B 219ms
125ms Image
application/json 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:58 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 62

POST
H3 200 encrypt Show response
esp.rtbhouse.com/ 221 B
238 B 107ms
49ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: ab8a1374207a8a89dbc6f011100b31c49ea166bfa1f5a8a5e1ad961ce85971dc

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Oct 2022 08:03:58 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 4125811374f3404cb65f21a3835e4597
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 144ms
71ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://theinterview.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://theinterview.top
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 26 Oct 2022 08:03:58 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 8923136b511c23aeafa921991a667733

GET increment
id5-sync.com/api/esp/ 0
0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 488E 15 KB
6 KB 225ms
35ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=theinterview.top

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://theinterview.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 08:03:57 GMT
server: Kestrel
server-processing-duration-in-ticks: 914132
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 css2
fonts.googleapis.com/ Frame 6019 4 KB
636 B 132ms
51ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 08:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 07:14:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 08:03:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FCFF 8 KB
895 B 119ms
52ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 08:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 07:08:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 08:03:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame FCFF 2 KB
984 B 185ms
77ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:31:53 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame FCFF 23 KB
10 KB 146ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9257
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 07:46:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame FCFF 3 KB
1 KB 184ms
78ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 06:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 06:47:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame FCFF 17 KB
8 KB 153ms
47ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:21:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FCFF 0
0 141ms
47ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjFiy_lEU3y9EOe0mdjXB_xMdtri0hiZ0CDTxcYWBosoBAdsG6HHsO1I3AGqVtnfH4Bjss_EpQwULgrheN58MuuuZYlQ
Requested by: Host: theinterview.top
URL: https://theinterview.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCFF 152 KB
47 KB 144ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 08:03:58 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame FCFF 33 KB
14 KB 142ms
41ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 06:50:44 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame 6019 19 KB
8 KB 154ms
51ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8235
x-xss-protection: 0
server: cafe
etag: 7715946797152839796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:20:42 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6019 205 B
519 B 146ms
48ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:37:54 GMT
x-content-type-options: nosniff
age: 23164
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 26 Oct 2023 01:37:54 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6019 604 B
694 B 147ms
49ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:19:13 GMT
x-content-type-options: nosniff
age: 2685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 26 Oct 2023 07:19:13 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 20 B
309 B 138ms
40ms XHR
application/json 52.49.202.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.202.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-202-27.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

expires: 0
pragma: no-cache
date: Wed, 26 Oct 2022 08:03:58 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://theinterview.top
cache-control: no-cache
x-server: 10.45.30.145
access-control-allow-credentials: true
content-length: 20
x-consent: absent

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1340 143 B
476 B 126ms
40ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 07:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 488E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=theinterview.top&sn=ChromeSyncframe&so=0&topUrl=theinterview.top&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=3ScQhHw5T1ZHNzRTU2ZoalRUdXN3OVR0Y3I1ZXZ5TDl3cXYwTGVGYnVSR01qUTdISTZLeHVaeUVXMCtMemwvalpzNCtlUkRUcFJNQkpwM0FtRmR5N2lFN2FuZG1YM3lxcVc3ZTZyUDlXV0dLZ2hJQ04vbUlNYnphcGEvRD...

470 B
682 B

135ms
38ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3ScQhHw5T1ZHNzRTU2ZoalRUdXN3OVR0Y3I1ZXZ5TDl3cXYwTGVGYnVSR01qUTdISTZLeHVaeUVXMCtMemwvalpzNCtlUkRUcFJNQkpwM0FtRmR5N2lFN2FuZG1YM3lxcVc3ZTZyUDlXV0dLZ2hJQ04vbUlNYnphcGEvRDFOdWRWUHZRZUNoN2dmaUUwVngrUnozRzVwNjVQdjQxM3B2UWVxMDR0L1FyQWJTajFhaFJaSFFwdGNEbkRTbmxhZzZjVUZlK1hIdHRFM1dCQnVMQXJQNEVXVWdLaUFLdlQwVDU1Vy94M2ZLVm1ZQkVyVHhSVzhiU1BLdG52OTJ1OWhjM2VHdytxRmJFMm5TckJKK1lGUnJlTDZtOHpWQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ba1149c0daa9d1c0441a535fbfb73d50630db5b75687291836a52e5bf18314f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:03:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2427331
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:03:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=3ScQhHw5T1ZHNzRTU2ZoalRUdXN3OVR0Y3I1ZXZ5TDl3cXYwTGVGYnVSR01qUTdISTZLeHVaeUVXMCtMemwvalpzNCtlUkRUcFJNQkpwM0FtRmR5N2lFN2FuZG1YM3lxcVc3ZTZyUDlXV0dLZ2hJQ04vbUlNYnphcGEvRDFOdWRWUHZRZUNoN2dmaUUwVngrUnozRzVwNjVQdjQxM3B2UWVxMDR0L1FyQWJTajFhaFJaSFFwdGNEbkRTbmxhZzZjVUZlK1hIdHRFM1dCQnVMQXJQNEVXVWdLaUFLdlQwVDU1Vy94M2ZLVm1ZQkVyVHhSVzhiU1BLdG52OTJ1OWhjM2VHdytxRmJFMm5TckJKK1lGUnJlTDZtOHpWQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 551496
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame F2DB 0
176 B 121ms
33ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theinterview.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 26 Oct 2022 08:03:58 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1340
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
19 B

140ms
57ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 08:03:58 GMT
expires: Wed, 26 Oct 2022 08:03:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 08:03:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js Show response
pagead2.googlesyndication.com/bg/ Frame C45A 36 KB
16 KB 124ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15944
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 22:34:24 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 160ms
75ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 204 army.gif Show response
theinterview.top/porpoiseant/ 0
61 B 344ms
42ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU5OTAxOTk5MDI2NjU4NiIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJ0aGVpbnRlcnZpZXdfdG9wLXBpeGVsMSIsInRfZXBvY2giOjE2NjY3NzE0MzQsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsxNjAwLDEyMDBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NTk5MDE5OTkwMjY2NTg2IiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidW5pdCI6InRoZWludGVydmlld190b3AtcGl4ZWwxIiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NTk5MDE5OTkwMjY2NTg2IiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidW5pdCI6InRoZWludGVydmlld190b3AtcGl4ZWwxIiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:03:59 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:03:59 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 50ms
49ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=theinterview.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 52ms
52ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=theinterview.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:03:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
525 B 858ms
857ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3126539588222323&correlator=2208737134287168&eid=31070110%2C31069564&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=1254144%3A22490338074%2Ctheinterview_top-medrectangle-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C125x125%7C300x250%7C120x240%7C970x90%7C970x250%7C200x200%7C180x150%7C234x60%7C728x90%7C320x50%7C468x60%7C320x100&fluid=height&ifi=5&adks=439780683&sfv=1-0-38&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D7089884492293115%26eid%3D7089884492293115%26t%3D134%26d%3D205805%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26as%3Drevenue%26plat%3D1%26bra%3Dmod19-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dtheinterview_top-medrectangle-1-7089884492293115%26eb_br%3D90c3c48d0172916d27c102ea4aa9d49c%26eba%3D1%26ebss%3D10061%26bv%3D15%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D300%26br2%3D300%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C2339%2C3430%2C3458%2C3460%2C3682%2C3683%2C3933%2C4185%2C4186%2C3676%2C2310%2C2764%2C2765%2C3054%2C3455%2C3456%2C3457%2C3684%2C4184%26lb%3D600%26reqt%3D1666771439535&eri=1&sc=1&cookie=ID%3D4157b19aeadbdaa4-22ae0fa357ce0050%3AT%3D1666771436%3AS%3DALNI_MZa_jlMqjRWGvJqoTIoWi9KoyohSQ&gpic=UID%3D00000b787bb22bdb%3AT%3D1666771436%3ART%3D1666771436%3AS%3DALNI_MaVxJFiY56BSu-spinfTgOXDEtdyw&abxe=1&dt=1666771439538&lmt=1666735762&dlt=1666771435815&idt=324&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftheinterview.top%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1926362817.1666771436&ga_sid=1666771436&ga_hid=1433797178&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-5HHmsEwSABSAghkEhkKCnB1YmNpZC5vcmcYwZbHmsEwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPuRx5rBMEgAUgIIZBLCAQoIcnRiaG91c2USrAFFeXZMcmlwbUxXcVNOeG5Tb0JiTVFWUTVBMTJlTkRFYjlkYW5IeDdLelN3QlJjZUY0QitNMDFLWWZodGU2aEhjazZCL3pWTWJFR01tdEpMd3NYUWFaeEY1SWwvZTRPN0NBRnNyL2NEdXVqWkZoS1JKcmZHSlM5cXBORTdndktkeGJvakZ6WVFUT2QrQ0VCUmdnZnhlNS9jdDNvVUR1bjdUcXVCZVBqTDVvbjg9GP6Ux5rBMEgAEj4KBW9wZW54EixleUpwSWpvaVFVSnZiMU0yY2xsVFUyMXVVVkpqZEN0VFUzWXlVVDA5SW4wPRj4lceawTBIABIZCgp1aWRhcGkuY29tGKCVx5rBMEgAUgIIbxIbCgxpZDUtc3luYy5jb20YmJTHmsEwSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c214669197e42b3ff91df62e238c536ee56bd9669983770e1ea97345de1bbf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 496
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 839ms
839ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3126539588222323&correlator=3856001858515529&eid=31070110%2C31069564&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=1254144%3A22490338074%2Ctheinterview_top-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&adks=1654379291&sfv=1-0-38&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D1442705282298647%26eid%3D1442705282298647%26t%3D134%26d%3D205805%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod19-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtheinterview_top-medrectangle-2-1442705282298647%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26eba%3D1%26ebss%3D10061%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D350%26br2%3D350%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C2339%2C3430%2C3458%2C3460%2C3683%2C3933%2C4186%2C3676%2C2310%2C2765%2C3054%2C3455%2C3456%2C3457%2C3682%2C3684%2C4184%2C4185%26lb%3D700%26reqt%3D1666771439531&eri=1&sc=1&cookie=ID%3D4157b19aeadbdaa4-22ae0fa357ce0050%3AT%3D1666771436%3AS%3DALNI_MZa_jlMqjRWGvJqoTIoWi9KoyohSQ&gpic=UID%3D00000b787bb22bdb%3AT%3D1666771436%3ART%3D1666771436%3AS%3DALNI_MaVxJFiY56BSu-spinfTgOXDEtdyw&abxe=1&dt=1666771439543&lmt=1666735762&dlt=1666771435815&idt=324&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftheinterview.top%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1926362817.1666771436&ga_sid=1666771436&ga_hid=1433797178&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-5HHmsEwSABSAghkEhkKCnB1YmNpZC5vcmcYwZbHmsEwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPuRx5rBMEgAUgIIZBLCAQoIcnRiaG91c2USrAFFeXZMcmlwbUxXcVNOeG5Tb0JiTVFWUTVBMTJlTkRFYjlkYW5IeDdLelN3QlJjZUY0QitNMDFLWWZodGU2aEhjazZCL3pWTWJFR01tdEpMd3NYUWFaeEY1SWwvZTRPN0NBRnNyL2NEdXVqWkZoS1JKcmZHSlM5cXBORTdndktkeGJvakZ6WVFUT2QrQ0VCUmdnZnhlNS9jdDNvVUR1bjdUcXVCZVBqTDVvbjg9GP6Ux5rBMEgAEj4KBW9wZW54EixleUpwSWpvaVFVSnZiMU0yY2xsVFUyMXVVVkpqZEN0VFUzWXlVVDA5SW4wPRj4lceawTBIABIZCgp1aWRhcGkuY29tGKCVx5rBMEgAUgIIbxIbCgxpZDUtc3luYy5jb20YmJTHmsEwSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4efca2c134a5f6ba732720b241f61563dc10b8201246074b3862d89191665bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12632
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 831ms
830ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3126539588222323&correlator=3841308122219015&eid=31070110%2C31069564&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=1254144%3A22490338074%2Ctheinterview_top-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&adks=1206242009&sfv=1-0-38&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D3578579878260585%26eid%3D3578579878260585%26t%3D134%26d%3D205805%26t1%3D134%26pvc%3D0%26ap%3D1140%26sap%3D1140%26as%3Drevenue%26plat%3D1%26bra%3Dmod19-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtheinterview_top-box-2-3578579878260585%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26eba%3D1%26ebss%3D10061%26bv%3D0%26bvm%3D1%26bvr%3D2%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D350%26br2%3D180%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%2C2339%2C3054%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C4184%2C4185%2C4186%2C3676%2C2310%2C2765%2C3684%26lb%3D400%26reqt%3D1666771439545&eri=1&sc=1&cookie=ID%3D4157b19aeadbdaa4-22ae0fa357ce0050%3AT%3D1666771436%3AS%3DALNI_MZa_jlMqjRWGvJqoTIoWi9KoyohSQ&gpic=UID%3D00000b787bb22bdb%3AT%3D1666771436%3ART%3D1666771436%3AS%3DALNI_MaVxJFiY56BSu-spinfTgOXDEtdyw&abxe=1&dt=1666771439548&lmt=1666735762&dlt=1666771435815&idt=324&adxs=436&adys=337&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftheinterview.top%2F&frm=20&vis=1&psz=1600x90&msz=728x90&fws=0&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1926362817.1666771436&ga_sid=1666771436&ga_hid=1433797178&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-5HHmsEwSABSAghkEhkKCnB1YmNpZC5vcmcYwZbHmsEwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPuRx5rBMEgAUgIIZBLCAQoIcnRiaG91c2USrAFFeXZMcmlwbUxXcVNOeG5Tb0JiTVFWUTVBMTJlTkRFYjlkYW5IeDdLelN3QlJjZUY0QitNMDFLWWZodGU2aEhjazZCL3pWTWJFR01tdEpMd3NYUWFaeEY1SWwvZTRPN0NBRnNyL2NEdXVqWkZoS1JKcmZHSlM5cXBORTdndktkeGJvakZ6WVFUT2QrQ0VCUmdnZnhlNS9jdDNvVUR1bjdUcXVCZVBqTDVvbjg9GP6Ux5rBMEgAEj4KBW9wZW54EixleUpwSWpvaVFVSnZiMU0yY2xsVFUyMXVVVkpqZEN0VFUzWXlVVDA5SW4wPRj4lceawTBIABIZCgp1aWRhcGkuY29tGKCVx5rBMEgAUgIIbxIbCgxpZDUtc3luYy5jb20YmJTHmsEwSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

824ca75564f14c6fd0537d19509e1ee69ca2e80024d2355fbcf0950c709f95d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12651
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ACB2 6 KB
3 KB 128ms
45ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theinterview.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 08:03:57 GMT
expires: Thu, 26 Oct 2023 08:03:57 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 army.gif Show response
theinterview.top/porpoiseant/ 0
15 B 42ms
41ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzU3ODU3OTg3ODI2MDU4NSIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWludGVydmlld190b3AtYm94LTItMCIsInRfZXBvY2giOjE2NjY3NzE0MzQsImFkX3Bvc2l0aW9uIjoxMTQwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzU3ODU3OTg3ODI2MDU4NSIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWludGVydmlld190b3AtYm94LTItMCIsInRfZXBvY2giOjE2NjY3NzE0MzQsImFkX3Bvc2l0aW9uIjoxMTQwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI5ZTBhMWNlNWIyNDU1Y2I5YjQ4ZDVkZjRjNmJmNDA1MyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzU3ODU3OTg3ODI2MDU4NSIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWludGVydmlld190b3AtYm94LTItMCIsInRfZXBvY2giOjE2NjY3NzE0MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMzUsImFkX3Bvc2l0aW9uIjoxMTQwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDM1LCJiaWRfZmxvb3JfcHJldiI6MC4wMDQsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzNTc4NTc5ODc4MjYwNTg1IiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidW5pdCI6ImRpdi1ncHQtYWQtdGhlaW50ZXJ2aWV3X3RvcC1ib3gtMi0wIiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiYWRfcG9zaXRpb24iOjExNDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0NTA3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzNTc4NTc5ODc4MjYwNTg1IiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidW5pdCI6ImRpdi1ncHQtYWQtdGhlaW50ZXJ2aWV3X3RvcC1ib3gtMi0wIiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiYWRfcG9zaXRpb24iOjExNDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:03:59 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:03:59 GMT

GET
H2 204 army.gif Show response
theinterview.top/porpoiseant/ 0
61 B 42ms
41ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzU3ODU3OTg3ODI2MDU4NSIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWludGVydmlld190b3AtYm94LTItMCIsInRfZXBvY2giOjE2NjY3NzE0MzQsImFkX3Bvc2l0aW9uIjoxMTQwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIyLTEwLTI2In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:04:00 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:04:00 GMT

GET
H2 204 army.gif Show response
theinterview.top/porpoiseant/ 0
15 B 42ms
41ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzU3ODU3OTg3ODI2MDU4NSIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWludGVydmlld190b3AtYm94LTItMCIsInRfZXBvY2giOjE2NjY3NzE0MzQsImF1Y3Rpb25fZXBvY2giOjE2NjY3NzE0NDAsImFkX3Bvc2l0aW9uIjoxMTQwLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiYmlkX2Zsb29yX2luaXRpYWwiOjQwMCwiYmlkX2Zsb29yX3ByZXYiOjQwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6MzUwLCJhdWN0aW9uX2NvdW50IjoyLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo4NzQsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:04:00 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:04:00 GMT

GET
H3 200 container.html Show response
cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 02E0 6 KB
3 KB 109ms
42ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theinterview.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 08:03:57 GMT
expires: Thu, 26 Oct 2023 08:03:57 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 army.gif
theinterview.top/porpoiseant/ 0
34 B 42ms
41ms Ping
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ0MjcwNTI4MjI5ODY0NyIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWludGVydmlld190b3AtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NjY3NzE0MzQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ0MjcwNTI4MjI5ODY0NyIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWludGVydmlld190b3AtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NjY3NzE0MzQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI5ZTBhMWNlNWIyNDU1Y2I5YjQ4ZDVkZjRjNmJmNDA1MyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ0MjcwNTI4MjI5ODY0NyIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWludGVydmlld190b3AtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NjY3NzE0MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMzUsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDM1LCJiaWRfZmxvb3JfcHJldiI6MC4wMDcsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDQyNzA1MjgyMjk4NjQ3IiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidW5pdCI6ImRpdi1ncHQtYWQtdGhlaW50ZXJ2aWV3X3RvcC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzNTUwIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDQyNzA1MjgyMjk4NjQ3IiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidW5pdCI6ImRpdi1ncHQtYWQtdGhlaW50ZXJ2aWV3X3RvcC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://theinterview.top
x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:04:00 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:04:00 GMT

GET
H2 204 army.gif Show response
theinterview.top/porpoiseant/ 0
15 B 43ms
42ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ0MjcwNTI4MjI5ODY0NyIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWludGVydmlld190b3AtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NjY3NzE0MzQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIyLTEwLTI2In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:04:00 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:04:00 GMT

POST
H2 204 army.gif
theinterview.top/porpoiseant/ 0
16 B 42ms
42ms Ping
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ0MjcwNTI4MjI5ODY0NyIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWludGVydmlld190b3AtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NjY3NzE0MzQsImF1Y3Rpb25fZXBvY2giOjE2NjY3NzE0NDAsImFkX3Bvc2l0aW9uIjoxMTAwLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiYmlkX2Zsb29yX2luaXRpYWwiOjcwMCwiYmlkX2Zsb29yX3ByZXYiOjcwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6MzUwLCJhdWN0aW9uX2NvdW50IjoyLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo4OTMsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://theinterview.top
x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:04:00 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:04:00 GMT

GET
H2 204 army.gif Show response
theinterview.top/porpoiseant/ 0
15 B 42ms
42ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ0MjcwNTI4MjI5ODY0NyIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWludGVydmlld190b3AtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NjY3NzE0MzQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDQifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjM1Nzg1Nzk4NzgyNjA1ODUiLCJkb21haW5faWQiOiIyMDU4MDUiLCJ1bml0IjoiZGl2LWdwdC1hZC10aGVpbnRlcnZpZXdfdG9wLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjY2NzcxNDM0LCJhZF9wb3NpdGlvbiI6MTE0MCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkdCIiwicGFnZXZpZXdfaWQiOiI3MGViYWRjMS1kMDRiLTQ2OGYtNmQ1Mi1iZjVkMTE1MDMzZWQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTA3LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI0MzYifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjMzNyJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjcwODk4ODQ0OTIyOTMxMTUiLCJkb21haW5faWQiOiIyMDU4MDUiLCJ1bml0IjoiZGl2LWdwdC1hZC10aGVpbnRlcnZpZXdfdG9wLW1lZHJlY3RhbmdsZS0xLTAiLCJ0X2Vwb2NoIjoxNjY2NzcxNDM0LCJhZF9wb3NpdGlvbiI6MTExNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkdCIiwicGFnZXZpZXdfaWQiOiI3MGViYWRjMS1kMDRiLTQ2OGYtNmQ1Mi1iZjVkMTE1MDMzZWQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiItMSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiLTEifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:04:00 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:04:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 56B9 624 B
297 B 53ms
52ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuZmXARiTqfjQATAB&v=APEucNWDJjYfgKAmmPG-ZFYURKgXZfzNPkr0JiQkKLMW0kvf8GPijPtYaheaE_wcv2-Lc5OfHYJO03D0BoRk5dv5XSXYjV4R9kF8LiSB8PEHZP0ZGXcVcpMFEGJU4g-sB94DuYSAGfvaTV3qkWUqyjcae8CW_YXCrK_EBjy94FFbQCi7KZXydF6gdv-6oVID3ce2XrDE_W65PU385yXtICYqrJmj81Wo7Q

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 08:04:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 02E0 15 KB
11 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALIvsHbTk9vv4Bqr1PvPOHa2pKQRH7o8bj4X10xBAk_kVDfCrcd_GQIMDu7iAtAAtXCZajl3qFNnifI-u0AIdoIFEK2GMtUsV80hFZ4pfAFtcUGoiBeneaWu_WpkS5VY9ZFzuuXWEIfZQLcTd5aXOpUTdPvkeUiotbYh8qMh-Fc8oall8&cry=1&dbm_d=AKAmf-AEXRzPl_jI19cUeHYAOpAZwK_2qLIfX64J2VlGct7rO6Ox16sUQSIccIXIEsG_UMcswjP3zHjYaurc7d895kTlAy3dQ_pk2ip2W5sbZjrciCgVBY2nSj6bnW4LMp8fYzX-X14RSSEGrxEathSLRt6sOA2jIrnvQ7In_WKTRbrEDe2ZDA347XRYqE7l4V9YKbojMSlmBgascViRXQ07YLgO7BBxzZQfOkm9le3GwQkewppzm7sK6j5iij3Bu6oBkgvsrrN75svseHKguXI0jjJb_CbF5Jj3_ZluIvNaRHWyvj2OQj2XxMMRmERtUvo8AyhikATvpbEqgfaq7PUwRtIrrA1cQdq3yIk2N6kVLSkm43N2zpgbKRqLd35ZKrj6JUHKn0Nk979wBFA-unHaB4iBK3V0o1XmMYzXwYZ4epTwhjpkYsOcZrLeG-0gkfnVMvCrDPsSvDYvnabaFtUAAas1cHhqulwr3OPckgp5g9iTIccl6Es_qB-4Z-J9Bm0Y4D8BDh9knhdurLBMtr9vg6nUk1MOnBKYyleW1wnwS0s61IRBTsM8JnGfonYhyoVqF44TzA0PPqu8OEJVf2U9DCAjNLZTrYY_FkjpKuOQWifhZHLdwr14-LrapXeB-HasSEQiWB43qEQMj2Qy1ngVMpOgTskgZNfV7S62JKfuFtP-TMlO_VnwMnEZ5TKxrfW9l-9lMJ0MoTC4hBpMGfZ7Z6nuEbeZXuTrxsWOozvJqI7aaRysghRFEoejcdPXCZZkNsjKXqkphN9-CL3Zv2ygATN3lkiTemZiDSuVvCqrJJ8g9rCq962Ccmh16kVv5OREA6N1ALCnazPesH9Q6vHszKKnaTQ_GcGi-ntojnrMmlQug1HMF87zuVhCSDTi1A626JJ3fpbY04MH2xNykiinshAwdI4GdS5T7RnDvuBuVSDslOyyilfTpP7K9tC0aL-t_CCUpiMjh2wgv60Qywi7EsLz4SAqZ2vXqp_DGIGs23aTTaEw1uBiJNqBdPL6CsX84ZvE-uMPId27VVsZo3GOftEDXSHk8jaD_0OGqJ7XhrrbANs0kyKrYUeeRFXSyMGwXlFF7CP52IZw-hxWRU1ERGvT5aS6YAfJM0--Cdjjr-2_EZ18sVBJ_Zte3zfBPjgItp6QkIVf0at4meXPrykhNH9oTgL2Ro4IpEOkqIzTOvgdpmvFIZ95PlhlQkBpYm9Ft4cTzKSBOrUWT6C8ZSjeLjzgHFQvq1ieKs8n7U415B5KNAWAaxG6rlKmCWGmJaZkVHVZVPXRF1bTQ2QNt7gWqzo55u3l2cRuSeLSXBjg6W8oeMbQxn8zYJxSLLRgU9N1GEyuQ79MAFk9fmKjDqaNdzYR0Icw9wo5eThnGqHQ8FSYrP_Upn0Umq7lT41OOCWQKE0wLD7KqxAM9YrC-ys8hxBePdfsmZ8TZNakMxK2BZ-VWOgJaUEcQticmOexZHRkTKUSgT7dMS4FeuiS0_7ySrnIdXNA863-caY1l_qfyfa3LcMPOOje0FX0Xk6GlMrum3PdeLond8_0lNbED2wD4vFHqh0nymoU7AhmuityCm7oX7IgOp41nQWSCwmOY1q_NCRqgniHdwIVgGsibXL6zZbJn7HMOEv7t-HokLQWpOUrBf5QZLZv0uQbQ9EkAci1zQt3uGUC9GP5R8hFKgN-wqeAsIaowEVVhRSdObDfaFL-OWoHv9-_39o4S3PVAK1BK98qQWKF-XbIFmCjRzw7GJT8-e6QoVab_Lve-XafJ5qwRUNRW4lLiKopeSv8C0BU4lauUHT7xlTV9dl8A0P-5SEVeQUL2Nz8RnQkvmh96B-GebIo9PpbDILxjT7iUGRCxjDpNCi5epiqiwkCEIuWKDW9nyedel_lzOLS_36N-FA_0fJ0d-KJ_qCfYY_QJliiyWN2LVEZIW8tt3dMX1XrfcIwy9bzwfW0eOzSATn7TSzgY0MyPbX8JNzRsLommXDdRvFVXcbr2vgUKk1hqT8HxfCsTf3Y4CEMj6OGNIR67PakvNxd2B3_f1TszsOmgMVSazacsmJWGPGYrmMgif_QDFK3KlMkHoNa36LF0vR07NqpekgTOjX3uQqI4tHaM99U1QDFU36tojdnU6QQY4ecQD76y1yvkyk48nS61et5nq2nyT_IiR7S3Vfr6h-fa3FVfmHQRCcDjdzDZR5XrI1Svat_KAIRtdtt3lQR-A7ownChsoPD8DqWRZEg8LtAgULpfGuXcHhpF_k7VZ8AkoTgrXtc-ykMarRWqiK7WEaVBq6dhsm2a4vR05aAyqsJvIwCxDkShgT1tJ6YUQpAYGBPMeX-V9DvEsi39F1xiZYewxJXhPrYwNa_kd4igtIz7hYTEnpCuIQz59DSY6BSl_-73aBQ2qxJ0uHQ5nJuK2VRcQwEMrjs_1nQESkaJXEWrSDVg3bIK0k7eeKWmnEpSQDHCrOMIsM5OcWemAaRaATnnPOrJPXsisSIb3j3dJuaF-GOf_KnRVQvHvE8MDxyFnqbnU2MZTNl5AappKPAnY_YMvytFyd3YgrZAWuRredHyKfogkGaTxPU-T3Sd0KvHj8nFRWZQCyO9X7rIDiqJO3wJ7jYVMScLxoqfQKYJu2Lktnzsad3-VPkBXd-1pQUk5tNkr8g9w14066zOhaZVLT9vc-pQae-vQTLFvUkHB38qF0d6d2wV7zlwqYUNxhITOloTV-LqF_RYAzSdA6EjzBpXKTL5sn4PZ-ShByEsK0N6vsuUWdYeqhVLor-bIJlXtaRRkOUC1ggvakQL005g1IdBitudiJ_r0SRVmNIx7N0rYVs4pDlkCsQVuVKGiMb7tJkdFV1uCbW2a2h7Z8T-vh_-DXsPfvbleA&cid=CAASJORooBQSoGshp-BAgbY_SCn19g9bUo27cEJPuZ7-X6GkH8intQ&rfl=1%2Chttps%253A%252F%252Ftheinterview.top%252F%240

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71efdcd9089b186abcfbe7bbad03576f3b42381c4d19d9947bc6fbe176df7098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11214
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 02E0 42 B
63 B 126ms
126ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AOzS4JY255F5zxtm9HveG9XjG9nrTqqt1YGzEysQFepEo3uJXiL-obUk0ijAKjRPkMspGrdA81nLgCKBGdekGsHjG9TOcB5oFohK4GFO8jBCYTobk

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1132697/64943729/xbbe/creative/ Frame 02E0 244 KB
74 KB 160ms
45ms Script
application/javascript 54.220.95.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1132697/64943729/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-Bjh2auWtteFShuIuA5u0JzNHXaUi5T9qJayfEI5Tj3CbSsAwuStJ_ytANEYzRS2nfTzF1kuD3bh042r85VignI5324EFCeNmIe6dFPajJJDWhUeD-FpJBHof7g__5a55OIozAQpsNnn8UFqXRt8h2dQ1XUmcEBmJbwLV9_0m8zUNm86tsS-RIAoCZ_4ESRNq0g5-1YFhg-OcKcLQqmUrgyE3_4ujDSMpVDrlHr1ftgunB_IVYPv5NUKg87a0BuStdtRzVISfk4_Qe0-dVF7phi8YkAEjCwYUlBNUBuSKJQuJoee4EpQZXJbsNBv_bgSm9t8boqKG6xaGvRy9STn1-cMyTrXqpn8N1NLLpwgoHmUP050RyGz9af7DwcaPBDe6JqOCBR5a0hAnuImh2NYWfDMGkNWdTgjJ_T2Ocgdhp1EHLyNd2q27eCY4V81lrH4hq7vKWR3_Z7y9UIGuMAzV9srnRA5TsWNM5KiAoC-Y-Cz3ppKCpGTsTGc29rcfjnlL7la61-cHQBGrZzvpo48xwWk5rI4ajGawfJBGCRZpktfbZyuLJuIrifPT10JG6p25N5fRBhrNCDxCs2p6kt_2uvtx1NOGicTWLhCBfluYO-4pY6B26K-w4X8V-NkFxjoZGKKkJ2hqKaOmfznfPmTvksshOg-_BIBFbxceBiYkMuZualCYtEl0Y6x6UudoMzbA0XgMTQdwvrmQC6AoGlWCLobQBiHtG6hEYzkfIPbznioD5HzDRDONNXGHSh5Qp9c1E_PipjpA0yr6QovyrEI9NZvdQ80UWIDRu-2Sz2xgwXoqKwADBToW6EqdTki82ppNpEMsi9cZ84_AJpa9KsG513ziCiiN65cNbefSzw-SzQlSRwXeJVs_cwH7S4Si6qWXNSIfMd3Vt9Iz6w6pYaHQkvHT5c29Y5r5524wSlBnY0gneMC1r1tYNsH4PJ8z3JcR8NWeiwcbus25KnO89Rqfexopoj1SQptbIhy57w3s0JCd2mWddHKjNNHHZIw20PGiaUMNjYKmuQFfPzwB6EAtQqdrHAu_qInHbZIDTP2oM765DfUpy_jZlX91jNk0RZXIFKNvmMlvCpscOJPZo2XHqYNX-rVb7Qmk9T7L-UttHYiyLmespEnoJpKsa_hVDUYbZEkZQ-69a_AOkvcSsGT_MAN_EHymrPUV8t2xdtqaSp_J-uOLj0Q5BRtcj40f2pm2VCmN5vNfrf1rXqTchSY5n--n21W735c6W7lNwsoFJAXldxHQGULixaRVG6ORqUDT3WqV_a7BZWJZOYx8SVwWhJ-0tBVqIo1aeEkLbu1BLb47LEVeUZz47WiOSvOONRowwdmjMPMKLwSAcgBEBNAvWwZhv9g9jxVw5h7QvYN0d8qebTao5ZKN-QzbihUZ2HbwA9gr3UVum6-PKQTQ9neiUaJsvAJLn2z4_UOWoUKtbX0P7C6V7FgDyHbVmJToMImTdm61GJ3WsHyMHBx5XyxlcVb2r56cNBCdT_oUhSueYr-9YhCs6eXcBKTC6J88qx9uFM2PZMafY6YCbdoC_vricsiEOOMyW8KMhrLw2l99QtQKdUFaVMyGN14juCd6ApD5AHSw_HFK_Iz4wg46shnGWwZxwSEVVEbdDIZkvMUMfhRC_zhz8Kt2aqzp4S7Vn3I_agOpv1ji-W3QZnv9Xau_Qf9EbLiYk3mJXzGxDAKJVQLdZw4FkeZMOja4UXeFyxR7uhkuB8hNmlcILFuTTj8F5xrEXcQsp7jgmuzXNg0wgT7JeLwhQy7uiT_t8LM4MLKpeiLVA1vrxT4IycGViKqOBy3OMOmj_HiURD1Bgl9d_Jk24Pnuz66JDzo9qs4hXbqh808SVcyKfFSZukzq1Y8T9crsNIgekwcoqBqQ0FIt1-gvNBgta1ogdKxjUUVWmXjto5uW9FAoYNK9w9DZip7gfUy9_IOctnZfSpIRcuMkKnD_WrymauLBdqzPuzvxVFse9zi2UP-7Uj2FaphcRvzRmZxKecrj_XOTJjzmcG3cU3kz5rbpjtAp3tRL5hVNiyXOfdKlFDuzSFdhZmpnYXGLfmiCMrkXzRlBWZlsrVr80V3faQrcDmagmOzUy3eWavxC8i4PB9XCrjYoo87gGmEmOTxuX-jMsUTmTdM_HUoE6Eq6tdFvHumKfJH2AGMPMr4GvYPuYsGS5KGFRzP_-3K6u-_HGOEdNRKi9Wy0RaQSpmLNpyDZrN6sewcXX95rpwjDGy81rp2X8swqGu6tJ8cb0TX3JxfdCr0IeteW7NZBkAZsaRYDo9qLtRxQB_2sHvns0DMSV6Fs_YlhEvLJ7HB5WU4Lckkqvg-B0F4fhnQE3bRoCkp91qqcneMT6qVzhRISvX9XQOaSiZp_CtEwqsgCpCLvZ7UZEspYJ_IaAWwGaH4WYVG3ZvMqu3DiVdBpi0um4HKCsr6hjx5sRdpQfGsmcNGR3CPy2s4yIgIoh_u6LEC-AqFNJyVdgHlZI8Qqtf48-FSVS5NIIeUGmJtc2wQQqs-vyGtomVBC8JdUXBGX-dBgn_1CYHX70rPwmZQ69wzMmOx3MsHVEDxyl-76N4ikdx8WErPh-T9AYaHQZY9qGAPxwFLlf4GaILM_0kVEMEc-yiISeqM2rMyYnNiS66nlbxoYQinNuS_eSxrOeObtsLBYKbXyGIH0E6jvLU4YBgITdTFEUfT4fBOmIeoihfBDQd7ZG5vG9Y71itHyFkA-wYygwVj9ajcqnsqOqBEJckMDPv2U5rCU2OEVqtMF4GfmBsOQdC_Qk48J-5yNoGMoU7Vue-2pcVgnndnsKvEdaqOmCXrxE52kfThOaFp50EzREhvTxloFtunzqGI_6nRuyUOly_Y-dBmuYgXFjIjh1ViF-yCI3a5MgRPIABWDa7wmeBINvMZJmneW4R9vASvlqhwm-NF9oN_Q493e2uGmz7CeCG4WiUU3p8xcjyFLSGnFpeG2tiW1dvmNU4Q9NJtgTbOfNph_IR5qr7MlSnGLyQs56SZVF-K1V8LvBzk5lBaHhtoRmPR-ZFqkKjiFc6YVdlgnq7NlNIoAsFoPmDNFu_ZEIMSGbKpQrWEMhpnONesFHXR26wrcfAiaIZvIcb7fk5mBIaTCsFsRwwDS-8xwG5O9c7Tjx31ZuLo1kxmv-qd1TmF-_EUL30RDQuBJ-_YihiXbz2uRiMBVfTUZXCm88bUSS5W1h4Na08bej0aoxYs7_r7HMYI31F__yjAV_qIhCKxPJYJyVL9xOKNg2kIVgu2Ltf2-iEqbHEiZOOOoJD9ytv8CkNypCcYgE1YF06-_WVvJrr69qMCrPa4BiCaWGdUGTmeeWqA2PtZbuIwaKzCtc8NObZCkxJJQF0uDvwOuxegphKv2dyQ4yy21onZNIEj98Y4lQfWK5_161TOINnfuoGGigIABIk5GigFBKgayGn4ECBtj9IKfX2D1tSjbtwQk-5nv5foaQfyKe1YAE&ias_dspID=3&ias_campId=1008765121&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=18081294602&bidurl=https://theinterview.top/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0igsVaT-ET_EJMQDRfJ10lf
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.95.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-95-67.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: da5e8214006d8af2b48e443ab56b4a079cf08a3adc54d680e871602ef54306b3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 02E0 3 KB
1 KB 136ms
52ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 06:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 06:47:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 02E0 17 KB
7 KB 126ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:21:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 02E0 152 KB
46 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 08:04:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4B19 624 B
297 B 53ms
53ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuZmXARiTqfjQATAB&v=APEucNWNRvVxA-8um-pTKZytqaQW_P6jUvLIus3WOyFsTfdw0hi8ZJ3V1a5P4pgIuPJ300mFxswgcI8QrJ0zQhwWgna-9Ag8mB7p56-Sl-5plPIoMOusl4gXdKPzUhU1-u-T7GelUKKZ_sW8SBKZ2fPPcKmE2EZeCtc77B48UxBm_d9x_MYGqJGi44t0s7zH0MDTDbXwICCwdW5fz5p4EB8yHzl-f7Un1Q

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 08:04:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame ACB2 15 KB
11 KB 86ms
84ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6gIDC9A1sf8TDGK9_ORFTLnbwZyQOXmZqjmIxeob2Uk1TgOCUaYKEmAMJSGIsc2DGii83ASsrAluZVhCDTOxAbDF91i-ggUDVgzR6fLqm4t9VJAxI_LFVJodSjPgF4Gwk53ftomHWt3E_eWwTPJnbQS3bWZmi8O5EkIkJxsZvvuHvUF4&cry=1&dbm_d=AKAmf-CNgy3BvhigHWDnsyBGkMd7LRKTXPuQc7y9koNAy_oA8Ob7zsASTVfXNSqA53UWfwSoELNWhEbq-FFN0CSO3WkcBv08ZZySqc1q-8hLlC4EdQk_AEW5Q_1f8GUlLP06PMo1aywy85td2HXhZY9UhhFHT8cflEGlf8TBkD6xVdE-HVTiIbSX3DSnX2zHr6IPijKKeySc3HcS-1OVdGv1bLRUjv0rFlCxITsMMIkCvthS5C4gH2mHhUSIqHbM0rZI6CVae2bQ96q2XD5grFo7q1YyugORXd1W7614az3ekU5i9G8aIMVI7UyAPw2PAnvLV9IPVgsFa08X17DJixuSyg32zOqjqkcGVky6iQzoQntnCpBP94ZGS145CJikBBWxrXFc2pXohRDuhHtJ_oenCss27q56graKadYwCWH1obDwRjVpCS9aT2cn64PLg09GUVWcWrVbMqEygX32OQ5J2DxpaQibdpbxVXPBipylYwbpJOWUfXwBu3QVTPV-xX1vQ-V9pWrLxTCKu1FzGMsIwqj5jdi8lAvFihek4e6uRJMzoR5qQvP3CSNKeKpk9CuQTz_bRjByez8Zhl8k_Ahhoaxnuum91b-GUEYXfn2U_O2Oake842iWLnhzg8k2qY_N6CeBrPHIqjCiyKSv9oK6k6BsVtWzYdcNnfuYOrxl-6mT-brGx7auUwZlhh5dX9EIqRz1LsA6ksZRHFM6F4bMSKVfhOeB-jG37SXMLfdnJrRSHKSMMuaNeWj7qILF62xesoWBoHgGGoTOEK2JP3vLtPP0HoXYdS6xc9_IWzY-c8cqgjaOcEAnqZRI6kmEpMf6qPU4-U4wykARbzjoTf0w7ZB0JGa1HNZkI0x--WZqIZdBq-Ab9htOxZC-6OVgwOaxyYc1srFK6suXKnyRzkm77zvg71mGT4xLC5Zww-zczfcOK_JET5gWu4UiHoo_pmbK7zyW1pt7TqHtjYZ7tu-1mKfJ2ii_llxv_Jybow-uFDoXAELOKTp4GnOXWx26XJ-BrNtY_sZH2gCcSk1OHgNBd5mZqxJwYY4uxHOSv2ET4Oaq88E4iuHcHLY2zRZzZHpCTSZ9QQ8jq8U92EwygLWIMylARCnPCWOVW-3-dmaaYyzh9jCKbng_gFVsNv_7qDKZZjyE1zrkjoJnpFoRJecNc6FCXyXyH3j834RGwNOQ7vBsfa-Tn-9cDm6igJNLDg1cHoYr-YSBi3_aQjfwSTzqIWyszmpUvK1OTXbPeGP8xyjIMdciuIdC6Xs-hXJIrIlLE4BI8SkvEeGsv4P_LEtJaU5JrzbWCEJP5Es83CF4KtHJ2_Jl77AdCLWyTZkcFTTKcpAbKQuzROnVRd6yZgSgnoyBOWxAfe5-DvHtzPUrmXJX4X1TLUeK52OmkfQtl1OSOkFDj_dm5XvePo4bvFIKRo6_a_a1yNavN3xcAWSyMcCUucN4lu6m-GDz9QucXgQ25RS0LijAqTCzpwSw7AB9huI_Hlqk3detwfsZezFXLr_D4ZqvUsu7_LZQaxtHaLL8324hcXwqGchUOgx-4zpllySXwF6s4scwHT9kzlDFq_vrZ52S2sDoXoKg5WVe199rIrL9fhQjVsd6bJ3iAeo8tfvWDiI8tQEplYDlJv_XfbFCOEWhorEK5_kBrC_4qoGoYixMlDWZbjqHqxdv37dVDnB-4Od9hucmRubb6PtQEv5HunKmxvrL2NuYNEJYpy6A6WFFBxJzKmFl090YH4iQEKzOzqhNHiKIzJ05McHip4r07UE1hnHdgHWzQIvucLPjBJJopvQz96SqzXjm2xWkAgLl3ZlaGfEOjaBfJ8a9OH4PX5L3TeTqZo2Jp0BApvv40sR7GOiotlRr1e9_i5kTLn2EObUWm7cAkDJkvo466PH0PtM5uL4TKw-tH_B9a7PyK-RjdvkHiRBeA5qovNG0vXlx_FqFgsM-Geq1ky2Rx_H7nzyZyVe6eDGN4BQZeFMiDIGppstS8bMo-j_n6YS_w3EoOuKKS9wqXpiB70D9Yb2OvapyZVE0I0vRBL3ovbYZjO3vXttystsD70FnypsjkyXHBQg-LqQLskmch0XXlgAJXiBvxZmR9MSpouGi6e4nj0twY734abk9ibP0fUqnXaFgAgouxLgGutgakKL-T0YAT5oma8n5UCWbZlNlv9Mn7hjSE-sIlN-MuR_iRqt7K6X0Cdo_0Sm22gpE65Qekn_DvPMJndcKyMVp6iK3mjin7pcBQrgkPlsZYV25MnrJBYhJIf3tGAYz9Tkcl8D5M4b_cAYpKdy6SMTKi6ipQnezZsqOeE4bjBPf_BSJVOGdjoMvxD4RHA75SOFfC3kRxZZCGc-FG-e2QXAUeShZltyiuezZZdSGo-m7JjzNY5NIssKgvwpBCelNbD5rlAuMqhTyeDcoxtJ69ddzw7qd8JQIYGafWibzsSd0zvFF0DsPeulkwuASOq6JqbRqstXRt8tow3_twqL9SCrTAS0KXTlJeHGazON1Z6dV4n85x5WmDYsSpMsQ5deQl0dQkqxlgQoOGatIyACG2aMcJFmdFjo18y1zr7DtGfadK4csEm31qLV-7B1afo7FAegCx0kn2tm6ODqg57xAhkNbS0X41sazdY1WM1nCBOoi9PrpCUoY4LptxyZa0BDTITbkAXzE0OQNFwmw6k9L3_cYP1lGsjPgESG-tOSt0RlNJ-3dVyqVYtcz3m9sy4ql-d_ukpV6_Ay8zllsBUXVfyJ4zdlvjTEWFhrLXXcGmwwUJOhEIip1Yy7gpTYmAVUUCblsEVsT6goijmj7bue8dAp7qSQwxOd7ubpXaqd9qJjUVpfB10dQxb0xSfKbHAt27HSwSPWagNL10FJc3Bc&cid=CAASJORoz7ecl5rOlBZkWKL1-8b2eyLIBViqLal2ju3IhhJQNozdvg&rfl=1%2Chttps%253A%252F%252Ftheinterview.top%252F%240

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c769572077ca861e51689e9c59d2dc1ce148a1ee07f12f88b753e9402218d0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11528
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACB2 42 B
63 B 122ms
121ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBhftqZnfKK1kPdAWXf03PGkKQkl_R0_QArhasjjtc_yrVQbBPdAb6Y6IwYcko7whGhSshwlTj4n0atIjmNSbPmpGVtfQxP2daZH6JLCnaigal1mI

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1132697/64943729/xbbe/creative/ Frame ACB2 244 KB
74 KB 156ms
44ms Script
application/javascript 54.220.95.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1132697/64943729/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-AqojwaCP09I2ZTi3aWf02VCt-nFfhblWk0QbhBNMQWmTvMRXhbDAFsg0VBF9f_aCMTwwyzss9Ei1Pz1NifMRZNzUfDsMvqSeYr-IRekfKfvJsHs_qApubwrHrCKmRy2DVHN_ZMj5J3HOTRjAod-GEpSeGcl8h8ReEAr12QP8ENIfKmO5AS-RIAoCZ_4Aof9_E-mqdKjWeQoPjA3PY6MQxPoY3WP2alDWjSkqYhjJ5Rj6W1QULDObtx2RgcaMtW8-pQaM-bjFEMfpHK83E25ty8Dem9Erz_DbWEFXilznrWCnfQFm2BGEFY2ZSzp_usCY09u6oR0jyipUF6MortQZcFM-bRWcKTrorzkLSwPEx-bUb8VZyzvQDKCunLxKeVrvaUXo1u4NW7dDxGKxf8ZCLhnjCQOsMXgtx-biJPodmT4hnDTvAvGfURj9eF0CoISMeAEsw9Cy9ifglmksX66cjI3NGqXrtd_v5nsmZswyf41HpTyKznHSqDCphFOeNw3tsoczO_xjot7Df1_YLXTEOSa-6MBOlwo2nA0EHQVAinnLCT4rFpnUWoELcoClSxwtcGbBRont6PJCItCXqyhKADxT80Omaxrn1rpnQ6qfGnrxedumG_ukl6zGqEs1H6rmwx5t_QYMDaGVa69hF5Hfvx2XjpL8aL4iVheBC9aHZu6eK2rWq3B1IXjDs5EaEvzU5nf-vnl4XfYDT7f6FIjsM6TIxpHSSM4PKqHWJal6Fiyyi8q3hW0QIunnDx_TjP8orXsi5yU7-D-EmjY-gHMlJoSZzMsckQdsuAzlcsxoGLqW2G5TF3Vd_gCPb9rOIdzvoxHaEyEK_zzViTjHBN-V8ew6374KYFLUNenOy9zNtEgJDW-z5DPx8Svgqdy6k0h9OERyRGWhJJjjzjLQ-OnFL9Y2sGU4YFdp42Js15362sj36Wzuj3yZzvApZ2hzcwdNvEYXmERrCH2F1dOp2B9Vb5IpvYSq8iZdZXyfDMmICP1yPcqXNlubQ88cS1Reqyg-HupO5UfAMfZphqsY1au6lXW2kNM4G--gVJbD2s7y2RGyYDuALlZ5nSqw7ENfIOlgJW0cNfPWRKmgmUk25Mjm1zfNv-cGAG8oiocIgN6rGVJaMkYCPgNnUW4C4iQ0umz6M7AKx6RyvU_dISYprwjNC3UBUqhBMXbU5qsB2TiLutnQHXNWrGaNr-pVPKxjTCv0P7gEZ9ASFtg4GD51IV208ftmiesqQZWrByG5bobbSsUMhoub0vsilGYHRPF-LD2GukVzgY4VoYIn8kKR_JI6Jr0MG2Jbysb1Qwc6ZZeg3PWsU8tYl_ds_8a6R30SsLxyIz6EEtf_XA8KyxCKQtv8cOdKDmu_lZDo5Y44NYrPrDtShyAb2IFAPtYfPj01P6l30OdGEuYTqg_pX6GBM67LA57Alpj8tZXEwUhLFmjKHk8ABkcdxlFm2DoA4X-zML9Vnn998xDOiZti_2j632kPvYE_FlKLp31ZpvlWyUdIz9SVJIBvnYrqDAgR1tCX4umXw_Y8DtRt18slJSbVx0ndG5Ui_Ew2BOrbKadF6_9NNd2OZ1T0yRjPPulSS9Ygnv7gOCtdgo2pPJXsM577TtikTBCXUeeehucDDVhcdxHvbiN45zDTA_sng66fMC2RTArbqTXsfLQWXKGxqaownA9YpLeuky2nnL0gHOWWU2dwKwPFg2feREU6miZLqf0K1Woq7cwcaZ9rzvBXvsfMId8M7N59EcDAJzDP9BvvhGvtGRDUcUtgwjtOOMWS2oWCeQc2SExd71nO_SvwxiMK3aiTPds5mehezCB-P7tA6_NEl40HUCed0x_SadWc-sKtw0Qc6rmI5ddjgDKwqUn7lGd4xJ4p4juicYFkTlOEXSnBNZ_A4VH3o2VB-CA9353d2ECWGrrvRy26WbBZUHssREIeNIdA7kYQX2oe27-8Xpa3l9hp_4ZXB5a10cPBLSn0EoHqVy4o_ahauNIUWY4VdIICrdfe0bWHIIiEewwwmiSCKMctcl6Kjn6HkbBZdy0WL_wJeKXfN-LbHbpT5iBndbwrgL6XWoRaHLHrVB2Lhh0RHVOcIvXUL_2Kb2WXSWZrX2mSUkhD2JiLK6IQDQ4Gvrz-GYeI1IjidoeJnGhuiz8ephHGKSg7JjCfm59tdJ_PJ1RZiFa6kgwoFR1iCDbl7kGne1ZxNK845pRUbwVbiPjn0S2SlOF0aSGVNInlSgoI9O4YJxqmHL9lt2oWd7WyY16Y5ylh5j_4DrqxFpNw_nWJCKA885yufSqSK5ZOvyFQmUQ6BA8E0ruTEt24Dco9dHU9b_eEeijySm5lofbsA9oxSPiNqqOtGK--dtks4p5Z-3X8RzxASDf4_kLOT9wonHzdpwNas4pW7rH-tvLGtcXVy1nCRqTigI4Als4gnB-zhDLcc0HyTV5lngPuCaIv9HiBY1mfr0rP9_8E9_9N3gAFPQaBUloF9Q3rix-RNfy-TvzCcu6B1zo1DDuu9bS0Z_VqrLWNRD-CiFe-I_g5iZJEcuMvwtqRENfRP_JZa1QnWs8zASp1ptaWG9qZ1DM1Ihw8P68U5K4MgG_mcS-uN1ZMjIo-n11WW_es2gk5uIBkGttd6EjP9BnfDN9K04nuDJGJ5ZbvsHS8u7Kc7SqAWMXbzhQhDZtzpYSrVQntusjRR2-0wnaiBdcG0bREhtYxrnPFVADLmaeA_tEIs6Wm5ex_AukYSRiTEXJSCom6A-wSFuvrmvg_sGpp-VW7ii3Sh61N0Lavof3mTDIIbblUgKfIUS7u1qrT4AvCzV0qlN-5Gogfz_V8NLElx9SiV07fWt_9Z3l7a9aSDGtshr_hA4kGyuHZf-OkDvtQsgCQGETPtN6Qkmenga41t6IFNHJTq86P4hE9gARYF8KFcQSNhlFmZSj-1OJI7NEJBEahYIGSXLBlz-9m8Iw3eCXcMbmCBRN6uC12qS50HWNNNUDDn8rIru7ibERRcxGEKBlmxJLi7KUc8whCA-tOkOTLgEesHYWud8yojqeHNxBexRiCGcurW8wDweV_j4iaZ4QGokOZL_FQgHt04PWLBw89naz_ltZ5iGrIcCZ1DkSx1xCfwoG76if1C0NIThovAXeCNLxL_OXjYaVSpUY9zUD5nZ90BTfzj_NjY6gBGiYfwK8lBJBWwuQGzjhPMDMLWYLohpIwdcSk33V6H2dKLulaOoOqXDh9SZwUJJ1zm1l2ELk_ksmVaq4_SA9wqzH-WZdrmf-xOFHrU7WKrd8FoJIuuV-KDQ0EfP7o0Tlpmk5z_IQ5BaSBxSE16gMinGRwC03NLaKsYXvX35xxPQRBdsLEScq_cFs-ohhZuaSLh2tIXzIVn6J6FB8XJRR4H-ykK3Tg5TBc7g1zqAHOX9lG73VpMC3F7uzw8KGigIABIk5GjPt5yXms6UFmRYovX7xvZ7IsgFWKotqXaO7ciGElA2jN2-YAE&ias_dspID=3&ias_campId=1008765121&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=18081294602&bidurl=https://theinterview.top/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g5RdX0wd5AaxYfbjv9rMRT
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.95.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-95-67.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 672e7776e5266bf7601201a8f1c946757d5aee5917650201cc4fe89dd9b05e03

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame ACB2 3 KB
1 KB 132ms
52ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 06:47:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 06:47:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame ACB2 17 KB
7 KB 120ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:21:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ACB2 0
0 49ms
48ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRmrU3HaAbihsn3zRxXlMaYw3fRV3W802kEUQuvy55VQ8iGYLKQyLm8A5Ba497ihHC5vWw4_6jtUuYrN2_TtfVxS7uEjQ
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ACB2 152 KB
46 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 08:04:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 56B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1&C=1

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuZmXARiTqfjQATAB&v=APEucNWDJjYfgKAmmPG-ZFYURKgXZfzNPkr0JiQkKLMW0kvf8GPijPtYaheaE_wcv2-Lc5OfHYJO03D0BoRk5dv5XSXYjV4R9kF8LiSB8PEHZP0ZGXcVcpMFEGJU4g-sB94DuYSAGfvaTV3qkWUqyjcae8CW_YXCrK_EBjy94FFbQCi7KZXydF6gdv-6oVID3ce2XrDE_W65PU385yXtICYqrJmj81Wo7Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 08:04:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 08:04:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 56B9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1jp8C-4cPFSGnwwl3DmoAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuZmXARiTqfjQATAB&v=APEucNWDJjYfgKAmmPG-ZFYURKgXZfzNPkr0JiQkKLMW0kvf8GPijPtYaheaE_wcv2-Lc5OfHYJO03D0BoRk5dv5XSXYjV4R9kF8LiSB8PEHZP0ZGXcVcpMFEGJU4g-sB94DuYSAGfvaTV3qkWUqyjcae8CW_YXCrK_EBjy94FFbQCi7KZXydF6gdv-6oVID3ce2XrDE_W65PU385yXtICYqrJmj81Wo7Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 08:04:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 56B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAUscoSt4B5A0ueqYPWQvo0&google_cver=1

43 B
1020 B

41ms
35ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAUscoSt4B5A0ueqYPWQvo0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuZmXARiTqfjQATAB&v=APEucNWDJjYfgKAmmPG-ZFYURKgXZfzNPkr0JiQkKLMW0kvf8GPijPtYaheaE_wcv2-Lc5OfHYJO03D0BoRk5dv5XSXYjV4R9kF8LiSB8PEHZP0ZGXcVcpMFEGJU4g-sB94DuYSAGfvaTV3qkWUqyjcae8CW_YXCrK_EBjy94FFbQCi7KZXydF6gdv-6oVID3ce2XrDE_W65PU385yXtICYqrJmj81Wo7Q

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 08:04:00 GMT
AN-X-Request-Uuid: 0031d7a2-a99e-4908-85dc-5c3f7da10706
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAUscoSt4B5A0ueqYPWQvo0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 56B9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjA4Mzk3NDM2ODMyNjYyNw%3D%3D

170 B
188 B

157ms
75ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjA4Mzk3NDM2ODMyNjYyNw%3D%3D

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 08:04:00 GMT
AN-X-Request-Uuid: 53c0d7de-2168-4e84-ab8f-6883f97217a0
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjA4Mzk3NDM2ODMyNjYyNw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4B19
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1&C=1

43 B
766 B

48ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuZmXARiTqfjQATAB&v=APEucNWNRvVxA-8um-pTKZytqaQW_P6jUvLIus3WOyFsTfdw0hi8ZJ3V1a5P4pgIuPJ300mFxswgcI8QrJ0zQhwWgna-9Ag8mB7p56-Sl-5plPIoMOusl4gXdKPzUhU1-u-T7GelUKKZ_sW8SBKZ2fPPcKmE2EZeCtc77B48UxBm_d9x_MYGqJGi44t0s7zH0MDTDbXwICCwdW5fz5p4EB8yHzl-f7Un1Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 08:04:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 08:04:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4B19
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1jp8C-4cPFSGnwwl3DmoAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1

43 B
766 B

41ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuZmXARiTqfjQATAB&v=APEucNWNRvVxA-8um-pTKZytqaQW_P6jUvLIus3WOyFsTfdw0hi8ZJ3V1a5P4pgIuPJ300mFxswgcI8QrJ0zQhwWgna-9Ag8mB7p56-Sl-5plPIoMOusl4gXdKPzUhU1-u-T7GelUKKZ_sW8SBKZ2fPPcKmE2EZeCtc77B48UxBm_d9x_MYGqJGi44t0s7zH0MDTDbXwICCwdW5fz5p4EB8yHzl-f7Un1Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 08:04:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECRWZiR7MVC6H2fJOCpO4GM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4B19
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAUscoSt4B5A0ueqYPWQvo0&google_cver=1

43 B
1020 B

35ms
35ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAUscoSt4B5A0ueqYPWQvo0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuZmXARiTqfjQATAB&v=APEucNWNRvVxA-8um-pTKZytqaQW_P6jUvLIus3WOyFsTfdw0hi8ZJ3V1a5P4pgIuPJ300mFxswgcI8QrJ0zQhwWgna-9Ag8mB7p56-Sl-5plPIoMOusl4gXdKPzUhU1-u-T7GelUKKZ_sW8SBKZ2fPPcKmE2EZeCtc77B48UxBm_d9x_MYGqJGi44t0s7zH0MDTDbXwICCwdW5fz5p4EB8yHzl-f7Un1Q

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 08:04:00 GMT
AN-X-Request-Uuid: 132becf4-539e-4f90-93bf-b7b8aa614e11
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAUscoSt4B5A0ueqYPWQvo0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B19
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjA4Mzk3NDM2ODMyNjYyNw%3D%3D

170 B
188 B

119ms
52ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjA4Mzk3NDM2ODMyNjYyNw%3D%3D

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 08:04:00 GMT
AN-X-Request-Uuid: e054bdbe-65f3-4475-85bf-abf53144e764
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjA4Mzk3NDM2ODMyNjYyNw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 02E0 41 KB
15 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALIvsHbTk9vv4Bqr1PvPOHa2pKQRH7o8bj4X10xBAk_kVDfCrcd_GQIMDu7iAtAAtXCZajl3qFNnifI-u0AIdoIFEK2GMtUsV80hFZ4pfAFtcUGoiBeneaWu_WpkS5VY9ZFzuuXWEIfZQLcTd5aXOpUTdPvkeUiotbYh8qMh-Fc8oall8&cry=1&dbm_d=AKAmf-AEXRzPl_jI19cUeHYAOpAZwK_2qLIfX64J2VlGct7rO6Ox16sUQSIccIXIEsG_UMcswjP3zHjYaurc7d895kTlAy3dQ_pk2ip2W5sbZjrciCgVBY2nSj6bnW4LMp8fYzX-X14RSSEGrxEathSLRt6sOA2jIrnvQ7In_WKTRbrEDe2ZDA347XRYqE7l4V9YKbojMSlmBgascViRXQ07YLgO7BBxzZQfOkm9le3GwQkewppzm7sK6j5iij3Bu6oBkgvsrrN75svseHKguXI0jjJb_CbF5Jj3_ZluIvNaRHWyvj2OQj2XxMMRmERtUvo8AyhikATvpbEqgfaq7PUwRtIrrA1cQdq3yIk2N6kVLSkm43N2zpgbKRqLd35ZKrj6JUHKn0Nk979wBFA-unHaB4iBK3V0o1XmMYzXwYZ4epTwhjpkYsOcZrLeG-0gkfnVMvCrDPsSvDYvnabaFtUAAas1cHhqulwr3OPckgp5g9iTIccl6Es_qB-4Z-J9Bm0Y4D8BDh9knhdurLBMtr9vg6nUk1MOnBKYyleW1wnwS0s61IRBTsM8JnGfonYhyoVqF44TzA0PPqu8OEJVf2U9DCAjNLZTrYY_FkjpKuOQWifhZHLdwr14-LrapXeB-HasSEQiWB43qEQMj2Qy1ngVMpOgTskgZNfV7S62JKfuFtP-TMlO_VnwMnEZ5TKxrfW9l-9lMJ0MoTC4hBpMGfZ7Z6nuEbeZXuTrxsWOozvJqI7aaRysghRFEoejcdPXCZZkNsjKXqkphN9-CL3Zv2ygATN3lkiTemZiDSuVvCqrJJ8g9rCq962Ccmh16kVv5OREA6N1ALCnazPesH9Q6vHszKKnaTQ_GcGi-ntojnrMmlQug1HMF87zuVhCSDTi1A626JJ3fpbY04MH2xNykiinshAwdI4GdS5T7RnDvuBuVSDslOyyilfTpP7K9tC0aL-t_CCUpiMjh2wgv60Qywi7EsLz4SAqZ2vXqp_DGIGs23aTTaEw1uBiJNqBdPL6CsX84ZvE-uMPId27VVsZo3GOftEDXSHk8jaD_0OGqJ7XhrrbANs0kyKrYUeeRFXSyMGwXlFF7CP52IZw-hxWRU1ERGvT5aS6YAfJM0--Cdjjr-2_EZ18sVBJ_Zte3zfBPjgItp6QkIVf0at4meXPrykhNH9oTgL2Ro4IpEOkqIzTOvgdpmvFIZ95PlhlQkBpYm9Ft4cTzKSBOrUWT6C8ZSjeLjzgHFQvq1ieKs8n7U415B5KNAWAaxG6rlKmCWGmJaZkVHVZVPXRF1bTQ2QNt7gWqzo55u3l2cRuSeLSXBjg6W8oeMbQxn8zYJxSLLRgU9N1GEyuQ79MAFk9fmKjDqaNdzYR0Icw9wo5eThnGqHQ8FSYrP_Upn0Umq7lT41OOCWQKE0wLD7KqxAM9YrC-ys8hxBePdfsmZ8TZNakMxK2BZ-VWOgJaUEcQticmOexZHRkTKUSgT7dMS4FeuiS0_7ySrnIdXNA863-caY1l_qfyfa3LcMPOOje0FX0Xk6GlMrum3PdeLond8_0lNbED2wD4vFHqh0nymoU7AhmuityCm7oX7IgOp41nQWSCwmOY1q_NCRqgniHdwIVgGsibXL6zZbJn7HMOEv7t-HokLQWpOUrBf5QZLZv0uQbQ9EkAci1zQt3uGUC9GP5R8hFKgN-wqeAsIaowEVVhRSdObDfaFL-OWoHv9-_39o4S3PVAK1BK98qQWKF-XbIFmCjRzw7GJT8-e6QoVab_Lve-XafJ5qwRUNRW4lLiKopeSv8C0BU4lauUHT7xlTV9dl8A0P-5SEVeQUL2Nz8RnQkvmh96B-GebIo9PpbDILxjT7iUGRCxjDpNCi5epiqiwkCEIuWKDW9nyedel_lzOLS_36N-FA_0fJ0d-KJ_qCfYY_QJliiyWN2LVEZIW8tt3dMX1XrfcIwy9bzwfW0eOzSATn7TSzgY0MyPbX8JNzRsLommXDdRvFVXcbr2vgUKk1hqT8HxfCsTf3Y4CEMj6OGNIR67PakvNxd2B3_f1TszsOmgMVSazacsmJWGPGYrmMgif_QDFK3KlMkHoNa36LF0vR07NqpekgTOjX3uQqI4tHaM99U1QDFU36tojdnU6QQY4ecQD76y1yvkyk48nS61et5nq2nyT_IiR7S3Vfr6h-fa3FVfmHQRCcDjdzDZR5XrI1Svat_KAIRtdtt3lQR-A7ownChsoPD8DqWRZEg8LtAgULpfGuXcHhpF_k7VZ8AkoTgrXtc-ykMarRWqiK7WEaVBq6dhsm2a4vR05aAyqsJvIwCxDkShgT1tJ6YUQpAYGBPMeX-V9DvEsi39F1xiZYewxJXhPrYwNa_kd4igtIz7hYTEnpCuIQz59DSY6BSl_-73aBQ2qxJ0uHQ5nJuK2VRcQwEMrjs_1nQESkaJXEWrSDVg3bIK0k7eeKWmnEpSQDHCrOMIsM5OcWemAaRaATnnPOrJPXsisSIb3j3dJuaF-GOf_KnRVQvHvE8MDxyFnqbnU2MZTNl5AappKPAnY_YMvytFyd3YgrZAWuRredHyKfogkGaTxPU-T3Sd0KvHj8nFRWZQCyO9X7rIDiqJO3wJ7jYVMScLxoqfQKYJu2Lktnzsad3-VPkBXd-1pQUk5tNkr8g9w14066zOhaZVLT9vc-pQae-vQTLFvUkHB38qF0d6d2wV7zlwqYUNxhITOloTV-LqF_RYAzSdA6EjzBpXKTL5sn4PZ-ShByEsK0N6vsuUWdYeqhVLor-bIJlXtaRRkOUC1ggvakQL005g1IdBitudiJ_r0SRVmNIx7N0rYVs4pDlkCsQVuVKGiMb7tJkdFV1uCbW2a2h7Z8T-vh_-DXsPfvbleA&cid=CAASJORooBQSoGshp-BAgbY_SCn19g9bUo27cEJPuZ7-X6GkH8intQ&rfl=1%2Chttps%253A%252F%252Ftheinterview.top%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 07:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 07:50:32 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame ACB2 41 KB
15 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6gIDC9A1sf8TDGK9_ORFTLnbwZyQOXmZqjmIxeob2Uk1TgOCUaYKEmAMJSGIsc2DGii83ASsrAluZVhCDTOxAbDF91i-ggUDVgzR6fLqm4t9VJAxI_LFVJodSjPgF4Gwk53ftomHWt3E_eWwTPJnbQS3bWZmi8O5EkIkJxsZvvuHvUF4&cry=1&dbm_d=AKAmf-CNgy3BvhigHWDnsyBGkMd7LRKTXPuQc7y9koNAy_oA8Ob7zsASTVfXNSqA53UWfwSoELNWhEbq-FFN0CSO3WkcBv08ZZySqc1q-8hLlC4EdQk_AEW5Q_1f8GUlLP06PMo1aywy85td2HXhZY9UhhFHT8cflEGlf8TBkD6xVdE-HVTiIbSX3DSnX2zHr6IPijKKeySc3HcS-1OVdGv1bLRUjv0rFlCxITsMMIkCvthS5C4gH2mHhUSIqHbM0rZI6CVae2bQ96q2XD5grFo7q1YyugORXd1W7614az3ekU5i9G8aIMVI7UyAPw2PAnvLV9IPVgsFa08X17DJixuSyg32zOqjqkcGVky6iQzoQntnCpBP94ZGS145CJikBBWxrXFc2pXohRDuhHtJ_oenCss27q56graKadYwCWH1obDwRjVpCS9aT2cn64PLg09GUVWcWrVbMqEygX32OQ5J2DxpaQibdpbxVXPBipylYwbpJOWUfXwBu3QVTPV-xX1vQ-V9pWrLxTCKu1FzGMsIwqj5jdi8lAvFihek4e6uRJMzoR5qQvP3CSNKeKpk9CuQTz_bRjByez8Zhl8k_Ahhoaxnuum91b-GUEYXfn2U_O2Oake842iWLnhzg8k2qY_N6CeBrPHIqjCiyKSv9oK6k6BsVtWzYdcNnfuYOrxl-6mT-brGx7auUwZlhh5dX9EIqRz1LsA6ksZRHFM6F4bMSKVfhOeB-jG37SXMLfdnJrRSHKSMMuaNeWj7qILF62xesoWBoHgGGoTOEK2JP3vLtPP0HoXYdS6xc9_IWzY-c8cqgjaOcEAnqZRI6kmEpMf6qPU4-U4wykARbzjoTf0w7ZB0JGa1HNZkI0x--WZqIZdBq-Ab9htOxZC-6OVgwOaxyYc1srFK6suXKnyRzkm77zvg71mGT4xLC5Zww-zczfcOK_JET5gWu4UiHoo_pmbK7zyW1pt7TqHtjYZ7tu-1mKfJ2ii_llxv_Jybow-uFDoXAELOKTp4GnOXWx26XJ-BrNtY_sZH2gCcSk1OHgNBd5mZqxJwYY4uxHOSv2ET4Oaq88E4iuHcHLY2zRZzZHpCTSZ9QQ8jq8U92EwygLWIMylARCnPCWOVW-3-dmaaYyzh9jCKbng_gFVsNv_7qDKZZjyE1zrkjoJnpFoRJecNc6FCXyXyH3j834RGwNOQ7vBsfa-Tn-9cDm6igJNLDg1cHoYr-YSBi3_aQjfwSTzqIWyszmpUvK1OTXbPeGP8xyjIMdciuIdC6Xs-hXJIrIlLE4BI8SkvEeGsv4P_LEtJaU5JrzbWCEJP5Es83CF4KtHJ2_Jl77AdCLWyTZkcFTTKcpAbKQuzROnVRd6yZgSgnoyBOWxAfe5-DvHtzPUrmXJX4X1TLUeK52OmkfQtl1OSOkFDj_dm5XvePo4bvFIKRo6_a_a1yNavN3xcAWSyMcCUucN4lu6m-GDz9QucXgQ25RS0LijAqTCzpwSw7AB9huI_Hlqk3detwfsZezFXLr_D4ZqvUsu7_LZQaxtHaLL8324hcXwqGchUOgx-4zpllySXwF6s4scwHT9kzlDFq_vrZ52S2sDoXoKg5WVe199rIrL9fhQjVsd6bJ3iAeo8tfvWDiI8tQEplYDlJv_XfbFCOEWhorEK5_kBrC_4qoGoYixMlDWZbjqHqxdv37dVDnB-4Od9hucmRubb6PtQEv5HunKmxvrL2NuYNEJYpy6A6WFFBxJzKmFl090YH4iQEKzOzqhNHiKIzJ05McHip4r07UE1hnHdgHWzQIvucLPjBJJopvQz96SqzXjm2xWkAgLl3ZlaGfEOjaBfJ8a9OH4PX5L3TeTqZo2Jp0BApvv40sR7GOiotlRr1e9_i5kTLn2EObUWm7cAkDJkvo466PH0PtM5uL4TKw-tH_B9a7PyK-RjdvkHiRBeA5qovNG0vXlx_FqFgsM-Geq1ky2Rx_H7nzyZyVe6eDGN4BQZeFMiDIGppstS8bMo-j_n6YS_w3EoOuKKS9wqXpiB70D9Yb2OvapyZVE0I0vRBL3ovbYZjO3vXttystsD70FnypsjkyXHBQg-LqQLskmch0XXlgAJXiBvxZmR9MSpouGi6e4nj0twY734abk9ibP0fUqnXaFgAgouxLgGutgakKL-T0YAT5oma8n5UCWbZlNlv9Mn7hjSE-sIlN-MuR_iRqt7K6X0Cdo_0Sm22gpE65Qekn_DvPMJndcKyMVp6iK3mjin7pcBQrgkPlsZYV25MnrJBYhJIf3tGAYz9Tkcl8D5M4b_cAYpKdy6SMTKi6ipQnezZsqOeE4bjBPf_BSJVOGdjoMvxD4RHA75SOFfC3kRxZZCGc-FG-e2QXAUeShZltyiuezZZdSGo-m7JjzNY5NIssKgvwpBCelNbD5rlAuMqhTyeDcoxtJ69ddzw7qd8JQIYGafWibzsSd0zvFF0DsPeulkwuASOq6JqbRqstXRt8tow3_twqL9SCrTAS0KXTlJeHGazON1Z6dV4n85x5WmDYsSpMsQ5deQl0dQkqxlgQoOGatIyACG2aMcJFmdFjo18y1zr7DtGfadK4csEm31qLV-7B1afo7FAegCx0kn2tm6ODqg57xAhkNbS0X41sazdY1WM1nCBOoi9PrpCUoY4LptxyZa0BDTITbkAXzE0OQNFwmw6k9L3_cYP1lGsjPgESG-tOSt0RlNJ-3dVyqVYtcz3m9sy4ql-d_ukpV6_Ay8zllsBUXVfyJ4zdlvjTEWFhrLXXcGmwwUJOhEIip1Yy7gpTYmAVUUCblsEVsT6goijmj7bue8dAp7qSQwxOd7ubpXaqd9qJjUVpfB10dQxb0xSfKbHAt27HSwSPWagNL10FJc3Bc&cid=CAASJORoz7ecl5rOlBZkWKL1-8b2eyLIBViqLal2ju3IhhJQNozdvg&rfl=1%2Chttps%253A%252F%252Ftheinterview.top%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 07:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 07:50:32 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CF33 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 260487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 07:42:33 GMT
expires: Mon, 23 Oct 2023 07:42:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5457 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 260487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 07:42:33 GMT
expires: Mon, 23 Oct 2023 07:42:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js Show response
pagead2.googlesyndication.com/bg/ Frame CF33 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15944
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 22:34:24 GMT

GET
H3 200 S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5457 36 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15944
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 22:34:24 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame ACB2
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1132697/64943729/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-AqojwaCP09I2ZTi3aWf02VCt-nFfhblWk0QbhBNMQWmTvMRXhbDAF...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-AqojwaCP09I2ZTi3aWf02VCt-nFfhblWk0QbhBNMQWmTvMRXhbDAFsg0VBF9f_aCMTwwyzss9Ei1Pz1...

63 KB
22 KB

152ms
67ms

Script
text/javascript

74.125.206.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-AqojwaCP09I2ZTi3aWf02VCt-nFfhblWk0QbhBNMQWmTvMRXhbDAFsg0VBF9f_aCMTwwyzss9Ei1Pz1NifMRZNzUfDsMvqSeYr-IRekfKfvJsHs_qApubwrHrCKmRy2DVHN_ZMj5J3HOTRjAod-GEpSeGcl8h8ReEAr12QP8ENIfKmO5AS-RIAoCZ_4Aof9_E-mqdKjWeQoPjA3PY6MQxPoY3WP2alDWjSkqYhjJ5Rj6W1QULDObtx2RgcaMtW8-pQaM-bjFEMfpHK83E25ty8Dem9Erz_DbWEFXilznrWCnfQFm2BGEFY2ZSzp_usCY09u6oR0jyipUF6MortQZcFM-bRWcKTrorzkLSwPEx-bUb8VZyzvQDKCunLxKeVrvaUXo1u4NW7dDxGKxf8ZCLhnjCQOsMXgtx-biJPodmT4hnDTvAvGfURj9eF0CoISMeAEsw9Cy9ifglmksX66cjI3NGqXrtd_v5nsmZswyf41HpTyKznHSqDCphFOeNw3tsoczO_xjot7Df1_YLXTEOSa-6MBOlwo2nA0EHQVAinnLCT4rFpnUWoELcoClSxwtcGbBRont6PJCItCXqyhKADxT80Omaxrn1rpnQ6qfGnrxedumG_ukl6zGqEs1H6rmwx5t_QYMDaGVa69hF5Hfvx2XjpL8aL4iVheBC9aHZu6eK2rWq3B1IXjDs5EaEvzU5nf-vnl4XfYDT7f6FIjsM6TIxpHSSM4PKqHWJal6Fiyyi8q3hW0QIunnDx_TjP8orXsi5yU7-D-EmjY-gHMlJoSZzMsckQdsuAzlcsxoGLqW2G5TF3Vd_gCPb9rOIdzvoxHaEyEK_zzViTjHBN-V8ew6374KYFLUNenOy9zNtEgJDW-z5DPx8Svgqdy6k0h9OERyRGWhJJjjzjLQ-OnFL9Y2sGU4YFdp42Js15362sj36Wzuj3yZzvApZ2hzcwdNvEYXmERrCH2F1dOp2B9Vb5IpvYSq8iZdZXyfDMmICP1yPcqXNlubQ88cS1Reqyg-HupO5UfAMfZphqsY1au6lXW2kNM4G--gVJbD2s7y2RGyYDuALlZ5nSqw7ENfIOlgJW0cNfPWRKmgmUk25Mjm1zfNv-cGAG8oiocIgN6rGVJaMkYCPgNnUW4C4iQ0umz6M7AKx6RyvU_dISYprwjNC3UBUqhBMXbU5qsB2TiLutnQHXNWrGaNr-pVPKxjTCv0P7gEZ9ASFtg4GD51IV208ftmiesqQZWrByG5bobbSsUMhoub0vsilGYHRPF-LD2GukVzgY4VoYIn8kKR_JI6Jr0MG2Jbysb1Qwc6ZZeg3PWsU8tYl_ds_8a6R30SsLxyIz6EEtf_XA8KyxCKQtv8cOdKDmu_lZDo5Y44NYrPrDtShyAb2IFAPtYfPj01P6l30OdGEuYTqg_pX6GBM67LA57Alpj8tZXEwUhLFmjKHk8ABkcdxlFm2DoA4X-zML9Vnn998xDOiZti_2j632kPvYE_FlKLp31ZpvlWyUdIz9SVJIBvnYrqDAgR1tCX4umXw_Y8DtRt18slJSbVx0ndG5Ui_Ew2BOrbKadF6_9NNd2OZ1T0yRjPPulSS9Ygnv7gOCtdgo2pPJXsM577TtikTBCXUeeehucDDVhcdxHvbiN45zDTA_sng66fMC2RTArbqTXsfLQWXKGxqaownA9YpLeuky2nnL0gHOWWU2dwKwPFg2feREU6miZLqf0K1Woq7cwcaZ9rzvBXvsfMId8M7N59EcDAJzDP9BvvhGvtGRDUcUtgwjtOOMWS2oWCeQc2SExd71nO_SvwxiMK3aiTPds5mehezCB-P7tA6_NEl40HUCed0x_SadWc-sKtw0Qc6rmI5ddjgDKwqUn7lGd4xJ4p4juicYFkTlOEXSnBNZ_A4VH3o2VB-CA9353d2ECWGrrvRy26WbBZUHssREIeNIdA7kYQX2oe27-8Xpa3l9hp_4ZXB5a10cPBLSn0EoHqVy4o_ahauNIUWY4VdIICrdfe0bWHIIiEewwwmiSCKMctcl6Kjn6HkbBZdy0WL_wJeKXfN-LbHbpT5iBndbwrgL6XWoRaHLHrVB2Lhh0RHVOcIvXUL_2Kb2WXSWZrX2mSUkhD2JiLK6IQDQ4Gvrz-GYeI1IjidoeJnGhuiz8ephHGKSg7JjCfm59tdJ_PJ1RZiFa6kgwoFR1iCDbl7kGne1ZxNK845pRUbwVbiPjn0S2SlOF0aSGVNInlSgoI9O4YJxqmHL9lt2oWd7WyY16Y5ylh5j_4DrqxFpNw_nWJCKA885yufSqSK5ZOvyFQmUQ6BA8E0ruTEt24Dco9dHU9b_eEeijySm5lofbsA9oxSPiNqqOtGK--dtks4p5Z-3X8RzxASDf4_kLOT9wonHzdpwNas4pW7rH-tvLGtcXVy1nCRqTigI4Als4gnB-zhDLcc0HyTV5lngPuCaIv9HiBY1mfr0rP9_8E9_9N3gAFPQaBUloF9Q3rix-RNfy-TvzCcu6B1zo1DDuu9bS0Z_VqrLWNRD-CiFe-I_g5iZJEcuMvwtqRENfRP_JZa1QnWs8zASp1ptaWG9qZ1DM1Ihw8P68U5K4MgG_mcS-uN1ZMjIo-n11WW_es2gk5uIBkGttd6EjP9BnfDN9K04nuDJGJ5ZbvsHS8u7Kc7SqAWMXbzhQhDZtzpYSrVQntusjRR2-0wnaiBdcG0bREhtYxrnPFVADLmaeA_tEIs6Wm5ex_AukYSRiTEXJSCom6A-wSFuvrmvg_sGpp-VW7ii3Sh61N0Lavof3mTDIIbblUgKfIUS7u1qrT4AvCzV0qlN-5Gogfz_V8NLElx9SiV07fWt_9Z3l7a9aSDGtshr_hA4kGyuHZf-OkDvtQsgCQGETPtN6Qkmenga41t6IFNHJTq86P4hE9gARYF8KFcQSNhlFmZSj-1OJI7NEJBEahYIGSXLBlz-9m8Iw3eCXcMbmCBRN6uC12qS50HWNNNUDDn8rIru7ibERRcxGEKBlmxJLi7KUc8whCA-tOkOTLgEesHYWud8yojqeHNxBexRiCGcurW8wDweV_j4iaZ4QGokOZL_FQgHt04PWLBw89naz_ltZ5iGrIcCZ1DkSx1xCfwoG76if1C0NIThovAXeCNLxL_OXjYaVSpUY9zUD5nZ90BTfzj_NjY6gBGiYfwK8lBJBWwuQGzjhPMDMLWYLohpIwdcSk33V6H2dKLulaOoOqXDh9SZwUJJ1zm1l2ELk_ksmVaq4_SA9wqzH-WZdrmf-xOFHrU7WKrd8FoJIuuV-KDQ0EfP7o0Tlpmk5z_IQ5BaSBxSE16gMinGRwC03NLaKsYXvX35xxPQRBdsLEScq_cFs-ohhZuaSLh2tIXzIVn6J6FB8XJRR4H-ykK3Tg5TBc7g1zqAHOX9lG73VpMC3F7uzw8KGigIABIk5GjPt5yXms6UFmRYovX7xvZ7IsgFWKotqXaO7ciGElA2jN2-YAE

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

74.125.206.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f156.1e100.net

Software

cafe /

Resource Hash

fa00ee14f7b15d9fb52a1b1c740a439f9902a2ba0c2d0be4a79233a00c86eeb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
server: nginx
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-AqojwaCP09I2ZTi3aWf02VCt-nFfhblWk0QbhBNMQWmTvMRXhbDAFsg0VBF9f_aCMTwwyzss9Ei1Pz1NifMRZNzUfDsMvqSeYr-IRekfKfvJsHs_qApubwrHrCKmRy2DVHN_ZMj5J3HOTRjAod-GEpSeGcl8h8ReEAr12QP8ENIfKmO5AS-RIAoCZ_4Aof9_E-mqdKjWeQoPjA3PY6MQxPoY3WP2alDWjSkqYhjJ5Rj6W1QULDObtx2RgcaMtW8-pQaM-bjFEMfpHK83E25ty8Dem9Erz_DbWEFXilznrWCnfQFm2BGEFY2ZSzp_usCY09u6oR0jyipUF6MortQZcFM-bRWcKTrorzkLSwPEx-bUb8VZyzvQDKCunLxKeVrvaUXo1u4NW7dDxGKxf8ZCLhnjCQOsMXgtx-biJPodmT4hnDTvAvGfURj9eF0CoISMeAEsw9Cy9ifglmksX66cjI3NGqXrtd_v5nsmZswyf41HpTyKznHSqDCphFOeNw3tsoczO_xjot7Df1_YLXTEOSa-6MBOlwo2nA0EHQVAinnLCT4rFpnUWoELcoClSxwtcGbBRont6PJCItCXqyhKADxT80Omaxrn1rpnQ6qfGnrxedumG_ukl6zGqEs1H6rmwx5t_QYMDaGVa69hF5Hfvx2XjpL8aL4iVheBC9aHZu6eK2rWq3B1IXjDs5EaEvzU5nf-vnl4XfYDT7f6FIjsM6TIxpHSSM4PKqHWJal6Fiyyi8q3hW0QIunnDx_TjP8orXsi5yU7-D-EmjY-gHMlJoSZzMsckQdsuAzlcsxoGLqW2G5TF3Vd_gCPb9rOIdzvoxHaEyEK_zzViTjHBN-V8ew6374KYFLUNenOy9zNtEgJDW-z5DPx8Svgqdy6k0h9OERyRGWhJJjjzjLQ-OnFL9Y2sGU4YFdp42Js15362sj36Wzuj3yZzvApZ2hzcwdNvEYXmERrCH2F1dOp2B9Vb5IpvYSq8iZdZXyfDMmICP1yPcqXNlubQ88cS1Reqyg-HupO5UfAMfZphqsY1au6lXW2kNM4G--gVJbD2s7y2RGyYDuALlZ5nSqw7ENfIOlgJW0cNfPWRKmgmUk25Mjm1zfNv-cGAG8oiocIgN6rGVJaMkYCPgNnUW4C4iQ0umz6M7AKx6RyvU_dISYprwjNC3UBUqhBMXbU5qsB2TiLutnQHXNWrGaNr-pVPKxjTCv0P7gEZ9ASFtg4GD51IV208ftmiesqQZWrByG5bobbSsUMhoub0vsilGYHRPF-LD2GukVzgY4VoYIn8kKR_JI6Jr0MG2Jbysb1Qwc6ZZeg3PWsU8tYl_ds_8a6R30SsLxyIz6EEtf_XA8KyxCKQtv8cOdKDmu_lZDo5Y44NYrPrDtShyAb2IFAPtYfPj01P6l30OdGEuYTqg_pX6GBM67LA57Alpj8tZXEwUhLFmjKHk8ABkcdxlFm2DoA4X-zML9Vnn998xDOiZti_2j632kPvYE_FlKLp31ZpvlWyUdIz9SVJIBvnYrqDAgR1tCX4umXw_Y8DtRt18slJSbVx0ndG5Ui_Ew2BOrbKadF6_9NNd2OZ1T0yRjPPulSS9Ygnv7gOCtdgo2pPJXsM577TtikTBCXUeeehucDDVhcdxHvbiN45zDTA_sng66fMC2RTArbqTXsfLQWXKGxqaownA9YpLeuky2nnL0gHOWWU2dwKwPFg2feREU6miZLqf0K1Woq7cwcaZ9rzvBXvsfMId8M7N59EcDAJzDP9BvvhGvtGRDUcUtgwjtOOMWS2oWCeQc2SExd71nO_SvwxiMK3aiTPds5mehezCB-P7tA6_NEl40HUCed0x_SadWc-sKtw0Qc6rmI5ddjgDKwqUn7lGd4xJ4p4juicYFkTlOEXSnBNZ_A4VH3o2VB-CA9353d2ECWGrrvRy26WbBZUHssREIeNIdA7kYQX2oe27-8Xpa3l9hp_4ZXB5a10cPBLSn0EoHqVy4o_ahauNIUWY4VdIICrdfe0bWHIIiEewwwmiSCKMctcl6Kjn6HkbBZdy0WL_wJeKXfN-LbHbpT5iBndbwrgL6XWoRaHLHrVB2Lhh0RHVOcIvXUL_2Kb2WXSWZrX2mSUkhD2JiLK6IQDQ4Gvrz-GYeI1IjidoeJnGhuiz8ephHGKSg7JjCfm59tdJ_PJ1RZiFa6kgwoFR1iCDbl7kGne1ZxNK845pRUbwVbiPjn0S2SlOF0aSGVNInlSgoI9O4YJxqmHL9lt2oWd7WyY16Y5ylh5j_4DrqxFpNw_nWJCKA885yufSqSK5ZOvyFQmUQ6BA8E0ruTEt24Dco9dHU9b_eEeijySm5lofbsA9oxSPiNqqOtGK--dtks4p5Z-3X8RzxASDf4_kLOT9wonHzdpwNas4pW7rH-tvLGtcXVy1nCRqTigI4Als4gnB-zhDLcc0HyTV5lngPuCaIv9HiBY1mfr0rP9_8E9_9N3gAFPQaBUloF9Q3rix-RNfy-TvzCcu6B1zo1DDuu9bS0Z_VqrLWNRD-CiFe-I_g5iZJEcuMvwtqRENfRP_JZa1QnWs8zASp1ptaWG9qZ1DM1Ihw8P68U5K4MgG_mcS-uN1ZMjIo-n11WW_es2gk5uIBkGttd6EjP9BnfDN9K04nuDJGJ5ZbvsHS8u7Kc7SqAWMXbzhQhDZtzpYSrVQntusjRR2-0wnaiBdcG0bREhtYxrnPFVADLmaeA_tEIs6Wm5ex_AukYSRiTEXJSCom6A-wSFuvrmvg_sGpp-VW7ii3Sh61N0Lavof3mTDIIbblUgKfIUS7u1qrT4AvCzV0qlN-5Gogfz_V8NLElx9SiV07fWt_9Z3l7a9aSDGtshr_hA4kGyuHZf-OkDvtQsgCQGETPtN6Qkmenga41t6IFNHJTq86P4hE9gARYF8KFcQSNhlFmZSj-1OJI7NEJBEahYIGSXLBlz-9m8Iw3eCXcMbmCBRN6uC12qS50HWNNNUDDn8rIru7ibERRcxGEKBlmxJLi7KUc8whCA-tOkOTLgEesHYWud8yojqeHNxBexRiCGcurW8wDweV_j4iaZ4QGokOZL_FQgHt04PWLBw89naz_ltZ5iGrIcCZ1DkSx1xCfwoG76if1C0NIThovAXeCNLxL_OXjYaVSpUY9zUD5nZ90BTfzj_NjY6gBGiYfwK8lBJBWwuQGzjhPMDMLWYLohpIwdcSk33V6H2dKLulaOoOqXDh9SZwUJJ1zm1l2ELk_ksmVaq4_SA9wqzH-WZdrmf-xOFHrU7WKrd8FoJIuuV-KDQ0EfP7o0Tlpmk5z_IQ5BaSBxSE16gMinGRwC03NLaKsYXvX35xxPQRBdsLEScq_cFs-ohhZuaSLh2tIXzIVn6J6FB8XJRR4H-ykK3Tg5TBc7g1zqAHOX9lG73VpMC3F7uzw8KGigIABIk5GjPt5yXms6UFmRYovX7xvZ7IsgFWKotqXaO7ciGElA2jN2-YAE
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 825E 91 KB
23 KB 120ms
39ms Script
application/javascript 2600:9000:2104:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
age: 2996864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: XSlj1luroGgJ91I78480YsYycqSCS0kr_lRsZWHSdkJv6c9pvFkdQw==

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 02E0
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1132697/64943729/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-Bjh2auWtteFShuIuA5u0JzNHXaUi5T9qJayfEI5Tj3CbSsAwuStJ_...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-Bjh2auWtteFShuIuA5u0JzNHXaUi5T9qJayfEI5Tj3CbSsAwuStJ_ytANEYzRS2nfTzF1kuD3bh042r...

63 KB
22 KB

111ms
79ms

Script
text/javascript

74.125.206.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-Bjh2auWtteFShuIuA5u0JzNHXaUi5T9qJayfEI5Tj3CbSsAwuStJ_ytANEYzRS2nfTzF1kuD3bh042r85VignI5324EFCeNmIe6dFPajJJDWhUeD-FpJBHof7g__5a55OIozAQpsNnn8UFqXRt8h2dQ1XUmcEBmJbwLV9_0m8zUNm86tsS-RIAoCZ_4ESRNq0g5-1YFhg-OcKcLQqmUrgyE3_4ujDSMpVDrlHr1ftgunB_IVYPv5NUKg87a0BuStdtRzVISfk4_Qe0-dVF7phi8YkAEjCwYUlBNUBuSKJQuJoee4EpQZXJbsNBv_bgSm9t8boqKG6xaGvRy9STn1-cMyTrXqpn8N1NLLpwgoHmUP050RyGz9af7DwcaPBDe6JqOCBR5a0hAnuImh2NYWfDMGkNWdTgjJ_T2Ocgdhp1EHLyNd2q27eCY4V81lrH4hq7vKWR3_Z7y9UIGuMAzV9srnRA5TsWNM5KiAoC-Y-Cz3ppKCpGTsTGc29rcfjnlL7la61-cHQBGrZzvpo48xwWk5rI4ajGawfJBGCRZpktfbZyuLJuIrifPT10JG6p25N5fRBhrNCDxCs2p6kt_2uvtx1NOGicTWLhCBfluYO-4pY6B26K-w4X8V-NkFxjoZGKKkJ2hqKaOmfznfPmTvksshOg-_BIBFbxceBiYkMuZualCYtEl0Y6x6UudoMzbA0XgMTQdwvrmQC6AoGlWCLobQBiHtG6hEYzkfIPbznioD5HzDRDONNXGHSh5Qp9c1E_PipjpA0yr6QovyrEI9NZvdQ80UWIDRu-2Sz2xgwXoqKwADBToW6EqdTki82ppNpEMsi9cZ84_AJpa9KsG513ziCiiN65cNbefSzw-SzQlSRwXeJVs_cwH7S4Si6qWXNSIfMd3Vt9Iz6w6pYaHQkvHT5c29Y5r5524wSlBnY0gneMC1r1tYNsH4PJ8z3JcR8NWeiwcbus25KnO89Rqfexopoj1SQptbIhy57w3s0JCd2mWddHKjNNHHZIw20PGiaUMNjYKmuQFfPzwB6EAtQqdrHAu_qInHbZIDTP2oM765DfUpy_jZlX91jNk0RZXIFKNvmMlvCpscOJPZo2XHqYNX-rVb7Qmk9T7L-UttHYiyLmespEnoJpKsa_hVDUYbZEkZQ-69a_AOkvcSsGT_MAN_EHymrPUV8t2xdtqaSp_J-uOLj0Q5BRtcj40f2pm2VCmN5vNfrf1rXqTchSY5n--n21W735c6W7lNwsoFJAXldxHQGULixaRVG6ORqUDT3WqV_a7BZWJZOYx8SVwWhJ-0tBVqIo1aeEkLbu1BLb47LEVeUZz47WiOSvOONRowwdmjMPMKLwSAcgBEBNAvWwZhv9g9jxVw5h7QvYN0d8qebTao5ZKN-QzbihUZ2HbwA9gr3UVum6-PKQTQ9neiUaJsvAJLn2z4_UOWoUKtbX0P7C6V7FgDyHbVmJToMImTdm61GJ3WsHyMHBx5XyxlcVb2r56cNBCdT_oUhSueYr-9YhCs6eXcBKTC6J88qx9uFM2PZMafY6YCbdoC_vricsiEOOMyW8KMhrLw2l99QtQKdUFaVMyGN14juCd6ApD5AHSw_HFK_Iz4wg46shnGWwZxwSEVVEbdDIZkvMUMfhRC_zhz8Kt2aqzp4S7Vn3I_agOpv1ji-W3QZnv9Xau_Qf9EbLiYk3mJXzGxDAKJVQLdZw4FkeZMOja4UXeFyxR7uhkuB8hNmlcILFuTTj8F5xrEXcQsp7jgmuzXNg0wgT7JeLwhQy7uiT_t8LM4MLKpeiLVA1vrxT4IycGViKqOBy3OMOmj_HiURD1Bgl9d_Jk24Pnuz66JDzo9qs4hXbqh808SVcyKfFSZukzq1Y8T9crsNIgekwcoqBqQ0FIt1-gvNBgta1ogdKxjUUVWmXjto5uW9FAoYNK9w9DZip7gfUy9_IOctnZfSpIRcuMkKnD_WrymauLBdqzPuzvxVFse9zi2UP-7Uj2FaphcRvzRmZxKecrj_XOTJjzmcG3cU3kz5rbpjtAp3tRL5hVNiyXOfdKlFDuzSFdhZmpnYXGLfmiCMrkXzRlBWZlsrVr80V3faQrcDmagmOzUy3eWavxC8i4PB9XCrjYoo87gGmEmOTxuX-jMsUTmTdM_HUoE6Eq6tdFvHumKfJH2AGMPMr4GvYPuYsGS5KGFRzP_-3K6u-_HGOEdNRKi9Wy0RaQSpmLNpyDZrN6sewcXX95rpwjDGy81rp2X8swqGu6tJ8cb0TX3JxfdCr0IeteW7NZBkAZsaRYDo9qLtRxQB_2sHvns0DMSV6Fs_YlhEvLJ7HB5WU4Lckkqvg-B0F4fhnQE3bRoCkp91qqcneMT6qVzhRISvX9XQOaSiZp_CtEwqsgCpCLvZ7UZEspYJ_IaAWwGaH4WYVG3ZvMqu3DiVdBpi0um4HKCsr6hjx5sRdpQfGsmcNGR3CPy2s4yIgIoh_u6LEC-AqFNJyVdgHlZI8Qqtf48-FSVS5NIIeUGmJtc2wQQqs-vyGtomVBC8JdUXBGX-dBgn_1CYHX70rPwmZQ69wzMmOx3MsHVEDxyl-76N4ikdx8WErPh-T9AYaHQZY9qGAPxwFLlf4GaILM_0kVEMEc-yiISeqM2rMyYnNiS66nlbxoYQinNuS_eSxrOeObtsLBYKbXyGIH0E6jvLU4YBgITdTFEUfT4fBOmIeoihfBDQd7ZG5vG9Y71itHyFkA-wYygwVj9ajcqnsqOqBEJckMDPv2U5rCU2OEVqtMF4GfmBsOQdC_Qk48J-5yNoGMoU7Vue-2pcVgnndnsKvEdaqOmCXrxE52kfThOaFp50EzREhvTxloFtunzqGI_6nRuyUOly_Y-dBmuYgXFjIjh1ViF-yCI3a5MgRPIABWDa7wmeBINvMZJmneW4R9vASvlqhwm-NF9oN_Q493e2uGmz7CeCG4WiUU3p8xcjyFLSGnFpeG2tiW1dvmNU4Q9NJtgTbOfNph_IR5qr7MlSnGLyQs56SZVF-K1V8LvBzk5lBaHhtoRmPR-ZFqkKjiFc6YVdlgnq7NlNIoAsFoPmDNFu_ZEIMSGbKpQrWEMhpnONesFHXR26wrcfAiaIZvIcb7fk5mBIaTCsFsRwwDS-8xwG5O9c7Tjx31ZuLo1kxmv-qd1TmF-_EUL30RDQuBJ-_YihiXbz2uRiMBVfTUZXCm88bUSS5W1h4Na08bej0aoxYs7_r7HMYI31F__yjAV_qIhCKxPJYJyVL9xOKNg2kIVgu2Ltf2-iEqbHEiZOOOoJD9ytv8CkNypCcYgE1YF06-_WVvJrr69qMCrPa4BiCaWGdUGTmeeWqA2PtZbuIwaKzCtc8NObZCkxJJQF0uDvwOuxegphKv2dyQ4yy21onZNIEj98Y4lQfWK5_161TOINnfuoGGigIABIk5GigFBKgayGn4ECBtj9IKfX2D1tSjbtwQk-5nv5foaQfyKe1YAE

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

74.125.206.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f156.1e100.net

Software

cafe /

Resource Hash

99e15f03ee4c38a6e86057f9117593a826814b01a627c69323af00fda5b3cfc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-Bjh2auWtteFShuIuA5u0JzNHXaUi5T9qJayfEI5Tj3CbSsAwuStJ_ytANEYzRS2nfTzF1kuD3bh042r85VignI5324EFCeNmIe6dFPajJJDWhUeD-FpJBHof7g__5a55OIozAQpsNnn8UFqXRt8h2dQ1XUmcEBmJbwLV9_0m8zUNm86tsS-RIAoCZ_4ESRNq0g5-1YFhg-OcKcLQqmUrgyE3_4ujDSMpVDrlHr1ftgunB_IVYPv5NUKg87a0BuStdtRzVISfk4_Qe0-dVF7phi8YkAEjCwYUlBNUBuSKJQuJoee4EpQZXJbsNBv_bgSm9t8boqKG6xaGvRy9STn1-cMyTrXqpn8N1NLLpwgoHmUP050RyGz9af7DwcaPBDe6JqOCBR5a0hAnuImh2NYWfDMGkNWdTgjJ_T2Ocgdhp1EHLyNd2q27eCY4V81lrH4hq7vKWR3_Z7y9UIGuMAzV9srnRA5TsWNM5KiAoC-Y-Cz3ppKCpGTsTGc29rcfjnlL7la61-cHQBGrZzvpo48xwWk5rI4ajGawfJBGCRZpktfbZyuLJuIrifPT10JG6p25N5fRBhrNCDxCs2p6kt_2uvtx1NOGicTWLhCBfluYO-4pY6B26K-w4X8V-NkFxjoZGKKkJ2hqKaOmfznfPmTvksshOg-_BIBFbxceBiYkMuZualCYtEl0Y6x6UudoMzbA0XgMTQdwvrmQC6AoGlWCLobQBiHtG6hEYzkfIPbznioD5HzDRDONNXGHSh5Qp9c1E_PipjpA0yr6QovyrEI9NZvdQ80UWIDRu-2Sz2xgwXoqKwADBToW6EqdTki82ppNpEMsi9cZ84_AJpa9KsG513ziCiiN65cNbefSzw-SzQlSRwXeJVs_cwH7S4Si6qWXNSIfMd3Vt9Iz6w6pYaHQkvHT5c29Y5r5524wSlBnY0gneMC1r1tYNsH4PJ8z3JcR8NWeiwcbus25KnO89Rqfexopoj1SQptbIhy57w3s0JCd2mWddHKjNNHHZIw20PGiaUMNjYKmuQFfPzwB6EAtQqdrHAu_qInHbZIDTP2oM765DfUpy_jZlX91jNk0RZXIFKNvmMlvCpscOJPZo2XHqYNX-rVb7Qmk9T7L-UttHYiyLmespEnoJpKsa_hVDUYbZEkZQ-69a_AOkvcSsGT_MAN_EHymrPUV8t2xdtqaSp_J-uOLj0Q5BRtcj40f2pm2VCmN5vNfrf1rXqTchSY5n--n21W735c6W7lNwsoFJAXldxHQGULixaRVG6ORqUDT3WqV_a7BZWJZOYx8SVwWhJ-0tBVqIo1aeEkLbu1BLb47LEVeUZz47WiOSvOONRowwdmjMPMKLwSAcgBEBNAvWwZhv9g9jxVw5h7QvYN0d8qebTao5ZKN-QzbihUZ2HbwA9gr3UVum6-PKQTQ9neiUaJsvAJLn2z4_UOWoUKtbX0P7C6V7FgDyHbVmJToMImTdm61GJ3WsHyMHBx5XyxlcVb2r56cNBCdT_oUhSueYr-9YhCs6eXcBKTC6J88qx9uFM2PZMafY6YCbdoC_vricsiEOOMyW8KMhrLw2l99QtQKdUFaVMyGN14juCd6ApD5AHSw_HFK_Iz4wg46shnGWwZxwSEVVEbdDIZkvMUMfhRC_zhz8Kt2aqzp4S7Vn3I_agOpv1ji-W3QZnv9Xau_Qf9EbLiYk3mJXzGxDAKJVQLdZw4FkeZMOja4UXeFyxR7uhkuB8hNmlcILFuTTj8F5xrEXcQsp7jgmuzXNg0wgT7JeLwhQy7uiT_t8LM4MLKpeiLVA1vrxT4IycGViKqOBy3OMOmj_HiURD1Bgl9d_Jk24Pnuz66JDzo9qs4hXbqh808SVcyKfFSZukzq1Y8T9crsNIgekwcoqBqQ0FIt1-gvNBgta1ogdKxjUUVWmXjto5uW9FAoYNK9w9DZip7gfUy9_IOctnZfSpIRcuMkKnD_WrymauLBdqzPuzvxVFse9zi2UP-7Uj2FaphcRvzRmZxKecrj_XOTJjzmcG3cU3kz5rbpjtAp3tRL5hVNiyXOfdKlFDuzSFdhZmpnYXGLfmiCMrkXzRlBWZlsrVr80V3faQrcDmagmOzUy3eWavxC8i4PB9XCrjYoo87gGmEmOTxuX-jMsUTmTdM_HUoE6Eq6tdFvHumKfJH2AGMPMr4GvYPuYsGS5KGFRzP_-3K6u-_HGOEdNRKi9Wy0RaQSpmLNpyDZrN6sewcXX95rpwjDGy81rp2X8swqGu6tJ8cb0TX3JxfdCr0IeteW7NZBkAZsaRYDo9qLtRxQB_2sHvns0DMSV6Fs_YlhEvLJ7HB5WU4Lckkqvg-B0F4fhnQE3bRoCkp91qqcneMT6qVzhRISvX9XQOaSiZp_CtEwqsgCpCLvZ7UZEspYJ_IaAWwGaH4WYVG3ZvMqu3DiVdBpi0um4HKCsr6hjx5sRdpQfGsmcNGR3CPy2s4yIgIoh_u6LEC-AqFNJyVdgHlZI8Qqtf48-FSVS5NIIeUGmJtc2wQQqs-vyGtomVBC8JdUXBGX-dBgn_1CYHX70rPwmZQ69wzMmOx3MsHVEDxyl-76N4ikdx8WErPh-T9AYaHQZY9qGAPxwFLlf4GaILM_0kVEMEc-yiISeqM2rMyYnNiS66nlbxoYQinNuS_eSxrOeObtsLBYKbXyGIH0E6jvLU4YBgITdTFEUfT4fBOmIeoihfBDQd7ZG5vG9Y71itHyFkA-wYygwVj9ajcqnsqOqBEJckMDPv2U5rCU2OEVqtMF4GfmBsOQdC_Qk48J-5yNoGMoU7Vue-2pcVgnndnsKvEdaqOmCXrxE52kfThOaFp50EzREhvTxloFtunzqGI_6nRuyUOly_Y-dBmuYgXFjIjh1ViF-yCI3a5MgRPIABWDa7wmeBINvMZJmneW4R9vASvlqhwm-NF9oN_Q493e2uGmz7CeCG4WiUU3p8xcjyFLSGnFpeG2tiW1dvmNU4Q9NJtgTbOfNph_IR5qr7MlSnGLyQs56SZVF-K1V8LvBzk5lBaHhtoRmPR-ZFqkKjiFc6YVdlgnq7NlNIoAsFoPmDNFu_ZEIMSGbKpQrWEMhpnONesFHXR26wrcfAiaIZvIcb7fk5mBIaTCsFsRwwDS-8xwG5O9c7Tjx31ZuLo1kxmv-qd1TmF-_EUL30RDQuBJ-_YihiXbz2uRiMBVfTUZXCm88bUSS5W1h4Na08bej0aoxYs7_r7HMYI31F__yjAV_qIhCKxPJYJyVL9xOKNg2kIVgu2Ltf2-iEqbHEiZOOOoJD9ytv8CkNypCcYgE1YF06-_WVvJrr69qMCrPa4BiCaWGdUGTmeeWqA2PtZbuIwaKzCtc8NObZCkxJJQF0uDvwOuxegphKv2dyQ4yy21onZNIEj98Y4lQfWK5_161TOINnfuoGGigIABIk5GigFBKgayGn4ECBtj9IKfX2D1tSjbtwQk-5nv5foaQfyKe1YAE
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 6EF6 91 KB
23 KB 102ms
67ms Script
application/javascript 2600:9000:2104:6600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
age: 2996864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: YTv6ZnZaj5jRfJgFfPYkE05w-evmaA2JTWjUYCTcNPcZUSCbrgOuOg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ACB2 43 B
216 B 521ms
128ms Image
image/gif 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1132697&asId=99885c26-b48e-35c3-45e0-c085d380f567&tv=%7Bc:s8qtM8,pingTime:-3,time:117,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:117,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tlm36wn+11%7C1211%7C1212%7C13%7C14%7C15*.1132697-64943729%7C151%7C1521%7C161%7C1621,idMap:15*,rmeas:1,rend:0,renddet:IMG.us,siq:21%7D&br=c
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ACB2 43 B
215 B 518ms
128ms Image
image/gif 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1132697&asId=99885c26-b48e-35c3-45e0-c085d380f567&tv=%7Bc:s8qtMa,pingTime:-6,time:119,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:119,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B111~0%5D,as:%5B111~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tlm36wn+11%7C1211%7C1212%7C13%7C14%7C15*.1132697-64943729%7C151%7C1521%7C161%7C1621,idMap:15*,rmeas:1,rend:0,renddet:IMG.us,siq:21%7D&tpiLookup=ao:theinterview.top*&br=c
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 02E0 43 B
215 B 513ms
128ms Image
image/gif 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1132697&asId=26d38a74-90bc-4c6e-bae2-d5668776c063&tv=%7Bc:s8qtMh,pingTime:-3,time:83,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:83,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tlm36wn+11%7C1211%7C1212%7C13%7C14%7C15.1132697-64943729%7C151%7C1521%7C153%7C16*.1132697-64943729%7C161%7C1621,idMap:16*,rmeas:1,rend:0,renddet:IMG.us,siq:24%7D&br=c
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 02E0 43 B
215 B 511ms
129ms Image
image/gif 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1132697&asId=26d38a74-90bc-4c6e-bae2-d5668776c063&tv=%7Bc:s8qtMi,pingTime:-6,time:84,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:84,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B78~0%5D,as:%5B78~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tlm36wn+11%7C1211%7C1212%7C13%7C14%7C15.1132697-64943729%7C151%7C1521%7C153%7C16*.1132697-64943729%7C161%7C1621,idMap:16*,rmeas:1,rend:0,renddet:IMG.us,siq:24%7D&tpiLookup=ao:theinterview.top*&br=c
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 cookie_sync Show response
pb-server.ezoic.com/ 549 B
770 B 135ms
43ms XHR
application/json 3.67.250.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/cookie_sync
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.250.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-250-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bdaf5b33d205ea8fe2f435ac615c3364e56818cc6e544bc1d4d7c760ec09ec67

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 549
expires: 0

POST
H2 200 auction Show response
pb-server.ezoic.com/openrtb2/ 244 B
473 B 191ms
102ms XHR
application/json 3.67.250.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/openrtb2/auction
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.250.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-250-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b58e017757b5e4bdbf3846f7babc814bafb92ae822421455ee01fbe43414543b

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 244
expires: 0

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 713 B
1 KB 194ms
100ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftheinterview.top%2F&CanonicalUrl=https%3A%2F%2Ftheinterview.top%2F

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

58a42f3d77d2c6742ee2c9ce970ab67297c671eb5026f9f1e8cdc43381e843f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 57
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 713
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
314 B 137ms
49ms XHR
application/json 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=25370422434&lsavail=1&bundle=5eodyF96ODluQ1ZrV2clMkYzS2VkcGI1UUphVTA1T21OUzVUSGtRcjMwVlJ0ejQwdFNJJTJCZFpncGxBZFFoT3VjRWRFTFhLbWpkZXlDT2E3WHZCRFJHMk9KNyUyQkVKa0JPSkRaMm9LQ09PREdLQU9qMU9WSFVoR2UzYVAwYU00bDhIayUyQm1WJTJGWlQzUjFjVHRXJTJCU2t5bzlDOU9zUjBzV28lMkI0JTJCak1PU1RHMzVtJTJCeU0lMkZLJTJCQ0JjJTNE

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Oct 2022 08:04:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theinterview.top
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
513 B 555ms
255ms XHR
text/plain 198.148.27.134
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
server: envoy
cwdl: 22/161,22/161,22/161,22/161
access-control-allow-origin: https://theinterview.top
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 153
cw-server: bid-deployment-5cb5875b94-8ffzl

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 202ms
87ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9699b701747420431021125b3b0010&cmd=bid&eidquantcast.com=P0-1269558372-1666771436690&secure=1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: ffcf6bd5c8af885047a46946fc7e9b1793a5a85e815173c66479ce3029245543

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://theinterview.top
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 216ms
102ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e2211258fd01b2&cmd=bid&eidquantcast.com=P0-1269558372-1666771436690&secure=1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 8dcc2a3e81e040bdf585898fd362ce33edae40cb172331100290562a1d1c5cd7

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://theinterview.top
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
293 B 201ms
87ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e22111cf880173&cmd=bid&eidquantcast.com=P0-1269558372-1666771436690&secure=1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 0f5f3047a630f7206f6b3faf8f72c6134985955b0478320ecaec44d10e98488c

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://theinterview.top
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 209ms
96ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9699b701747420431021125b3b0010&cmd=bid&eidquantcast.com=P0-1269558372-1666771436690&secure=1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 9b8aebe236b6bb032f10ed20af07ef52bebcfa8c129b3453020e0bb807f347a7

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://theinterview.top
access-control-allow-credentials: true
content-length: 62

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 178ms
85ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7601adc31f987453-LHR
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
309 B 176ms
83ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7601adc31f997453-LHR
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 176ms
83ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7601adc31f9b7453-LHR
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 177ms
84ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7601adc31f9c7453-LHR
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 133ms
43ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://theinterview.top
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 198ms
102ms XHR
text/plain 18.193.141.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.141.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-141-251.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://theinterview.top
date: Wed, 26 Oct 2022 08:04:01 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 166ms
70ms XHR
text/plain 18.193.141.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.141.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-141-251.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://theinterview.top
date: Wed, 26 Oct 2022 08:04:01 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 169ms
74ms XHR
text/plain 18.193.141.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.141.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-141-251.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://theinterview.top
date: Wed, 26 Oct 2022 08:04:01 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 170ms
74ms XHR
text/plain 18.193.141.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.141.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-141-251.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://theinterview.top
date: Wed, 26 Oct 2022 08:04:01 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ACB2 43 B
215 B 581ms
252ms Image
image/gif 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1132697&asId=99885c26-b48e-35c3-45e0-c085d380f567&tv=%7Bc:s8qtNb,pingTime:-2,time:182,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:436,beZ:438,mfA:441,cmA:442,inA:442,inZ:446,prA:446,prZ:451,si:456,poA:458,poZ:478,cmZ:478,mfZ:478,loA:554,loZ:557,ltA:617,ltZ:617%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:182,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B174~0%5D,as:%5B174~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tlm36wn+11%7C1211%7C1212%7C13%7C14%7C15*.1132697-64943729%7C151%7C1521%7C16.1132697-64943729%7C161%7C1621,idMap:15*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:21,sinceFw:159,readyFired:false%7D&br=c
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 02E0 43 B
215 B 579ms
252ms Image
image/gif 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1132697&asId=26d38a74-90bc-4c6e-bae2-d5668776c063&tv=%7Bc:s8qtNc,pingTime:-2,time:140,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:463,beZ:464,mfA:466,cmA:467,inA:467,inZ:471,prA:471,prZ:476,si:482,poA:488,poZ:508,cmZ:508,mfZ:508,loA:546,loZ:549,ltA:603,ltZ:603%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:141,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B135~0%5D,as:%5B135~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tlm36wn+11%7C1211%7C1212%7C13%7C14%7C15.1132697-64943729%7C151%7C1521%7C153%7C16*.1132697-64943729%7C161%7C1621,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:24,sinceFw:114,readyFired:false%7D&br=c
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 jquery.min.js Show response
theinterview.top/wp-includes/js/jquery/ 92 KB
30 KB 73ms
73ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/wp-includes/js/jquery/jquery.min.js?screx=1&sxcb=1a&ver=3.5.1
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: 50c8d681ebefb8fa94b60691e89d4e31c3d283310c13457028898a70f1998cc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 UTC
content-encoding: br
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
display: staticcontent_sol
x-origin-cache-control: public, max-age=31536000,public
x-ez-proxy-out: true 2.3
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;mm;bec30862635695157616b7673c9d6c85;2-205805-7;18190b24-2466-4c04-746f-c0b2517ff3c2
content-type: application/javascript; charset=UTF-8
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000,public
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/193450/ Frame E04A
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
https://cds.connatix.com/p/193450/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

956 KB
219 KB

58ms
28ms

Script
application/javascript

151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/193450/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 31a5bb99321ac1408aed97cf87818909f2ff29354d314979198cab7606419f1d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 06:54:02 GMT
age: 3981
etag: "4dc69cb728096c7691f5027094e3df2c"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 224357

Redirect headers

location: https://cds.connatix.com/p/193450/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
date: Wed, 26 Oct 2022 08:04:01 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5457 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_Nw48OlYY5LKJM-TgQfK747oDQAAAAA4AeAEAg&bg=!tbaltvLNAAaaxvStusY7ACkAdvg8WgediPaFShq6YZNh6S51i1NMGrevk85rMOPbmgSFYYRA8PZjVQIAAAEVUgAAAARoAQeZAusNlbXayNiQ-hMjkRGTXGfnlQgW82_bx9GlhkRSTkX5dS1MaMp9VArMH7FFji3YSdgRe1y6v6pfOM7GqA1PywIhp5y52x_G8YGVfpgt4AUJhUo52XH6L27DLeZaco-59T3GTER1hAbReH9mRjBomRpP2MarIR7L2ukYxhE230D6AoZ9Hpj1PpMBHGpS98On7PEyK3qLNPOT8J9ZoEglV_NW0qQDwDRk4XmvqMTRsi09nu1d-ZnU-Ik6DzYBgMv3qHnkq4yY2yYqbk-idmaCdgw4rn_rYss3WZldUBYIrjKte1uCqppgF7DnwDPkx_LEYLLB-YrCxWwcMTWo8xdr8CAIHqirIcROYydsDJE7OhlFH8etI0kBWHkr1kXPKHRrOIiNepOBKoNvtX3FVujtvHBIh7ZRHoDhRCJBRKRyr8b9wPLbhkaS4iQS5vYYagErJyD4jGgjPtqUdslsZhEDv22UfIBgzDRU7f08bSWiCM89gDNC4tNM-tFfyqaDOZmVKhj7Ck5SuCtv2NGo98Xz5k69chd59RHR-96MczdLEJjh9I_LVjhwW0epHI1wSmSAYrdtmXxdK7j6Rhy30JC7yAEd8HOxCtyR2l8NyyHYfK-rcKe3KkY1vnPe_VX5nGV1VoCKE7nC7GMNIJSgbqIOk9ez6D1fHWv1V4FHYBA85HLZl2yCjleJSMmCJjRc0hzn3madhW7-_zWEMmo9Ha5LLz9JYoMXQqrXh8O-2V8x1leKh2X40URYmYdTq2n5mq3PclNRNayLdf3TXl0Lky4IC51V-wEoYaEFSlPpO9rNA100nbrOrc8ixrgQMafY93I3iKAwthQHYM0zs2ZfSi0MmaqrRPnM_ZpowVk83pRzMDQgCO5p_eCNVrDNwfMjlrbKAquGYK0M-rQdJezePnjMM-xnLOwE-1FdRMhb2Z8iHI4nJu9Dndg94NKRRue-r524NhaI3YWC1MoEn4iqUvmm7FmX28ujemLOSdycrXg

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame ACB2 106 KB
38 KB 144ms
42ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
Origin: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 08:38:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame ACB2 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1132697/64943729/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-AqojwaCP09I2ZTi3aWf02VCt-nFfhblWk0QbhBNMQWmTvMRXhbDAFsg0VBF9f_aCMTwwyzss9Ei1Pz1NifMRZNzUfDsMvqSeYr-IRekfKfvJsHs_qApubwrHrCKmRy2DVHN_ZMj5J3HOTRjAod-GEpSeGcl8h8ReEAr12QP8ENIfKmO5AS-RIAoCZ_4Aof9_E-mqdKjWeQoPjA3PY6MQxPoY3WP2alDWjSkqYhjJ5Rj6W1QULDObtx2RgcaMtW8-pQaM-bjFEMfpHK83E25ty8Dem9Erz_DbWEFXilznrWCnfQFm2BGEFY2ZSzp_usCY09u6oR0jyipUF6MortQZcFM-bRWcKTrorzkLSwPEx-bUb8VZyzvQDKCunLxKeVrvaUXo1u4NW7dDxGKxf8ZCLhnjCQOsMXgtx-biJPodmT4hnDTvAvGfURj9eF0CoISMeAEsw9Cy9ifglmksX66cjI3NGqXrtd_v5nsmZswyf41HpTyKznHSqDCphFOeNw3tsoczO_xjot7Df1_YLXTEOSa-6MBOlwo2nA0EHQVAinnLCT4rFpnUWoELcoClSxwtcGbBRont6PJCItCXqyhKADxT80Omaxrn1rpnQ6qfGnrxedumG_ukl6zGqEs1H6rmwx5t_QYMDaGVa69hF5Hfvx2XjpL8aL4iVheBC9aHZu6eK2rWq3B1IXjDs5EaEvzU5nf-vnl4XfYDT7f6FIjsM6TIxpHSSM4PKqHWJal6Fiyyi8q3hW0QIunnDx_TjP8orXsi5yU7-D-EmjY-gHMlJoSZzMsckQdsuAzlcsxoGLqW2G5TF3Vd_gCPb9rOIdzvoxHaEyEK_zzViTjHBN-V8ew6374KYFLUNenOy9zNtEgJDW-z5DPx8Svgqdy6k0h9OERyRGWhJJjjzjLQ-OnFL9Y2sGU4YFdp42Js15362sj36Wzuj3yZzvApZ2hzcwdNvEYXmERrCH2F1dOp2B9Vb5IpvYSq8iZdZXyfDMmICP1yPcqXNlubQ88cS1Reqyg-HupO5UfAMfZphqsY1au6lXW2kNM4G--gVJbD2s7y2RGyYDuALlZ5nSqw7ENfIOlgJW0cNfPWRKmgmUk25Mjm1zfNv-cGAG8oiocIgN6rGVJaMkYCPgNnUW4C4iQ0umz6M7AKx6RyvU_dISYprwjNC3UBUqhBMXbU5qsB2TiLutnQHXNWrGaNr-pVPKxjTCv0P7gEZ9ASFtg4GD51IV208ftmiesqQZWrByG5bobbSsUMhoub0vsilGYHRPF-LD2GukVzgY4VoYIn8kKR_JI6Jr0MG2Jbysb1Qwc6ZZeg3PWsU8tYl_ds_8a6R30SsLxyIz6EEtf_XA8KyxCKQtv8cOdKDmu_lZDo5Y44NYrPrDtShyAb2IFAPtYfPj01P6l30OdGEuYTqg_pX6GBM67LA57Alpj8tZXEwUhLFmjKHk8ABkcdxlFm2DoA4X-zML9Vnn998xDOiZti_2j632kPvYE_FlKLp31ZpvlWyUdIz9SVJIBvnYrqDAgR1tCX4umXw_Y8DtRt18slJSbVx0ndG5Ui_Ew2BOrbKadF6_9NNd2OZ1T0yRjPPulSS9Ygnv7gOCtdgo2pPJXsM577TtikTBCXUeeehucDDVhcdxHvbiN45zDTA_sng66fMC2RTArbqTXsfLQWXKGxqaownA9YpLeuky2nnL0gHOWWU2dwKwPFg2feREU6miZLqf0K1Woq7cwcaZ9rzvBXvsfMId8M7N59EcDAJzDP9BvvhGvtGRDUcUtgwjtOOMWS2oWCeQc2SExd71nO_SvwxiMK3aiTPds5mehezCB-P7tA6_NEl40HUCed0x_SadWc-sKtw0Qc6rmI5ddjgDKwqUn7lGd4xJ4p4juicYFkTlOEXSnBNZ_A4VH3o2VB-CA9353d2ECWGrrvRy26WbBZUHssREIeNIdA7kYQX2oe27-8Xpa3l9hp_4ZXB5a10cPBLSn0EoHqVy4o_ahauNIUWY4VdIICrdfe0bWHIIiEewwwmiSCKMctcl6Kjn6HkbBZdy0WL_wJeKXfN-LbHbpT5iBndbwrgL6XWoRaHLHrVB2Lhh0RHVOcIvXUL_2Kb2WXSWZrX2mSUkhD2JiLK6IQDQ4Gvrz-GYeI1IjidoeJnGhuiz8ephHGKSg7JjCfm59tdJ_PJ1RZiFa6kgwoFR1iCDbl7kGne1ZxNK845pRUbwVbiPjn0S2SlOF0aSGVNInlSgoI9O4YJxqmHL9lt2oWd7WyY16Y5ylh5j_4DrqxFpNw_nWJCKA885yufSqSK5ZOvyFQmUQ6BA8E0ruTEt24Dco9dHU9b_eEeijySm5lofbsA9oxSPiNqqOtGK--dtks4p5Z-3X8RzxASDf4_kLOT9wonHzdpwNas4pW7rH-tvLGtcXVy1nCRqTigI4Als4gnB-zhDLcc0HyTV5lngPuCaIv9HiBY1mfr0rP9_8E9_9N3gAFPQaBUloF9Q3rix-RNfy-TvzCcu6B1zo1DDuu9bS0Z_VqrLWNRD-CiFe-I_g5iZJEcuMvwtqRENfRP_JZa1QnWs8zASp1ptaWG9qZ1DM1Ihw8P68U5K4MgG_mcS-uN1ZMjIo-n11WW_es2gk5uIBkGttd6EjP9BnfDN9K04nuDJGJ5ZbvsHS8u7Kc7SqAWMXbzhQhDZtzpYSrVQntusjRR2-0wnaiBdcG0bREhtYxrnPFVADLmaeA_tEIs6Wm5ex_AukYSRiTEXJSCom6A-wSFuvrmvg_sGpp-VW7ii3Sh61N0Lavof3mTDIIbblUgKfIUS7u1qrT4AvCzV0qlN-5Gogfz_V8NLElx9SiV07fWt_9Z3l7a9aSDGtshr_hA4kGyuHZf-OkDvtQsgCQGETPtN6Qkmenga41t6IFNHJTq86P4hE9gARYF8KFcQSNhlFmZSj-1OJI7NEJBEahYIGSXLBlz-9m8Iw3eCXcMbmCBRN6uC12qS50HWNNNUDDn8rIru7ibERRcxGEKBlmxJLi7KUc8whCA-tOkOTLgEesHYWud8yojqeHNxBexRiCGcurW8wDweV_j4iaZ4QGokOZL_FQgHt04PWLBw89naz_ltZ5iGrIcCZ1DkSx1xCfwoG76if1C0NIThovAXeCNLxL_OXjYaVSpUY9zUD5nZ90BTfzj_NjY6gBGiYfwK8lBJBWwuQGzjhPMDMLWYLohpIwdcSk33V6H2dKLulaOoOqXDh9SZwUJJ1zm1l2ELk_ksmVaq4_SA9wqzH-WZdrmf-xOFHrU7WKrd8FoJIuuV-KDQ0EfP7o0Tlpmk5z_IQ5BaSBxSE16gMinGRwC03NLaKsYXvX35xxPQRBdsLEScq_cFs-ohhZuaSLh2tIXzIVn6J6FB8XJRR4H-ykK3Tg5TBc7g1zqAHOX9lG73VpMC3F7uzw8KGigIABIk5GjPt5yXms6UFmRYovX7xvZ7IsgFWKotqXaO7ciGElA2jN2-YAE&ias_dspID=3&ias_campId=1008765121&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=18081294602&bidurl=https://theinterview.top/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g5RdX0wd5AaxYfbjv9rMRT&adsafe_url=https%3A%2F%2Ftheinterview.top&adsafe_type=y&adsafe_url=https%3A%2F%2Ftheinterview.top%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fcbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fcbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:99885c26-b48e-35c3-45e0-c085d380f567,c:s8qtKz,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7577479748-9xz8z,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tlm36wn+11%7C1211%7C1212%7C13%7C14%7C15*.1132697-64943729%7C151%7C1521%7C161%7C1621,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:20,oid:bff2e4c8-5504-11ed-84a3-b60439ba132d,v:19.8.358,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:55:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame ACB2 30 KB
11 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:25:40 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF33 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByUTl8OlYY9KSJKWE9u8Pv6-GoAYAAAAAOAHgBAI&bg=!zs2lzYnNAAaaxvStusY7ACkAdvg8Wuw4_f5ValEPhJpIuYXL6K2F4_5VFIPAUnskZqB8PLDJBIs30AIAAAE7UgAAAAJoAQcKAAnSNJd3U-bE-oWZAvBwDYMLBjKxmAyaHzvIqQB7EUfFsPXS-CwmE_KmblL99aWYd0SVChPh7WrQPCJUSC1hpeoroTqkM2Wv1H2sx-mZ1orYg3D9CMx5LkZSTXsiVZfYH9YryotuBz9geoSfRgSZOVn0nLmssDVVb7XlhIpNuC0fYa-mDWXY0EqTpXxCcl031r0kiQvshVd_5eJ9Tm5tdpAh4B9L_7nyIs-19SewUqebJBEfGtXCrx59motJY0dRCtJ-fJRAeglk0hu_02ns_hJFW7H1uO5aqN-fNv0yAuGm1QTi4j-9n7QnQSR4R6BzbVFQJI92XVtSFYKnTLuf67jlzkIe6BnjcN_fnM-b4q6q8_dHHep_8oEpLG9BkM6unh0qr85610fRXKgMyG_KpyK-qGNNbKSscg4Z9PBzZbFOujvWvH92ve25uN8fobu9oPJrSd9S1RyW0-KX_Lm7ytMyWEYMRTxfYqRuD1Nhzv9fKcsUpq9atjp5052WDi2ja8XqYs5sEf8p_inxtEyohXFG2FJzfVW8hza22CIVXJj2qb5Ie1dZLatUQS0Kz9oV95O_U1xn3deAcrX0lW_Wr_TaXy-u5-t_AiSZQhJ_CTe_fL0rfE5lVqAb2kxj38WFokGw8aX13US5XGumXPtwieMbZbekyZg6rznmiCmF2wYg2F3n42obEY_eUHS77BpwW07oC6Etj1RJVeggZfbYalwdpOxc2j3EPRaFZWVpOpmYGQOF5r8R-Qx0nui0QqVOUcQQWtvPTZ8L6nvWQpJmHG4GKBcU_qopPUf3GDOETG0IZjfsaVaNSOlFep7EQU2p_W5gp5UCkcUtJbODYsPc2zeFHwq2JIXqag4KdGxvgo4mJ-YRppS4QEiuk0poBtbrVSaF9fALSeA2YB4LMSwCFbXU5HfOQr8fG0Y1PaAohjJnEtz3qVDELwVkQUgbgFndTSIV1jJEUIm-GHeh_9ZFvkBU87lpG0N5AeLuBxFsUlezZ0cq9JiaGueEYp9M6g

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 978E 15 KB
6 KB 144ms
44ms Document
text/html 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,onemobile,onetag,pubmatic,pulsepoint,sharethrough,smilewanted&cb=195-0-49
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://theinterview.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=104695
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 26 Oct 2022 08:04:01 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 27 Oct 2022 13:08:56 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 jquery-migrate.min.js Show response
theinterview.top/wp-includes/js/jquery/ 11 KB
4 KB 76ms
75ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/wp-includes/js/jquery/jquery-migrate.min.js?screx=1&sxcb=1a&ver=3.3.2
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: 8704650cfb8bf873b0e1972bc6a3e34546d08be5bb5419968ebba009a86e8c15

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 UTC
content-encoding: br
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
display: staticcontent_sol
x-origin-cache-control: public, max-age=31536000,public
x-ez-proxy-out: true 2.3
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;mm;a55d4d01e1bf8cff111cd591f9bf0276;2-205805-7;e2c92c8c-1181-4f0e-4180-0ffde216aeef
content-type: application/javascript; charset=UTF-8
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000,public
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 02E0 106 KB
37 KB 158ms
91ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
Origin: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Oct 2022 08:38:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame 02E0 8 KB
3 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1132697/64943729/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-Bjh2auWtteFShuIuA5u0JzNHXaUi5T9qJayfEI5Tj3CbSsAwuStJ_ytANEYzRS2nfTzF1kuD3bh042r85VignI5324EFCeNmIe6dFPajJJDWhUeD-FpJBHof7g__5a55OIozAQpsNnn8UFqXRt8h2dQ1XUmcEBmJbwLV9_0m8zUNm86tsS-RIAoCZ_4ESRNq0g5-1YFhg-OcKcLQqmUrgyE3_4ujDSMpVDrlHr1ftgunB_IVYPv5NUKg87a0BuStdtRzVISfk4_Qe0-dVF7phi8YkAEjCwYUlBNUBuSKJQuJoee4EpQZXJbsNBv_bgSm9t8boqKG6xaGvRy9STn1-cMyTrXqpn8N1NLLpwgoHmUP050RyGz9af7DwcaPBDe6JqOCBR5a0hAnuImh2NYWfDMGkNWdTgjJ_T2Ocgdhp1EHLyNd2q27eCY4V81lrH4hq7vKWR3_Z7y9UIGuMAzV9srnRA5TsWNM5KiAoC-Y-Cz3ppKCpGTsTGc29rcfjnlL7la61-cHQBGrZzvpo48xwWk5rI4ajGawfJBGCRZpktfbZyuLJuIrifPT10JG6p25N5fRBhrNCDxCs2p6kt_2uvtx1NOGicTWLhCBfluYO-4pY6B26K-w4X8V-NkFxjoZGKKkJ2hqKaOmfznfPmTvksshOg-_BIBFbxceBiYkMuZualCYtEl0Y6x6UudoMzbA0XgMTQdwvrmQC6AoGlWCLobQBiHtG6hEYzkfIPbznioD5HzDRDONNXGHSh5Qp9c1E_PipjpA0yr6QovyrEI9NZvdQ80UWIDRu-2Sz2xgwXoqKwADBToW6EqdTki82ppNpEMsi9cZ84_AJpa9KsG513ziCiiN65cNbefSzw-SzQlSRwXeJVs_cwH7S4Si6qWXNSIfMd3Vt9Iz6w6pYaHQkvHT5c29Y5r5524wSlBnY0gneMC1r1tYNsH4PJ8z3JcR8NWeiwcbus25KnO89Rqfexopoj1SQptbIhy57w3s0JCd2mWddHKjNNHHZIw20PGiaUMNjYKmuQFfPzwB6EAtQqdrHAu_qInHbZIDTP2oM765DfUpy_jZlX91jNk0RZXIFKNvmMlvCpscOJPZo2XHqYNX-rVb7Qmk9T7L-UttHYiyLmespEnoJpKsa_hVDUYbZEkZQ-69a_AOkvcSsGT_MAN_EHymrPUV8t2xdtqaSp_J-uOLj0Q5BRtcj40f2pm2VCmN5vNfrf1rXqTchSY5n--n21W735c6W7lNwsoFJAXldxHQGULixaRVG6ORqUDT3WqV_a7BZWJZOYx8SVwWhJ-0tBVqIo1aeEkLbu1BLb47LEVeUZz47WiOSvOONRowwdmjMPMKLwSAcgBEBNAvWwZhv9g9jxVw5h7QvYN0d8qebTao5ZKN-QzbihUZ2HbwA9gr3UVum6-PKQTQ9neiUaJsvAJLn2z4_UOWoUKtbX0P7C6V7FgDyHbVmJToMImTdm61GJ3WsHyMHBx5XyxlcVb2r56cNBCdT_oUhSueYr-9YhCs6eXcBKTC6J88qx9uFM2PZMafY6YCbdoC_vricsiEOOMyW8KMhrLw2l99QtQKdUFaVMyGN14juCd6ApD5AHSw_HFK_Iz4wg46shnGWwZxwSEVVEbdDIZkvMUMfhRC_zhz8Kt2aqzp4S7Vn3I_agOpv1ji-W3QZnv9Xau_Qf9EbLiYk3mJXzGxDAKJVQLdZw4FkeZMOja4UXeFyxR7uhkuB8hNmlcILFuTTj8F5xrEXcQsp7jgmuzXNg0wgT7JeLwhQy7uiT_t8LM4MLKpeiLVA1vrxT4IycGViKqOBy3OMOmj_HiURD1Bgl9d_Jk24Pnuz66JDzo9qs4hXbqh808SVcyKfFSZukzq1Y8T9crsNIgekwcoqBqQ0FIt1-gvNBgta1ogdKxjUUVWmXjto5uW9FAoYNK9w9DZip7gfUy9_IOctnZfSpIRcuMkKnD_WrymauLBdqzPuzvxVFse9zi2UP-7Uj2FaphcRvzRmZxKecrj_XOTJjzmcG3cU3kz5rbpjtAp3tRL5hVNiyXOfdKlFDuzSFdhZmpnYXGLfmiCMrkXzRlBWZlsrVr80V3faQrcDmagmOzUy3eWavxC8i4PB9XCrjYoo87gGmEmOTxuX-jMsUTmTdM_HUoE6Eq6tdFvHumKfJH2AGMPMr4GvYPuYsGS5KGFRzP_-3K6u-_HGOEdNRKi9Wy0RaQSpmLNpyDZrN6sewcXX95rpwjDGy81rp2X8swqGu6tJ8cb0TX3JxfdCr0IeteW7NZBkAZsaRYDo9qLtRxQB_2sHvns0DMSV6Fs_YlhEvLJ7HB5WU4Lckkqvg-B0F4fhnQE3bRoCkp91qqcneMT6qVzhRISvX9XQOaSiZp_CtEwqsgCpCLvZ7UZEspYJ_IaAWwGaH4WYVG3ZvMqu3DiVdBpi0um4HKCsr6hjx5sRdpQfGsmcNGR3CPy2s4yIgIoh_u6LEC-AqFNJyVdgHlZI8Qqtf48-FSVS5NIIeUGmJtc2wQQqs-vyGtomVBC8JdUXBGX-dBgn_1CYHX70rPwmZQ69wzMmOx3MsHVEDxyl-76N4ikdx8WErPh-T9AYaHQZY9qGAPxwFLlf4GaILM_0kVEMEc-yiISeqM2rMyYnNiS66nlbxoYQinNuS_eSxrOeObtsLBYKbXyGIH0E6jvLU4YBgITdTFEUfT4fBOmIeoihfBDQd7ZG5vG9Y71itHyFkA-wYygwVj9ajcqnsqOqBEJckMDPv2U5rCU2OEVqtMF4GfmBsOQdC_Qk48J-5yNoGMoU7Vue-2pcVgnndnsKvEdaqOmCXrxE52kfThOaFp50EzREhvTxloFtunzqGI_6nRuyUOly_Y-dBmuYgXFjIjh1ViF-yCI3a5MgRPIABWDa7wmeBINvMZJmneW4R9vASvlqhwm-NF9oN_Q493e2uGmz7CeCG4WiUU3p8xcjyFLSGnFpeG2tiW1dvmNU4Q9NJtgTbOfNph_IR5qr7MlSnGLyQs56SZVF-K1V8LvBzk5lBaHhtoRmPR-ZFqkKjiFc6YVdlgnq7NlNIoAsFoPmDNFu_ZEIMSGbKpQrWEMhpnONesFHXR26wrcfAiaIZvIcb7fk5mBIaTCsFsRwwDS-8xwG5O9c7Tjx31ZuLo1kxmv-qd1TmF-_EUL30RDQuBJ-_YihiXbz2uRiMBVfTUZXCm88bUSS5W1h4Na08bej0aoxYs7_r7HMYI31F__yjAV_qIhCKxPJYJyVL9xOKNg2kIVgu2Ltf2-iEqbHEiZOOOoJD9ytv8CkNypCcYgE1YF06-_WVvJrr69qMCrPa4BiCaWGdUGTmeeWqA2PtZbuIwaKzCtc8NObZCkxJJQF0uDvwOuxegphKv2dyQ4yy21onZNIEj98Y4lQfWK5_161TOINnfuoGGigIABIk5GigFBKgayGn4ECBtj9IKfX2D1tSjbtwQk-5nv5foaQfyKe1YAE&ias_dspID=3&ias_campId=1008765121&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=18081294602&bidurl=https://theinterview.top/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0igsVaT-ET_EJMQDRfJ10lf&adsafe_url=https%3A%2F%2Ftheinterview.top&adsafe_type=y&adsafe_url=https%3A%2F%2Ftheinterview.top%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fcbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fcbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:26d38a74-90bc-4c6e-bae2-d5668776c063,c:s8qtLf,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7577479748-tnlxn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tlm36x4+11%7C1211%7C1212%7C13%7C14%7C151%7C1521%7C153%7C16*.1132697-64943729%7C161%7C1621,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:19,oid:bff2e4ed-5504-11ed-a2f8-2a24ce032c71,v:19.8.358,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 15:55:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 02E0 30 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1132697/64943729/xbbe/creative/adj?p=APEucNUl7aPSbzWB_kY74H_SinG-KUJOd00KzZbI1IGqCX_JqBaqz5I&d=CokBAKAmf-Bjh2auWtteFShuIuA5u0JzNHXaUi5T9qJayfEI5Tj3CbSsAwuStJ_ytANEYzRS2nfTzF1kuD3bh042r85VignI5324EFCeNmIe6dFPajJJDWhUeD-FpJBHof7g__5a55OIozAQpsNnn8UFqXRt8h2dQ1XUmcEBmJbwLV9_0m8zUNm86tsS-RIAoCZ_4ESRNq0g5-1YFhg-OcKcLQqmUrgyE3_4ujDSMpVDrlHr1ftgunB_IVYPv5NUKg87a0BuStdtRzVISfk4_Qe0-dVF7phi8YkAEjCwYUlBNUBuSKJQuJoee4EpQZXJbsNBv_bgSm9t8boqKG6xaGvRy9STn1-cMyTrXqpn8N1NLLpwgoHmUP050RyGz9af7DwcaPBDe6JqOCBR5a0hAnuImh2NYWfDMGkNWdTgjJ_T2Ocgdhp1EHLyNd2q27eCY4V81lrH4hq7vKWR3_Z7y9UIGuMAzV9srnRA5TsWNM5KiAoC-Y-Cz3ppKCpGTsTGc29rcfjnlL7la61-cHQBGrZzvpo48xwWk5rI4ajGawfJBGCRZpktfbZyuLJuIrifPT10JG6p25N5fRBhrNCDxCs2p6kt_2uvtx1NOGicTWLhCBfluYO-4pY6B26K-w4X8V-NkFxjoZGKKkJ2hqKaOmfznfPmTvksshOg-_BIBFbxceBiYkMuZualCYtEl0Y6x6UudoMzbA0XgMTQdwvrmQC6AoGlWCLobQBiHtG6hEYzkfIPbznioD5HzDRDONNXGHSh5Qp9c1E_PipjpA0yr6QovyrEI9NZvdQ80UWIDRu-2Sz2xgwXoqKwADBToW6EqdTki82ppNpEMsi9cZ84_AJpa9KsG513ziCiiN65cNbefSzw-SzQlSRwXeJVs_cwH7S4Si6qWXNSIfMd3Vt9Iz6w6pYaHQkvHT5c29Y5r5524wSlBnY0gneMC1r1tYNsH4PJ8z3JcR8NWeiwcbus25KnO89Rqfexopoj1SQptbIhy57w3s0JCd2mWddHKjNNHHZIw20PGiaUMNjYKmuQFfPzwB6EAtQqdrHAu_qInHbZIDTP2oM765DfUpy_jZlX91jNk0RZXIFKNvmMlvCpscOJPZo2XHqYNX-rVb7Qmk9T7L-UttHYiyLmespEnoJpKsa_hVDUYbZEkZQ-69a_AOkvcSsGT_MAN_EHymrPUV8t2xdtqaSp_J-uOLj0Q5BRtcj40f2pm2VCmN5vNfrf1rXqTchSY5n--n21W735c6W7lNwsoFJAXldxHQGULixaRVG6ORqUDT3WqV_a7BZWJZOYx8SVwWhJ-0tBVqIo1aeEkLbu1BLb47LEVeUZz47WiOSvOONRowwdmjMPMKLwSAcgBEBNAvWwZhv9g9jxVw5h7QvYN0d8qebTao5ZKN-QzbihUZ2HbwA9gr3UVum6-PKQTQ9neiUaJsvAJLn2z4_UOWoUKtbX0P7C6V7FgDyHbVmJToMImTdm61GJ3WsHyMHBx5XyxlcVb2r56cNBCdT_oUhSueYr-9YhCs6eXcBKTC6J88qx9uFM2PZMafY6YCbdoC_vricsiEOOMyW8KMhrLw2l99QtQKdUFaVMyGN14juCd6ApD5AHSw_HFK_Iz4wg46shnGWwZxwSEVVEbdDIZkvMUMfhRC_zhz8Kt2aqzp4S7Vn3I_agOpv1ji-W3QZnv9Xau_Qf9EbLiYk3mJXzGxDAKJVQLdZw4FkeZMOja4UXeFyxR7uhkuB8hNmlcILFuTTj8F5xrEXcQsp7jgmuzXNg0wgT7JeLwhQy7uiT_t8LM4MLKpeiLVA1vrxT4IycGViKqOBy3OMOmj_HiURD1Bgl9d_Jk24Pnuz66JDzo9qs4hXbqh808SVcyKfFSZukzq1Y8T9crsNIgekwcoqBqQ0FIt1-gvNBgta1ogdKxjUUVWmXjto5uW9FAoYNK9w9DZip7gfUy9_IOctnZfSpIRcuMkKnD_WrymauLBdqzPuzvxVFse9zi2UP-7Uj2FaphcRvzRmZxKecrj_XOTJjzmcG3cU3kz5rbpjtAp3tRL5hVNiyXOfdKlFDuzSFdhZmpnYXGLfmiCMrkXzRlBWZlsrVr80V3faQrcDmagmOzUy3eWavxC8i4PB9XCrjYoo87gGmEmOTxuX-jMsUTmTdM_HUoE6Eq6tdFvHumKfJH2AGMPMr4GvYPuYsGS5KGFRzP_-3K6u-_HGOEdNRKi9Wy0RaQSpmLNpyDZrN6sewcXX95rpwjDGy81rp2X8swqGu6tJ8cb0TX3JxfdCr0IeteW7NZBkAZsaRYDo9qLtRxQB_2sHvns0DMSV6Fs_YlhEvLJ7HB5WU4Lckkqvg-B0F4fhnQE3bRoCkp91qqcneMT6qVzhRISvX9XQOaSiZp_CtEwqsgCpCLvZ7UZEspYJ_IaAWwGaH4WYVG3ZvMqu3DiVdBpi0um4HKCsr6hjx5sRdpQfGsmcNGR3CPy2s4yIgIoh_u6LEC-AqFNJyVdgHlZI8Qqtf48-FSVS5NIIeUGmJtc2wQQqs-vyGtomVBC8JdUXBGX-dBgn_1CYHX70rPwmZQ69wzMmOx3MsHVEDxyl-76N4ikdx8WErPh-T9AYaHQZY9qGAPxwFLlf4GaILM_0kVEMEc-yiISeqM2rMyYnNiS66nlbxoYQinNuS_eSxrOeObtsLBYKbXyGIH0E6jvLU4YBgITdTFEUfT4fBOmIeoihfBDQd7ZG5vG9Y71itHyFkA-wYygwVj9ajcqnsqOqBEJckMDPv2U5rCU2OEVqtMF4GfmBsOQdC_Qk48J-5yNoGMoU7Vue-2pcVgnndnsKvEdaqOmCXrxE52kfThOaFp50EzREhvTxloFtunzqGI_6nRuyUOly_Y-dBmuYgXFjIjh1ViF-yCI3a5MgRPIABWDa7wmeBINvMZJmneW4R9vASvlqhwm-NF9oN_Q493e2uGmz7CeCG4WiUU3p8xcjyFLSGnFpeG2tiW1dvmNU4Q9NJtgTbOfNph_IR5qr7MlSnGLyQs56SZVF-K1V8LvBzk5lBaHhtoRmPR-ZFqkKjiFc6YVdlgnq7NlNIoAsFoPmDNFu_ZEIMSGbKpQrWEMhpnONesFHXR26wrcfAiaIZvIcb7fk5mBIaTCsFsRwwDS-8xwG5O9c7Tjx31ZuLo1kxmv-qd1TmF-_EUL30RDQuBJ-_YihiXbz2uRiMBVfTUZXCm88bUSS5W1h4Na08bej0aoxYs7_r7HMYI31F__yjAV_qIhCKxPJYJyVL9xOKNg2kIVgu2Ltf2-iEqbHEiZOOOoJD9ytv8CkNypCcYgE1YF06-_WVvJrr69qMCrPa4BiCaWGdUGTmeeWqA2PtZbuIwaKzCtc8NObZCkxJJQF0uDvwOuxegphKv2dyQ4yy21onZNIEj98Y4lQfWK5_161TOINnfuoGGigIABIk5GigFBKgayGn4ECBtj9IKfX2D1tSjbtwQk-5nv5foaQfyKe1YAE&ias_dspID=3&ias_campId=1008765121&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=18081294602&bidurl=https://theinterview.top/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0igsVaT-ET_EJMQDRfJ10lf&adsafe_url=https%3A%2F%2Ftheinterview.top&adsafe_type=y&adsafe_url=https%3A%2F%2Ftheinterview.top%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fcbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fcbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:26d38a74-90bc-4c6e-bae2-d5668776c063,c:s8qtLf,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7577479748-tnlxn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tlm36x4+11%7C1211%7C1212%7C13%7C14%7C151%7C1521%7C153%7C16*.1132697-64943729%7C161%7C1621,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:19,oid:bff2e4ed-5504-11ed-a2f8-2a24ce032c71,v:19.8.358,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Nov 2022 14:25:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D322 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 39604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 21:03:57 GMT
etag: 48472445140208031
expires: Wed, 26 Oct 2022 21:03:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ACB2 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44a89e43aca476a63f197c996556196377c8945cb8f0f5759c19a4c0371b30c3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D91D 1 KB
643 B 42ms
41ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 39604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 21:03:57 GMT
etag: 48472445140208031
expires: Wed, 26 Oct 2022 21:03:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 02E0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d9a59575703d044522c52228d042dccd4a5f90a73e6923a7ef4c9b42df44c36

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 wpp.min.js Show response
theinterview.top/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
1 KB 57ms
57ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?screx=1&sxcb=1a&ver=5.2.4
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: 55c05dfa890ddde7d2ed894efde5f09510a9932aaa3dbff46a2c93e9cc658fb0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;38de7a71554e6376749ed1c4dc67e758;2-205805-7;d3a323c0-2b67-4531-6ece-9f7e87ea604d
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1110
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
x-ez-proxy-out: true 2.3
x-origin-cache-control: public, max-age=31536000,public
vary: Accept-Encoding,User-Agent,Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D322
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPkItKGijTbRxyOFdzixsaE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPkItKGijTbRxyOFdzixsaE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXNKc21lazkxT05Cb2w1&google_gid=CAESEPkItKGijTbRxyOFdzixsaE&google_cver=1&google_push=AZmPxg8kqYpa2unYOLMK0GqLKXJa49C6dRy3raH3N7D6iCg...

170 B
188 B

56ms
52ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXNKc21lazkxT05Cb2w1&google_gid=CAESEPkItKGijTbRxyOFdzixsaE&google_cver=1&google_push=AZmPxg8kqYpa2unYOLMK0GqLKXJa49C6dRy3raH3N7D6iCg3iKMpRs7Gb5BvjO44Rte6rTNQApMioRKygghL1f_oaGy2HNS19Uuq

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 08:04:01 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0a4402c7ccc8b73ba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MXNKc21lazkxT05Cb2w1&google_gid=CAESEPkItKGijTbRxyOFdzixsaE&google_cver=1&google_push=AZmPxg8kqYpa2unYOLMK0GqLKXJa49C6dRy3raH3N7D6iCg3iKMpRs7Gb5BvjO44Rte6rTNQApMioRKygghL1f_oaGy2HNS19Uuq
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D322
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEMa0dhgqXFZQQ0vbAZi2QFI&google_cver=1&google_push=AZmPxg_ddxxberi8XGj750CFV2c_EpyFS69CeLuG-YO0APFUU6_934SNgtoWE7xT62zZi72iNpGDfRctmiQeudmSq9Y2OIiZIJ2p
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RDhCM0MxODcwOTQ1MkMzOA==

170 B
188 B

52ms
52ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RDhCM0MxODcwOTQ1MkMzOA==

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RDhCM0MxODcwOTQ1MkMzOA==
date: Wed, 26 Oct 2022 08:04:01 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D322
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIyG3Qz_ClOP9_qTEI8bqfE&google_cver=1&google_push=AZmPxg_mxWmHmS0fO4tPKocwYhC7o3wqp_p-CbdE6-EdwI2ZDg3J-fi-gjjhbZAxLPXxNRmoD4rqgsSJohz...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg_mxWmHmS0fO4tPKocwYhC7o3wqp_p-CbdE6-EdwI2ZDg3J-fi-gjjhbZAxLPXxNRmoD4rqgsSJohzJHTLtFVT6lUQpmsQ

170 B
188 B

51ms
51ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg_mxWmHmS0fO4tPKocwYhC7o3wqp_p-CbdE6-EdwI2ZDg3J-fi-gjjhbZAxLPXxNRmoD4rqgsSJohzJHTLtFVT6lUQpmsQ

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg_mxWmHmS0fO4tPKocwYhC7o3wqp_p-CbdE6-EdwI2ZDg3J-fi-gjjhbZAxLPXxNRmoD4rqgsSJohzJHTLtFVT6lUQpmsQ
Date: Wed, 26 Oct 2022 08:04:01 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D322
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELfsmacdiKvcpGyig4WDUso&google_cver=1&google_push=AZmPxg_EN4ccB_vdcR8P6pn1wb-5Tv7XBhXjdf9S0IUZZCRk4HTapDz4a46wUv-AYU8l9wHJiMiviviJ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELfsmacdiKvcpGyig4WDUso&google_cver=1&google_push=AZmPxg_EN4ccB_vdcR8P6pn1wb-5Tv7XBhXjdf9S0IUZZCRk4HTapDz4a46wUv-AYU8l9wHJiMi...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI5NjExODk3ODIzNDc0NzIwMg&google_push=AZmPxg_EN4ccB_vdcR8P6pn1wb-5Tv7XBhXjdf9S0IUZZCRk4HTapDz4a46wUv-AYU8l9wHJiMiviv...

170 B
188 B

55ms
55ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI5NjExODk3ODIzNDc0NzIwMg&google_push=AZmPxg_EN4ccB_vdcR8P6pn1wb-5Tv7XBhXjdf9S0IUZZCRk4HTapDz4a46wUv-AYU8l9wHJiMiviviJI0cma0QRvXlTZYekvNc2

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI5NjExODk3ODIzNDc0NzIwMg&google_push=AZmPxg_EN4ccB_vdcR8P6pn1wb-5Tv7XBhXjdf9S0IUZZCRk4HTapDz4a46wUv-AYU8l9wHJiMiviviJI0cma0QRvXlTZYekvNc2
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET sync
sync.srv.stackadapt.com/ Frame D322 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D322
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESELYVfG0WtP0WEPp-HwuuOiQ&google_cver=1&google_push=AZmPxg9vP2QqGo74lVDoufHbLwtc-Cu6H2B53-QAvo1bEN3el1qlHR2DAvB1NOxhe8L8_5qqgee4AdfQHW7k3mUApaZk9EKrJYQ-
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA5NzczMDQxNTAxMTc5MzAwMFYxMA%3d%3d&mn_hm=MzA5NzczMDQxNTAxMTc5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9vP2QqGo74lVDoufHbLwtc-Cu...

170 B
188 B

54ms
54ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA5NzczMDQxNTAxMTc5MzAwMFYxMA%3d%3d&mn_hm=MzA5NzczMDQxNTAxMTc5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9vP2QqGo74lVDoufHbLwtc-Cu6H2B53-QAvo1bEN3el1qlHR2DAvB1NOxhe8L8_5qqgee4AdfQHW7k3mUApaZk9EKrJYQ-&gdpr=&gdpr_consent=

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 08:04:01 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA5NzczMDQxNTAxMTc5MzAwMFYxMA%3d%3d&mn_hm=MzA5NzczMDQxNTAxMTc5MzAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9vP2QqGo74lVDoufHbLwtc-Cu6H2B53-QAvo1bEN3el1qlHR2DAvB1NOxhe8L8_5qqgee4AdfQHW7k3mUApaZk9EKrJYQ-&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
X-MNET-HL2: E
Expires: Wed, 26 Oct 2022 08:04:01 GMT

GET /
b1sync.zemanta.com/usersync/googleopenbidding/ Frame D322 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D322 0
12 B 51ms
50ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LTekAOKgAKTGftRsDur2GfX7M-OtcwpYZirpSjm8czD4SlJmX0MPEXLF_APhHGZWInRVWFzQ

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame D91D 0
104 B 183ms
63ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEK_HZ33NrbfBzXB2ChU4qY8&google_cver=1&google_push=AZmPxg_94uVU67H1meRLj30ujcgC57oL3QwtG0MpnB--uww7i-EcuKBGsWr1z4mhK9JU4-hs25w42FbB0DCi5TSDgnMZnQWM7ayjeQ
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D91D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHsM7xn_dmJrQvit5ZVpQtU&google_push=AZmPxg8p8jCCYZNH7SEEY8QOT6-sGFewcleFQ9W3HwveHNjoxQ3zg9cWpq...

170 B
188 B

55ms
55ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHsM7xn_dmJrQvit5ZVpQtU&google_push=AZmPxg8p8jCCYZNH7SEEY8QOT6-sGFewcleFQ9W3HwveHNjoxQ3zg9cWpq4-eU_lUB2ahTsmkrxwO4-tZ0Hmrkp7zoD1QTznldVK7Q

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-lcy19234-LCY
pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1666771441.405525,VS0,VE79
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHsM7xn_dmJrQvit5ZVpQtU&google_push=AZmPxg8p8jCCYZNH7SEEY8QOT6-sGFewcleFQ9W3HwveHNjoxQ3zg9cWpq4-eU_lUB2ahTsmkrxwO4-tZ0Hmrkp7zoD1QTznldVK7Q
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D91D
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEJURvNhmqd4EJkc2LtNrzQ&google_cver=1&google_push=AZmPxg9-DLzPaT0kCiwZ9mBbrAYItTQHO6Id84Q1q25MR2GyTXDQ0faUlOQE2aegKU48gjmzNcM4K3buX6y...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg9-DLzPaT0kCiwZ9mBbrAYItTQHO6Id84Q1q25MR2GyTXDQ0faUlOQE2aegKU48gjmzNcM4K3buX6yC5mGyI5WXsJEE08PQ&google_hm=EwYPUgXZSEOyx5jSEjVxlmU

170 B
188 B

53ms
52ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg9-DLzPaT0kCiwZ9mBbrAYItTQHO6Id84Q1q25MR2GyTXDQ0faUlOQE2aegKU48gjmzNcM4K3buX6yC5mGyI5WXsJEE08PQ&google_hm=EwYPUgXZSEOyx5jSEjVxlmU

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:00 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg9-DLzPaT0kCiwZ9mBbrAYItTQHO6Id84Q1q25MR2GyTXDQ0faUlOQE2aegKU48gjmzNcM4K3buX6yC5mGyI5WXsJEE08PQ&google_hm=EwYPUgXZSEOyx5jSEjVxlmU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D91D
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIyG3Qz_ClOP9_qTEI8bqfE&google_cver=1&google_push=AZmPxg95u5kcUyYUd9T0UnHcXopw8Bnb14-wQAcuofocr0eEE-LDgtSXI6xiB0JYZ_8PeMbnPC0uyQRixig...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg95u5kcUyYUd9T0UnHcXopw8Bnb14-wQAcuofocr0eEE-LDgtSXI6xiB0JYZ_8PeMbnPC0uyQRixigif9z6cmHtvdifhXht

170 B
188 B

50ms
49ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg95u5kcUyYUd9T0UnHcXopw8Bnb14-wQAcuofocr0eEE-LDgtSXI6xiB0JYZ_8PeMbnPC0uyQRixigif9z6cmHtvdifhXht

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg95u5kcUyYUd9T0UnHcXopw8Bnb14-wQAcuofocr0eEE-LDgtSXI6xiB0JYZ_8PeMbnPC0uyQRixigif9z6cmHtvdifhXht
Date: Wed, 26 Oct 2022 08:04:01 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D91D
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEM7AzNJ19TriSacf1100X2A&google_cver=1&google_push=AZmPxg-yVy6BilqNyuY7txJbiztFeLJSTdI6E9W-yaxQ8eBQbJ5G_8jmP15cHJAW4pa3-JlV68Ryj7XqyG...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEM7AzNJ19TriSacf1100X2A&google_cver=1&google_push=AZmPxg-yVy6BilqNyuY7txJbiztFeLJSTdI6E9W-yaxQ8eBQbJ5G_8jmP15cHJAW4pa3-JlV68Ryj7XqyG...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg-yVy6BilqNyuY7txJbiztFeLJSTdI6E9W-yaxQ8eBQbJ5G_8jmP15cHJAW4pa3-JlV68Ryj7XqyG50M3SOSmGz9wXUrwAV&google_hm=

170 B
188 B

51ms
51ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg-yVy6BilqNyuY7txJbiztFeLJSTdI6E9W-yaxQ8eBQbJ5G_8jmP15cHJAW4pa3-JlV68Ryj7XqyG50M3SOSmGz9wXUrwAV&google_hm=

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 26 Oct 2022 08:04:01 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg-yVy6BilqNyuY7txJbiztFeLJSTdI6E9W-yaxQ8eBQbJ5G_8jmP15cHJAW4pa3-JlV68Ryj7XqyG50M3SOSmGz9wXUrwAV&google_hm=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D91D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBNfVTCmqtlVKAv_-4m87cs&google_cver=1&google_push=AZmPxg9UBdrW5ObgVrkOwg2Dh8qNInsh5il7r0aQbbTowiPtozCYsScIYNw13zi57ImN4H2TfIE-uFrYj0PCuxKZ1dyAEVN...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9UBdrW5ObgVrkOwg2Dh8qNInsh5il7r0aQbbTowiPtozCYsScIYNw13zi57ImN4H2TfIE-uFrYj0PCuxKZ1dyAEVNM4unX&google_hm=OTA5NDQwNTMyODMzMDIyOT...

170 B
188 B

53ms
52ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9UBdrW5ObgVrkOwg2Dh8qNInsh5il7r0aQbbTowiPtozCYsScIYNw13zi57ImN4H2TfIE-uFrYj0PCuxKZ1dyAEVNM4unX&google_hm=OTA5NDQwNTMyODMzMDIyOTY0MA%3D%3D

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 26 Oct 2022 08:04:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9UBdrW5ObgVrkOwg2Dh8qNInsh5il7r0aQbbTowiPtozCYsScIYNw13zi57ImN4H2TfIE-uFrYj0PCuxKZ1dyAEVNM4unX&google_hm=OTA5NDQwNTMyODMzMDIyOTY0MA%3D%3D
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D91D
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEJ36MceMjEks14Dx-5WdQkc&c_param1=AZmPxg_NDk60n4LvffBvC3VY0KjRUTDxgQ-ZN8826WLl1kkafPwVWMwwz-mcXEhQkxg6Qs13oThMBua6P3fE1C6gLsQ5rli68zyV&gdpr=%%GDPR%%&...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg_NDk60n4LvffBvC3VY0KjRUTDxgQ-ZN8826WLl1kkafPwVWMwwz-mcXEhQkxg6Qs13oThMBua6P3fE1C6gLsQ5rli68zyV

170 B
188 B

52ms
52ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg_NDk60n4LvffBvC3VY0KjRUTDxgQ-ZN8826WLl1kkafPwVWMwwz-mcXEhQkxg6Qs13oThMBua6P3fE1C6gLsQ5rli68zyV

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg_NDk60n4LvffBvC3VY0KjRUTDxgQ-ZN8826WLl1kkafPwVWMwwz-mcXEhQkxg6Qs13oThMBua6P3fE1C6gLsQ5rli68zyV
date: Wed, 26 Oct 2022 08:04:01 GMT
server: nginx/1.19.0
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D91D 0
12 B 50ms
49ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDKKRDbl2tWLcucb8RigRLRoizAwRiE8FhyU9HRCOz-MULL4QVfQOMOm971bjX_myZUqos

Requested by

Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 978E 3 KB
3 KB 108ms
36ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20507494&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: b5d033dcd8cdbe1e9b27d11942299523b2e5f4f082226b46bfec97e332fba60d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 26 Oct 2022 08:04:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 hls.0f8c90570c11654c76fa.js
cds.connatix.com/p/193450/ Frame E04A 0
47 KB 29ms
29ms Other
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/193450/hls.0f8c90570c11654c76fa.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 06:54:02 GMT
age: 3981
etag: "0610b09020d4072a7f4c463ad54d2e19"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48346

GET
H2 200 player.css
cds.connatix.com/p/193450/ 61 KB
9 KB 31ms
31ms Stylesheet
text/css 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/193450/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4a92f3bc62ab3c45967f99faba9869e6ce87186367b3ecc3a3ce1f93b61dc84d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 06:54:02 GMT
age: 3981
etag: "1134237d4e9e969f2e6a7ddb114782a3"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 9399

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ACB2 43 B
215 B 197ms
197ms Image
image/gif 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1132697&asId=99885c26-b48e-35c3-45e0-c085d380f567&tv=%7Bc:s8qtTm,pingTime:-10,time:565,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666771441420%7C%7C8d30fec5b5ec17d48f03a11e75566d45%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7Cb126ad7c92c5c5d18df821171f8d7a73%7C%7Cb3e996871bde5fdcf00d16f6c5e4d33c%7C%7C0c7e2402b14e23ea843a8befead9e8c8%7C%7C98a2556b32b0453ebf47a3d756c87767%7C%7C57742ab7c093843ed2954a4ec58eb868%7C%7C1663701684%7D
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 191ms
63ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b7d67d06bac26572d57ed774c41cb2b261812c74d791f1385e4220f5f1bbac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 08:04:01 GMT
content-md5: C2VE4zC5Xtc8DTDC5k7PGA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: qQctoSEOopKJ30Y4KA6ID9j4uav4KwnJEZTxGYL3b6WIA27A0JBKyufLmZ01gfP1O5SH988DGdrLarbLqm1K1w==
x-fb-trip-id: 917726464
x-fb-content-md5: 5a73287b13945f5e94e7d2f439b805d6
cross-origin-opener-policy: same-origin-allow-popups
etag: "4c83e2f72bff5faebc41865ed5102a82"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 08:08:07 GMT

GET
H2 200 wp-polyfill.min.js Show response
theinterview.top/wp-includes/js/dist/vendor/ 97 KB
32 KB 76ms
75ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/wp-includes/js/dist/vendor/wp-polyfill.min.js?screx=1&sxcb=1a&ver=7.4.4
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: c66a8580fafe921a35a79706ab3d48b5a29ea4ae5a435af0c7337726529c987d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 UTC
content-encoding: br
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
display: staticcontent_sol
x-origin-cache-control: public, max-age=31536000,public
x-ez-proxy-out: true 2.3
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;mm;4a43548ac70c92c561895007e6954fcc;2-205805-7;cd163122-1ecb-4265-53fd-c0905e9a0dbd
content-type: application/javascript; charset=UTF-8
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000,public
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11228725504373706873/GLBL-ENG_CC-01_0_728x90_BAN-A_HTML5_TOFU-no-CloudNetworking-NexusCloud-Networking_otrdnc029639_105/ Frame 17B0 97 KB
30 KB 139ms
59ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11228725504373706873/GLBL-ENG_CC-01_0_728x90_BAN-A_HTML5_TOFU-no-CloudNetworking-NexusCloud-Networking_otrdnc029639_105/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec59b67acebc605719c0cf9ad405720854a5e8bdfc65f8164786ee14df852f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 175693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 31129
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 07:15:48 GMT
expires: Tue, 24 Oct 2023 07:15:48 GMT
last-modified: Mon, 08 Aug 2022 08:51:50 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame ACB2 0
575 B 192ms
77ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-9mA-dGuot5uTVaZe3HUhGkOrB98HzrID7zK1OT427zFv6cqnGPCsp2DC3QvnJhlO5-BP8Z0i4bBDLZaNDEgWlbQa5GHX6-rtjDrAJ0zM1wmEohDgIK7s7aQl2dTY1cwJaPpKhxDBiG5iYqU0XEjP4hCmLDOQX57cGibu-Gw5nzkARa38oYben6ru_XlWg88i7t1XRpqSKAmj&sai=AMfl-YSSwOn30AoUWAB4vF2gPyYHN3jO7UT0sWWgeYN7Yn8hDnqw44756nUg4zwkE7C_6meVC4cR0vOuUskYUnRzXKRiUTPw1bWMpCICW8UoY4hc5NsTafdm-s2z2NWXdCy0UMYA10ociZYystcMRGlrLGQAGgAz&sig=Cg0ArKJSzFHjLzJh85YhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=283&cbvp=1&cstd=281&cisv=r20221020.34858&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/ Frame C459 77 KB
25 KB 116ms
40ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c46f125663227f070b1ec0f3e9095cdb7d5bd04b765e450255c3bd1c05adb39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 171131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 25719
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 08:31:50 GMT
expires: Tue, 24 Oct 2023 08:31:50 GMT
last-modified: Mon, 08 Aug 2022 08:31:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 02E0 0
63 B 190ms
78ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAUcpxSA5lFsZttJI0F8yLH2Tnh3vDoP2xTAupP4edibGhxggFLVf5rp0HHBUX3eMM2bYp-tykSmLvuRJRvsDknr2txqjOx4pHTSg3h42k3zu3CtYqdoa2pJ5_P-okHogBp2kxnZ09I2FutMojbDYJlFqjcogwjz5mV8DjNzXAGdGIwnv_brkWBjNj7D3a6oX7haHQwYjO9Ed-&sai=AMfl-YQeNUvgmNBYlE3d0Edgsp9yRmCQuY2EG7EWpNVze6Uzfe1iFOPu8he3DJCZjuE1q_lIW6xfLhRDonY38ucovynzvGVwxG5ZUCcyH6vgSLBnRQ170JlLt2cVN14Z2e0eFBZ44_A9V0gUblcM8MArSOM2c8TE&sig=Cg0ArKJSzF4fDjq_jE-DEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=253&cbvp=1&cstd=251&cisv=r20221020.41923&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: theinterview.top
URL: https://theinterview.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame E04A 5 KB
4 KB 142ms
141ms XHR
application/x-protobuf 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=193450&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 059294eaad3d4e8866ab69330ca247d83494bfb7aeb05caefbee696979bab75f

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/x-protobuf
access-control-allow-origin: https://theinterview.top
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3527

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 49ms
48ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=theinterview.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=theinterview.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 930 B
431 B 668ms
668ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3126539588222323&correlator=2259030895095817&eid=31070110%2C31069564&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=1254144%3A22490338074%2Ctheinterview_top-medrectangle-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C125x125%7C300x250%7C120x240%7C970x90%7C970x250%7C200x200%7C180x150%7C234x60%7C728x90%7C320x50%7C468x60%7C320x100&fluid=height&ifi=8&adks=439780683&sfv=1-0-38&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D7089884492293115%26eid%3D7089884492293115%26t%3D134%26d%3D205805%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26as%3Drevenue%26plat%3D1%26bra%3Dmod19-c%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dtheinterview_top-medrectangle-1-7089884492293115%26eb_br%3D9ae587f95e95c876b7b76fd4c72a3838%26eba%3D1%26ebss%3D10061%26bv%3D15%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D180%26br2%3D300%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C2339%2C3430%2C3458%2C3460%2C3682%2C3683%2C3933%2C4185%2C4186%2C3676%2C2310%2C2764%2C2765%2C3054%2C3455%2C3456%2C3457%2C3684%2C4184%2C20%2C2310%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3455%2C3456%2C3457%2C3684%2C4184%2C835%26lb%3D300%26reqt%3D1666771440442&eri=1&sc=1&cookie=ID%3D4157b19aeadbdaa4%3AT%3D1666771436%3AS%3DALNI_Mbw5gNDHtKH3ETDFZ8JreS-06hTvg&gpic=UID%3D00000b787bb22bdb%3AT%3D1666771436%3ART%3D1666771436%3AS%3DALNI_MaVxJFiY56BSu-spinfTgOXDEtdyw&abxe=1&dt=1666771441461&lmt=1666735762&dlt=1666771435815&idt=324&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftheinterview.top%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=1926362817.1666771436&ga_sid=1666771436&ga_hid=1433797178&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-5HHmsEwSABSAghkEhkKCnB1YmNpZC5vcmcYwZbHmsEwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPuRx5rBMEgAUgIIZBLCAQoIcnRiaG91c2USrAFFeXZMcmlwbUxXcVNOeG5Tb0JiTVFWUTVBMTJlTkRFYjlkYW5IeDdLelN3QlJjZUY0QitNMDFLWWZodGU2aEhjazZCL3pWTWJFR01tdEpMd3NYUWFaeEY1SWwvZTRPN0NBRnNyL2NEdXVqWkZoS1JKcmZHSlM5cXBORTdndktkeGJvakZ6WVFUT2QrQ0VCUmdnZnhlNS9jdDNvVUR1bjdUcXVCZVBqTDVvbjg9GP6Ux5rBMEgAEj4KBW9wZW54EixleUpwSWpvaVFVSnZiMU0yY2xsVFUyMXVVVkpqZEN0VFUzWXlVVDA5SW4wPRj4lceawTBIABIZCgp1aWRhcGkuY29tGKCVx5rBMEgAUgIIbxIbCgxpZDUtc3luYy5jb20YmJTHmsEwSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

538ec062f09fcbfdac97cbf4972796367ee75cb5dc07a974956b46fe5537e122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 402
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://theinterview.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 143B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9

35 B
467 B

47ms
47ms

Document
image/gif

37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Wed, 26 Oct 2022 08:04:01 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Wed, 26 Oct 2022 08:04:01 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7D12
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7753244243191347369

0
0

37ms
36ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7753244243191347369
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 08:04:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7753244243191347369
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET img
sync.mathtag.com/sync/ Frame 661E 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 74E0
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
245 B

113ms
34ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 26 Oct 2022 08:04:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 08:04:00 GMT
expires: Wed, 26 Oct 2022 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 2000100
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8950
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4976083974368326627&gdpr=0&gdpr_consent=

42 B
448 B

121ms
34ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4976083974368326627&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 26 Oct 2022 08:04:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: b3f42cd6-0180-48ae-8d1a-c297b76efb11
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Oct 2022 08:04:01 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4976083974368326627&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET

dcm
aax-eu.amazon-adsystem.com/s/ Frame 7733
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9&redir=true&gdpr=0&gdpr_consent=&dcc=t

0
0

GET
H2 200 setuid Show response
pb-server.ezoic.com/ Frame F24F 0
354 B 41ms
40ms Document
text/html 3.67.250.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.250.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-250-232.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html
date: Wed, 26 Oct 2022 08:04:01 GMT
expires: 0
pragma: no-cache
vary: Origin

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 978E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6NHs4O7VRD-hov3AFLqh6Q%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

42ms
42ms

Image
text/html

88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=104695
accept-ranges: bytes
content-length: 5549
expires: Thu, 27 Oct 2022 13:08:56 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET img
sync.mathtag.com/sync/ Frame 978E 0
0

GET /
pixel.onaudience.com/ Frame 978E 0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 978E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RThEMUVDRTAtRUVENS00NDNGLUExQTItRkRDMDE0QkFBMUU5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

105ms
34ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 26 Oct 2022 08:04:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 978E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEETBj4OB6vioYeCfGewUww8&google_cver=1

42 B
299 B

105ms
34ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEETBj4OB6vioYeCfGewUww8&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 26 Oct 2022 08:04:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEETBj4OB6vioYeCfGewUww8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 978E 43 B
610 B 128ms
37ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 25 Oct 2022 08:04:01 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 978E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6866250229661616286

42 B
297 B

113ms
34ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6866250229661616286
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 26 Oct 2022 08:04:00 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6866250229661616286
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 978E 70 B
265 B 127ms
39ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ACB2 43 B
215 B 128ms
128ms Image
image/gif 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1132697&asId=99885c26-b48e-35c3-45e0-c085d380f567&tv=%7Bc:s8qtUC,time:643,type:e,im:%7Bpci:%7Btdr:554%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:643,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B635~0%5D,as:%5B635~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:522,fm:tlm36wn+11%7C1211%7C1212%7C13%7C14%7C15*.1132697-64943729%7C151%7C1521%7C16.1132697-64943729%7C161%7C1621,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:21,sis:301%7D&br=c
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 02E0 43 B
215 B 128ms
128ms Image
image/gif 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1132697&asId=26d38a74-90bc-4c6e-bae2-d5668776c063&tv=%7Bc:s8qtUD,time:601,type:e,im:%7Bpci:%7Btdr:518%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:601,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B595~0%5D,as:%5B595~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:516,fm:tlm36wn+11%7C1211%7C1212%7C13%7C14%7C15.1132697-64943729%7C151%7C1521%7C153%7C16*.1132697-64943729%7C161%7C1621,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:293%7D&br=c
Requested by: Host: cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
URL: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 08:04:01 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 hooks.min.js Show response
theinterview.top/wp-includes/js/dist/ 7 KB
2 KB 61ms
60ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/wp-includes/js/dist/hooks.min.js?screx=1&sxcb=1a&ver=d0188aa6c336f8bb426fe5318b7f5b72
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: fcc650dabdeef66e791d2159bddf7e6ec415841c265e2e121bfdf8da9f898837

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 UTC
content-encoding: br
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
display: staticcontent_sol
x-origin-cache-control: public, max-age=31536000,public
x-ez-proxy-out: true 2.3
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;mm;933d7c1651c6b8ddd2ad7a271492d6a1;2-205805-7;19262cf0-86c2-4182-49ad-e72d12412169
content-type: application/javascript; charset=UTF-8
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000,public
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H3 200 Cisco_Bridge_logo_navy.svg.js Show response
s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/ Frame C459 7 KB
2 KB 41ms
40ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/Cisco_Bridge_logo_navy.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c7b07d3bfa51ec472f13dc7c6a28d067818b60a7cc1487630e44555f11c532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 08:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2441
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:31:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 08:31:51 GMT

GET
H3 200 HYBRID-CLOUD-SOLUTIONS-TOFU_illo_2.svg.js Show response
s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/ Frame C459 6 KB
2 KB 42ms
42ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/HYBRID-CLOUD-SOLUTIONS-TOFU_illo_2.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8b213069fba78b53ed1607644056bd85bcc294b2fb83ed79614763690fa251c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 08:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2354
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:31:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 08:31:51 GMT

GET
H3 200 Intel_CloudReady_navy.svg.js Show response
s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/ Frame C459 16 KB
5 KB 43ms
43ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/Intel_CloudReady_navy.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39766936450d6b0bf336df78e7f5af5c44186d27bf4fcabe8c61d47e3d28ad94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7997547303175815991/GLBL-ENG_CC-01_1_728x90_BAN-A_HTML5_TOFU-no-Cloud-HCLaunch-solutionspage-OptA-Cloud_otrdnc029307_50/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 06:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180159
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4940
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:31:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 06:01:22 GMT

POST sr
capi-tier-1-us-east-2.connatix.com/tr/ Frame E04A 0
0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd2cee9520cf71fabdd3743f57756003bcdb47ef6461c2d06768210027aae9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27345
x-xss-protection: 0
server: sffe
etag: "1374 / 554 of 1000 / last-modified: 1666747876"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Oct 2022 08:04:01 GMT

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame E04A 0
0

POST g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame E04A 0
0

GET 287146
search.spotxchange.com/vast/2.0/ Frame E04A 0
0

GET
H2 200 elements.ui.3c38cc5f251a46e1e9db.js Show response
cds.connatix.com/p/193450/ Frame E04A 56 KB
13 KB 28ms
28ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/193450/elements.ui.3c38cc5f251a46e1e9db.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bf9df56725eb15488085fffb0a24d4edee7e1a6fe321fa3734865c15f868cdc9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 06:54:02 GMT
age: 3982
etag: "67ee86efd44e93a1ecec0828f44de742"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 13604

GET
H2 200 i18n.min.js Show response
theinterview.top/wp-includes/js/dist/ 10 KB
4 KB 78ms
78ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/wp-includes/js/dist/i18n.min.js?screx=1&sxcb=1a&ver=6ae7d829c963a7d8856558f3f9b32b43
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: LiteSpeed /
Resource Hash: 584d623ec3125bfc106a88a57bfccb15faf6ec72547191f81b894612ad910cc1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 UTC
content-encoding: br
response: 200
last-modified: Mon, 24 Oct 2022 21:48:46 GMT
server: LiteSpeed
display: staticcontent_sol
x-origin-cache-control: public, max-age=31536000,public
x-ez-proxy-out: true 2.3
vary: Accept-Encoding,User-Agent,Origin
x-ezoic-cdn: Hit ds;mm;dc72e57d895e83ef920d08e0b066b39e;2-205805-7;0a34fb69-d59d-4bc2-4fd7-1e5c80ac1fe1
content-type: application/javascript; charset=UTF-8
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000,public
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H3 200 CiscoLogo_dkblue.svg.js
s0.2mdn.net/sadbundle/11228725504373706873/GLBL-ENG_CC-01_0_728x90_BAN-A_HTML5_TOFU-no-CloudNetworking-NexusCloud-Networking_otrdnc029639_105/ Frame 17B0 7 KB
0 41ms
40ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11228725504373706873/GLBL-ENG_CC-01_0_728x90_BAN-A_HTML5_TOFU-no-CloudNetworking-NexusCloud-Networking_otrdnc029639_105/CiscoLogo_dkblue.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11228725504373706873/GLBL-ENG_CC-01_0_728x90_BAN-A_HTML5_TOFU-no-CloudNetworking-NexusCloud-Networking_otrdnc029639_105/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11228725504373706873/GLBL-ENG_CC-01_0_728x90_BAN-A_HTML5_TOFU-no-CloudNetworking-NexusCloud-Networking_otrdnc029639_105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 07:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175693
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2329
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:51:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 07:15:48 GMT

GET
H3 200 computer2.svg.js
s0.2mdn.net/sadbundle/11228725504373706873/GLBL-ENG_CC-01_0_728x90_BAN-A_HTML5_TOFU-no-CloudNetworking-NexusCloud-Networking_otrdnc029639_105/ Frame 17B0 114 KB
0 42ms
41ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11228725504373706873/GLBL-ENG_CC-01_0_728x90_BAN-A_HTML5_TOFU-no-CloudNetworking-NexusCloud-Networking_otrdnc029639_105/computer2.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11228725504373706873/GLBL-ENG_CC-01_0_728x90_BAN-A_HTML5_TOFU-no-CloudNetworking-NexusCloud-Networking_otrdnc029639_105/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11228725504373706873/GLBL-ENG_CC-01_0_728x90_BAN-A_HTML5_TOFU-no-CloudNetworking-NexusCloud-Networking_otrdnc029639_105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 10:23:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164458
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:51:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 10:23:03 GMT

GET
DATA 200
OK truncated
/ Frame C459 11 KB
11 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d0ebd01b192ec24580cead2980021bf75da808a75efb7898bd7d23ada8d81e4

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 300 KB
85 KB 97ms
41ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=84083188af3f6dd9df8d05d4bb66e676

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a3379ce6c4b46db67fff77511c1976ce08011e973ce3c7e479277bbf11f23ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://theinterview.top/
Origin: https://theinterview.top
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 08:04:01 GMT
content-md5: Bb3kVAr1ewuwYQp3+uCXHA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86938
x-fb-rlafr: 0
x-fb-debug: lpPi6c24/3+NxDkurFk0DT+MNzdDUXjKCgTQ9wmoyuhSW9D98rUx2s52pSe+qP7ZjhiUeOHut0wkODaT25C3FQ==
x-fb-content-md5: 35588121010f1c49f7112635f3c72f50
cross-origin-opener-policy: same-origin-allow-popups
etag: "a5573d14814e534d0420a60cbe5b9e4b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 Oct 2023 06:50:13 GMT

POST view
googleads4.g.doubleclick.net/pcs/ Frame 02E0 0
0

GET
H2 200 5.png
img.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/dceed97a-951e-4c47-b565-c2794ffae817/ 5 KB
5 KB 107ms
28ms Image
image/png 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/dceed97a-951e-4c47-b565-c2794ffae817/5.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a525824d7672e22ce39795da065ac4ef98058bebc829124c84b7bb67e4243029

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
content-encoding: br
age: 2499871
etag: "fmlDRGfF0aX0wIPnGratuBUAst2K6uF4d1g/EIJbAwU"
access-control-max-age: 86400
content-type: image/png
fastly-io-info: ifsz=5795 idim=59x61 ifmt=png ofsz=5076 odim=59x61 ofmt=png
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-length: 5081

POST view
googleads4.g.doubleclick.net/pcs/ Frame ACB2 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame ACB2 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 02E0 0
0

POST iev
csm.fr.eu.criteo.net/ Frame 488E 0
0

GET
H2 200 prebid7.17.0-3.js Show response
cds.connatix.com/p/plugins/ 500 KB
136 KB 29ms
28ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/plugins/prebid7.17.0-3.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 266a8361ba239ddebd0d2a46cacad5200d9224ca1fd819a38ffc2c2e96ced681

Request headers

Referer: https://theinterview.top/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 26 Oct 2022 08:04:01 GMT
content-encoding: br
last-modified: Mon, 03 Oct 2022 13:29:06 GMT
age: 1967539
etag: "fb416f8b0dd4327f96a1627312a1e3bc"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 139245

GET
H2 204 army.gif Show response
theinterview.top/porpoiseant/ 0
61 B 71ms
71ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzU3ODU3OTg3ODI2MDU4NSIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWludGVydmlld190b3AtYm94LTItMCIsInRfZXBvY2giOjE2NjY3NzE0MzQsImFkX3Bvc2l0aW9uIjoxMTQwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils3MjgsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzNTc4NTc5ODc4MjYwNTg1IiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidW5pdCI6ImRpdi1ncHQtYWQtdGhlaW50ZXJ2aWV3X3RvcC1ib3gtMi0wIiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiYWRfcG9zaXRpb24iOjExNDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzNTc4NTc5ODc4MjYwNTg1IiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidW5pdCI6ImRpdi1ncHQtYWQtdGhlaW50ZXJ2aWV3X3RvcC1ib3gtMi0wIiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiYWRfcG9zaXRpb24iOjExNDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:04:02 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:04:02 GMT

POST
H2 204 army.gif
theinterview.top/porpoiseant/ 0
103 B 46ms
45ms Ping
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ0MjcwNTI4MjI5ODY0NyIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWludGVydmlld190b3AtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NjY3NzE0MzQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils3MjgsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDQyNzA1MjgyMjk4NjQ3IiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidW5pdCI6ImRpdi1ncHQtYWQtdGhlaW50ZXJ2aWV3X3RvcC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDQyNzA1MjgyMjk4NjQ3IiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidW5pdCI6ImRpdi1ncHQtYWQtdGhlaW50ZXJ2aWV3X3RvcC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://theinterview.top
x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:04:01 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:04:01 GMT

POST
H2 204 army.gif
theinterview.top/porpoiseant/ 0
16 B 43ms
41ms Ping
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://theinterview.top/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ0MjcwNTI4MjI5ODY0NyIsImRvbWFpbl9pZCI6IjIwNTgwNSIsInVuaXQiOiJkaXYtZ3B0LWFkLXRoZWludGVydmlld190b3AtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NjY3NzE0MzQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiR0IiLCJwYWdldmlld19pZCI6IjcwZWJhZGMxLWQwNGItNDY4Zi02ZDUyLWJmNWQxMTUwMzNlZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzNTc4NTc5ODc4MjYwNTg1IiwiZG9tYWluX2lkIjoiMjA1ODA1IiwidW5pdCI6ImRpdi1ncHQtYWQtdGhlaW50ZXJ2aWV3X3RvcC1ib3gtMi0wIiwidF9lcG9jaCI6MTY2Njc3MTQzNCwiYWRfcG9zaXRpb24iOjExNDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJHQiIsInBhZ2V2aWV3X2lkIjoiNzBlYmFkYzEtZDA0Yi00NjhmLTZkNTItYmY1ZDExNTAzM2VkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjcwODk4ODQ0OTIyOTMxMTUiLCJkb21haW5faWQiOiIyMDU4MDUiLCJ1bml0IjoiZGl2LWdwdC1hZC10aGVpbnRlcnZpZXdfdG9wLW1lZHJlY3RhbmdsZS0xLTAiLCJ0X2Vwb2NoIjoxNjY2NzcxNDM0LCJhZF9wb3NpdGlvbiI6MTExNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkdCIiwicGFnZXZpZXdfaWQiOiI3MGViYWRjMS1kMDRiLTQ2OGYtNmQ1Mi1iZjVkMTE1MDMzZWQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: theinterview.top
URL: https://theinterview.top/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y1d-1y20-2y21-3y22-4y23-5y2f-4y57-2y5b-22y62-1&cmbcb=115&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x21x22x23x2fx57x5bx62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: https://theinterview.top
x-middleton-display: ezp_sol
date: Wed, 26 Oct 2022 08:04:02 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Tue, 25 Oct 2022 08:04:02 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=theinterview.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 58ms
57ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=theinterview.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://theinterview.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET 0
prebid.a-mo.net/cchain/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: id5-sync.com
URL: https://id5-sync.com/api/esp/increment?counter=no-config

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEyJhSqIExJf8e74ElEl3sU&google_cver=1&google_push=AZmPxg8XBNg57Um7_nap2GfjWY1fcC-7PiNPAl5R-rjQSODnefOOTNEFFMmbgx_rSaKfb0V-XzyPJymZ9jHHakwLgUb9XdNZgjw

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEHrXA1GbuAM-myPHs7pdqbg&google_cver=1&google_push=AZmPxg9McYeKCGnApblFOq2QacbX5tv1zrV6cnotXQys9FFG4bmyG4orWXkQDmJSFobBxZbgZ3dVPcG8Z3YKoBCfLT9AMnMvKMbHBg

Domain: sync.mathtag.com
URL: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9&redir=true&gdpr=0&gdpr_consent=&dcc=t

Domain: sync.mathtag.com
URL: https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D

Domain: pixel.onaudience.com
URL: https://pixel.onaudience.com/?partner=214&mapped=E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9

Domain: capi-tier-1-us-east-2.connatix.com
URL: https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=193450&cid=5f049401-746e-4449-8c27-b6b9d8e25882

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: capi-tier-1-us-east-2.connatix.com
URL: https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=193450&cid=5f049401-746e-4449-8c27-b6b9d8e25882

Domain: search.spotxchange.com
URL: https://search.spotxchange.com/vast/2.0/287146?VPAID=js&content_page_url=theinterview.top%2F&cb=32f6738f-02ee-4563-9211-01e4bb0c7145&player_width=400&player_height=225&schain=1.0,1!connatix.com,985704552967867,1,,,,&us_privacy=%5Bus_privacy%5D&gdpr=1&gdpr_consent=0

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAUcpxSA5lFsZttJI0F8yLH2Tnh3vDoP2xTAupP4edibGhxggFLVf5rp0HHBUX3eMM2bYp-tykSmLvuRJRvsDknr2txqjOx4pHTSg3h42k3zu3CtYqdoa2pJ5_P-okHogBp2kxnZ09I2FutMojbDYJlFqjcogwjz5mV8DjNzXAGdGIwnv_brkWBjNj7D3a6oX7haHQwYjO9Ed-&sai=AMfl-YQeNUvgmNBYlE3d0Edgsp9yRmCQuY2EG7EWpNVze6Uzfe1iFOPu8he3DJCZjuE1q_lIW6xfLhRDonY38ucovynzvGVwxG5ZUCcyH6vgSLBnRQ170JlLt2cVN14Z2e0eFBZ44_A9V0gUblcM8MArSOM2c8TE&sig=Cg0ArKJSzF4fDjq_jE-DEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=522&vt=11&dtpt=269&dett=3&cstd=251&cisv=r20221020.41923&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-9mA-dGuot5uTVaZe3HUhGkOrB98HzrID7zK1OT427zFv6cqnGPCsp2DC3QvnJhlO5-BP8Z0i4bBDLZaNDEgWlbQa5GHX6-rtjDrAJ0zM1wmEohDgIK7s7aQl2dTY1cwJaPpKhxDBiG5iYqU0XEjP4hCmLDOQX57cGibu-Gw5nzkARa38oYben6ru_XlWg88i7t1XRpqSKAmj&sai=AMfl-YSSwOn30AoUWAB4vF2gPyYHN3jO7UT0sWWgeYN7Yn8hDnqw44756nUg4zwkE7C_6meVC4cR0vOuUskYUnRzXKRiUTPw1bWMpCICW8UoY4hc5NsTafdm-s2z2NWXdCy0UMYA10ociZYystcMRGlrLGQAGgAz&sig=Cg0ArKJSzFHjLzJh85YhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=625&vt=11&dtpt=342&dett=4&cstd=281&cisv=r20221020.34858&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvPb3_cGsAFNIJ4b6NEGjB97hv_U0VYQ3kJIGI6y3RnxMfsZHqml7SgdbbK-JvXzhHA8_NJsufIrVUiSmiBJ5eEbFiSH8GUSZa-uQIsjCEgG_c6BjFKLFhYmaMLAnKjUc2IA5NlA&sai=AMfl-YTsFBipnfgx68HzPqzCWnT1YpofdY_-8W12rxAKPInhcQK-_MHr8e-YWIj3Nz8qBgYLtsi5AFFUPVsszNErowH-SQzJL0H3zaRiYmgd0oLrwcSuQDFpAyBlNlxgrw&sig=Cg0ArKJSzJKSj-KJC6FiEAE&cid=CAASJORoz7ecl5rOlBZkWKL1-8b2eyLIBViqLal2ju3IhhJQNozdvg&id=lidartos&mcvt=533&p=337,436,427,1164&mtos=533,533,533,533,533&tos=533,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1206242009&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1666771440419&rpt=822&isd=0&lsd=0&ec=0&met=ce&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbgGLLqh64cjRN6KgJ1NvNEriaL7jb01Ifcp5OwxiKx_tuQE_G9wgRDdpxKsgoRmw6kxL5FQ1mUqx8zgY9EVz-S7Y1oOdz7QpwIA41K4mLN-ncH8jlR7bAuKKEqQ5tiXuMWxyPxQ&sai=AMfl-YRC6xbox0Qb_OIwSw_-jktnImqzAKIkpFEo5v7oO_CgjcAAzsSbbBaUqWz4A6GSH-Ts2ai67Vf8JAovC0X76XDfymkRp588XXGZIviZ2FNbzzxo1H4Gq0ewOcQkJA&sig=Cg0ArKJSzNK3didPm5aNEAE&cid=CAASJORooBQSoGshp-BAgbY_SCn19g9bUo27cEJPuZ7-X6GkH8intQ&id=lidartos&mcvt=497&p=1110,436,1200,1164&mtos=497,497,497,497,497&tos=497,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1654379291&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1666771440435&rpt=838&isd=0&lsd=0&ec=0&met=ce&wmsd=0

Domain: csm.fr.eu.criteo.net
URL: https://csm.fr.eu.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~193

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3126539588222323&correlator=2594894009866155&eid=31070110%2C31069564&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=1254144%3A22490338074%2Ctheinterview_top-medrectangle-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C125x125%7C300x250%7C120x240%7C970x90%7C970x250%7C200x200%7C180x150%7C234x60%7C728x90%7C320x50%7C468x60%7C320x100&fluid=height&ifi=9&adks=439780683&sfv=1-0-38&ris=1&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D7089884492293115%26eid%3D7089884492293115%26t%3D134%26d%3D205805%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26as%3Drevenue%26plat%3D1%26bra%3Dmod19-c%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D4%26al%3D1004%26compid%3D0%26tap%3Dtheinterview_top-medrectangle-1-7089884492293115%26eb_br%3Ddfa60cee6e1053fc0c9e607c8047bd28%26eba%3D1%26ebss%3D10061%26bv%3D15%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D80%26br2%3D300%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C2339%2C3430%2C3458%2C3460%2C3682%2C3683%2C3933%2C4185%2C4186%2C3676%2C2310%2C2764%2C2765%2C3054%2C3455%2C3456%2C3457%2C3684%2C4184%2C20%2C2310%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3455%2C3456%2C3457%2C3684%2C4184%2C835%2C17%2C19%2C20%2C2310%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3455%2C3456%2C3457%2C3684%2C4184%2C835%26lb%3D180%26reqt%3D1666771442136&eri=1&sc=1&cookie=ID%3D4157b19aeadbdaa4%3AT%3D1666771436%3AS%3DALNI_Mbw5gNDHtKH3ETDFZ8JreS-06hTvg&gpic=UID%3D00000b787bb22bdb%3AT%3D1666771436%3ART%3D1666771436%3AS%3DALNI_MaVxJFiY56BSu-spinfTgOXDEtdyw&abxe=1&dt=1666771442145&lmt=1666735762&dlt=1666771435815&idt=324&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftheinterview.top%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1926362817.1666771436&ga_sid=1666771436&ga_hid=1433797178&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-5HHmsEwSABSAghkEhkKCnB1YmNpZC5vcmcYwZbHmsEwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPuRx5rBMEgAUgIIZBLCAQoIcnRiaG91c2USrAFFeXZMcmlwbUxXcVNOeG5Tb0JiTVFWUTVBMTJlTkRFYjlkYW5IeDdLelN3QlJjZUY0QitNMDFLWWZodGU2aEhjazZCL3pWTWJFR01tdEpMd3NYUWFaeEY1SWwvZTRPN0NBRnNyL2NEdXVqWkZoS1JKcmZHSlM5cXBORTdndktkeGJvakZ6WVFUT2QrQ0VCUmdnZnhlNS9jdDNvVUR1bjdUcXVCZVBqTDVvbjg9GP6Ux5rBMEgAEj4KBW9wZW54EixleUpwSWpvaVFVSnZiMU0yY2xsVFUyMXVVVkpqZEN0VFUzWXlVVDA5SW4wPRj4lceawTBIABIZCgp1aWRhcGkuY29tGKCVx5rBMEgAUgIIbxIbCgxpZDUtc3luYy5jb20YmJTHmsEwSABSAghq

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D

Verdicts & Comments Add Verdict or Comment

362 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theinterview.top/	1970-01-20 06:59:33	Name: ezoadgid_205805 Value: -1
.theinterview.top/	1970-01-20 06:59:38	Name: ezoref_205805 Value:
.theinterview.top/	1970-01-20 15:45:07	Name: ezosuibasgeneris-1 Value: a3a30161-8b5f-4a85-6c49-b7c215fca2a5
.theinterview.top/	1970-01-20 06:59:38	Name: ezoab_205805 Value: mod19-c
.theinterview.top/	1970-01-20 06:59:33	Name: ezopvc_205805 Value: 1
.theinterview.top/	1970-01-20 07:00:57	Name: ezepvv Value: 535
.theinterview.top/	1970-01-20 06:59:33	Name: ezovid_205805 Value: 4736171
.theinterview.top/	1970-01-20 06:59:33	Name: lp_205805 Value: https://theinterview.top/
.theinterview.top/	1970-01-20 07:02:24	Name: ezovuuidtime_205805 Value: 1666771435
.theinterview.top/	1970-01-20 06:59:33	Name: ezovuuid_205805 Value: 6ee19eea-873e-4e9d-674b-5088451a45d2
theinterview.top/	1970-01-20 16:35:31	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
theinterview.top/	1970-01-20 16:35:31	Name: ezohw Value: w%3D1600%2Ch%3D1200
.theinterview.top/	1970-01-20 07:02:24	Name: active_template::205805 Value: pub_site.1666771435
.theinterview.top/	1970-01-20 16:35:31	Name: _ga Value: GA1.2.1926362817.1666771436
.theinterview.top/	1970-01-20 07:00:57	Name: _gid Value: GA1.2.988797340.1666771436
.theinterview.top/	1970-01-20 06:59:31	Name: _gat Value: 1
.quantserve.com/	1970-01-20 16:29:45	Name: mc Value: 6358e9ec-b3a20-56993-53095
.theinterview.top/	1970-01-20 16:24:00	Name: __qca Value: P0-1269558372-1666771436690
theinterview.top/	1970-01-20 15:45:07	Name: ezux_lpl_205805 Value: 1666771437103\|70ebadc1-d04b-468f-6d52-bf5d115033ed\|false
theinterview.top/	1970-01-20 16:29:45	Name: __atuvc Value: 1%7C43
theinterview.top/	1970-01-20 06:59:33	Name: __atuvs Value: 6358e9ec83d6bebc000
.addthis.com/	1970-01-20 16:29:45	Name: uvc Value: 1%7C43
.addthis.com/	1970-01-20 16:29:45	Name: loc Value: MDAwMDBFVUdCMDAyMzE0MTc4NzA0NTAwMDBDSA==
.theinterview.top/	1970-01-20 16:21:07	Name: __gpi Value: UID=00000b787bb22bdb:T=1666771436:RT=1666771436:S=ALNI_MaVxJFiY56BSu-spinfTgOXDEtdyw
.openx.net/	1970-01-20 15:45:07	Name: i Value: 001a284b-aad8-4929-a741-172df924afd9\|1666771438
.criteo.com/	1970-01-20 16:21:07	Name: uid Value: a8d30b8e-7a2b-4b55-a5cf-115243c18f9c
.theinterview.top/	1970-01-20 16:21:07	Name: cto_bundle Value: 5eodyF96ODluQ1ZrV2clMkYzS2VkcGI1UUphVTA1T21OUzVUSGtRcjMwVlJ0ejQwdFNJJTJCZFpncGxBZFFoT3VjRWRFTFhLbWpkZXlDT2E3WHZCRFJHMk9KNyUyQkVKa0JPSkRaMm9LQ09PREdLQU9qMU9WSFVoR2UzYVAwYU00bDhIayUyQm1WJTJGWlQzUjFjVHRXJTJCU2t5bzlDOU9zUjBzV28lMkI0JTJCak1PU1RHMzVtJTJCeU0lMkZLJTJCQ0JjJTNE
.doubleclick.net/	1970-01-20 06:59:35	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 16:21:07	Name: IDE Value: AHWqTUnBbXa7oQk_EVjSgVgS7eUIbk7MaA6h-XmNo0nSkQh_8h69z9IfJu2d0yNw
.theinterview.top/	1970-01-20 16:21:07	Name: __gads Value: ID=4157b19aeadbdaa4:T=1666771436:S=ALNI_Mbw5gNDHtKH3ETDFZ8JreS-06hTvg
theinterview.top/	1969-12-31 23:59:59	Name: ezouspvh Value: 350
theinterview.top/	1969-12-31 23:59:59	Name: ezouspvv Value: 1000
theinterview.top/	1969-12-31 23:59:59	Name: ezouspva Value: 3
.adnxs.com/	1970-01-20 09:09:07	Name: uuid2 Value: 4976083974368326627
.adnxs.com/	1970-01-20 09:09:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il]vA4VP!]tbPl1M>e)ZlrFUfJ+tGXxoPFU<)EI2FJ<[Q?fsG44]@K`S`lNa`(fS*^cm3If)y3KL9D3I?+O8<QbN
.casalemedia.com/	1970-01-20 09:09:07	Name: CMPS Value: 1201
.casalemedia.com/	1970-01-20 09:09:07	Name: CMPRO Value: 1201
.casalemedia.com/	1970-01-20 15:45:07	Name: CMID Value: Y1jp8C-4cPFSGnwwl3DmoQAA
theinterview.top/	1970-01-20 07:42:43	Name: _pbjs_userid_consent_data Value: 3524755945110770
.theinterview.top/	1970-01-20 15:45:07	Name: _sharedid Value: d158ee0f-18af-444b-8e1a-41bd8dc640c0
.casalemedia.com/	1970-01-20 09:09:07	Name: CMTS Value: 5243
.ctnsnet.com/	1970-01-20 15:45:07	Name: cid_13060f5205d94843b2c798d212357196 Value: 1
.ctnsnet.com/	1970-01-20 15:45:07	Name: gid_CAESEEJURvNhmqd4EJkc2LtNrzQ Value: 1
.adsby.bidtheatre.com/	1970-01-20 07:09:36	Name: __kuid Value: b89feefc-1124-4ae8-92b2-bd53424c4872.435985441
.pubmatic.com/	1970-01-20 09:09:07	Name: KADUSERCOOKIE Value: E8D1ECE0-EED5-443F-A1A2-FDC014BAA1E9
.pubmatic.com/	1970-01-20 09:09:07	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 09:09:07	Name: DPSync3 Value: 1667952000%3A197_219_201%7C1666828800%3A174
.pubmatic.com/	1970-01-20 09:09:07	Name: SyncRTB3 Value: 1667952000%3A56_54_220_161_7_251_21_13_3%7C1668038400%3A35
.uuidksinc.net/	1970-01-20 15:45:07	Name: jcsuuid Value: L8P49gEpBj8pWPXEZx6C
.media.net/	1970-01-20 15:45:07	Name: visitor-id Value: 3097730415011793000V10
.media.net/	1970-01-20 07:19:41	Name: data-g Value: CAESELYVfG0WtP0WEPp-HwuuOiQ~~3
.adform.net/	1970-01-20 07:44:09	Name: C Value: 1
.yahoo.com/	1970-01-20 15:45:29	Name: A3 Value: d=AQABBPHpWGMCEHuLFkw8g-5z_6kJZznYuvAFEgEBAQE7WmNiYwAAAAAA_eMAAA&S=AQAAAjMBhT4mazTwRBY6usF1t-4
.everesttech.net/	1970-01-20 15:45:07	Name: everest_g_v2 Value: g_surferid~Y1jp8QAAATXmWgAO
pb-server.ezoic.com/	1970-01-20 09:09:07	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJwdWJtYXRpYyI6eyJ1aWQiOiJFOEQxRUNFMC1FRUQ1LTQ0M0YtQTFBMi1GREMwMTRCQUExRTkiLCJleHBpcmVzIjoiMjAyMi0xMS0wOVQwODowNDowMS40OTM2NjQ2NTlaIn19LCJiZGF5IjoiMjAyMi0xMC0yNlQwODowNDowMS40OTM2NTgyMTNaIn0=
.w55c.net/	1970-01-20 16:29:45	Name: wfivefivec Value: 1sJsmek91ONBol5
.adform.net/	1970-01-20 08:25:55	Name: uid Value: 6866250229661616286
.contextweb.com/	1970-01-20 15:37:55	Name: V Value: 6WSO0sVLRIWn
.w55c.net/	1970-01-20 07:42:43	Name: matchgoogle Value: 5
.simpli.fi/	1970-01-20 15:46:33	Name: suid Value: 7A05665C6DBC4E04A33BB08496A09245
.pubmatic.com/	1970-01-20 07:42:43	Name: KRTBCOOKIE_57 Value: 22776-4976083974368326627&KRTB&23339-4976083974368326627
.pubmatic.com/	1970-01-20 07:42:43	Name: PugT Value: 1666771440
.pubmatic.com/	1970-01-20 07:42:43	Name: KRTBCOOKIE_80 Value: 22987-CAESEETBj4OB6vioYeCfGewUww8&KRTB&16514-CAESEETBj4OB6vioYeCfGewUww8&KRTB&23025-CAESEETBj4OB6vioYeCfGewUww8&KRTB&23386-CAESEETBj4OB6vioYeCfGewUww8
.de17a.com/	1970-01-20 15:37:55	Name: guid Value: 1.7753244243191347369
fksnk.com/	1970-01-20 07:09:36	Name: AWSALBCORS Value: UkZCucIp5/R9o8UlxuvPp+QUi1Mi0RRXxD7HEFh72JNprG8NO4WQIS7NcgCSYK0X4zxgkUlMB+IDePtv/l76ETr30oBK2Zps8ShEKolm4BXpbK5EMcGcJ4wdJ5l1
.fksnk.com/	1970-01-20 09:09:07	Name: f_001 Value: D8B3C18709452C38
.fksnk.com/	1970-01-20 07:00:57	Name: g_001 Value: 1
.amazon-adsystem.com/	1970-01-20 12:56:38	Name: ad-id Value: A2SJ_9vJoEPnqPN5vKeYKho\|t
.pubmatic.com/	1970-01-20 07:42:43	Name: KRTBCOOKIE_391 Value: 22924-6866250229661616286&KRTB&23263-6866250229661616286
sync.srv.stackadapt.com/	1970-01-20 15:45:07	Name: sa-user-id Value: s%3A0-22e0747d-f1c0-406d-4deb-90f09de6e851.LWPtksIHaf7CRxkWO9tANudZx9O4eSbnAA4M686NsGE
.srv.stackadapt.com/	1970-01-20 15:45:07	Name: sa-user-id-v2 Value: s%3AIuB0ffHAQG1N65DwneboUdmKxGU.xYc%2FjszMUjc06S21EOa53r22oT%2FXWdQuV8NLfYqVM%2Fo
.onaudience.com/	1970-01-20 15:45:07	Name: cookie Value: f0afd2952d3d6e16
.onaudience.com/	1970-01-20 07:00:57	Name: done_redirects161 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id5-sync.com/api/esp/increment?counter=no-config Message: Failed to load resource: net::ERR_CONNECTION_RESET
javascript	warning	URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid7.17.0-3.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid7.17.0-3.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
b1sync.zemanta.com
basher.ezodn.com
bcp.crwdcntrl.net
bid.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
btlr.sharethrough.com
c.eu1.dyntrk.com
c1.adform.net
c2shb.ssp.yahoo.com
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cbac0eab2d87096b99fe548e4000f1c8.safeframe.googlesyndication.com
cd.connatix.com
cdn.id5-sync.com
cds.connatix.com
cm.g.doubleclick.net
connect.facebook.net
cs.media.net
csm.fr.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
esp.rtbhouse.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
go.ezodn.com
go.ezoic.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
ib.adnxs.com
id.sharedid.org
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
invstatic101.creativecdn.com
m.addthis.com
match.adsby.bidtheatre.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pb-server.ezoic.com
pixel.onaudience.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.smilewanted.com
prod.uidapi.com
rules.quantcount.com
s.uuidksinc.net
s0.2mdn.net
s7.addthis.com
search.spotxchange.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.adsafeprotected.com
static.criteo.net
sync-tm.everesttech.net
sync.mathtag.com
sync.srv.stackadapt.com
tags.crwdcntrl.net
theinterview.top
tpc.googlesyndication.com
um.simpli.fi
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
aax-eu.amazon-adsystem.com
b1sync.zemanta.com
capi-tier-1-us-east-2.connatix.com
csm.fr.eu.criteo.net
googleads4.g.doubleclick.net
id5-sync.com
imasdk.googleapis.com
pagead2.googlesyndication.com
pixel.onaudience.com
prebid.a-mo.net
s7.addthis.com
search.spotxchange.com
securepubads.g.doubleclick.net
sync.mathtag.com
sync.srv.stackadapt.com
104.22.69.131
13.225.78.47
142.250.186.34
151.101.130.137
151.101.194.49
162.19.80.92
178.250.2.146
178.62.202.251
18.158.98.109
18.193.141.251
185.255.84.151
185.64.189.110
185.64.189.115
185.80.39.216
185.89.210.153
198.148.27.134
213.155.156.185
216.58.212.162
23.35.228.23
2600:1f18:1aca:4282:edbd:b8d6:baff:c9b7
2600:9000:2078:3800:6:44e3:f8c0:93a1
2600:9000:20eb:3a00:2:cb38:840:93a1
2600:9000:2104:6600:8:48e:53c0:93a1
2606:4700:10::6816:3456
2606:4700:e0::ac40:661c
2606:4700:e0::ac40:671c
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:806::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a02:2638:1::18
2a02:2638:1::1a
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:20::2010
2a03:2880:f02d:12:face:b00c:0:3
2a05:d018:d29:3602:e223:977f:5d30:1217
3.123.150.182
3.131.70.143
3.67.250.232
31.220.27.134
34.102.146.192
34.120.135.53
34.208.243.53
34.96.70.87
35.157.246.167
35.186.193.173
35.190.39.111
35.204.74.118
35.244.159.8
35.71.131.137
37.157.6.245
51.89.9.253
52.203.140.205
52.49.202.27
54.220.95.67
72.246.168.124
74.125.206.156
88.221.168.201
88.221.169.143
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
059294eaad3d4e8866ab69330ca247d83494bfb7aeb05caefbee696979bab75f
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f5f3047a630f7206f6b3faf8f72c6134985955b0478320ecaec44d10e98488c
10b6b6c74ee84617939b95a03d0effe04fd5b46480eb17b57751936d09d59871
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
133157c66e35c2404dc6b8219ee27e6d86e3f13f14635cb85967e28b4ff7ab7b
14670ce312747383c022d113b24b5fbea43ce3b45b4a0021340f6c9a127ce9b2
159d288073a6f8705a8eb288dc6ddbfd192afd31da95800c5fc8f78a41e06773
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
2405c4349aef0da237dc6ddfe63a6bfe2440dc4461c20850ccc19fcc1d359aec
266a8361ba239ddebd0d2a46cacad5200d9224ca1fd819a38ffc2c2e96ced681
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
29c7b07d3bfa51ec472f13dc7c6a28d067818b60a7cc1487630e44555f11c532
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2dbc1e82d9a5c698995e2f9e5dfa5672aa3a389075a127fe55eebad60787c0b2
2e3beaa175655a6b53a42a1a70b215410c6ff6b7303822aac7916353a4cf2a96
31a5bb99321ac1408aed97cf87818909f2ff29354d314979198cab7606419f1d
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
389e1f893b77970f3ea973d6270f4c658d6501bcd5f0efab1b0f59720ee2ac73
39766936450d6b0bf336df78e7f5af5c44186d27bf4fcabe8c61d47e3d28ad94
3a8925df57357c2a71893114e307cd622fe64be676362017ec47f821cf7b2b78
3d9a59575703d044522c52228d042dccd4a5f90a73e6923a7ef4c9b42df44c36
3fd2cee9520cf71fabdd3743f57756003bcdb47ef6461c2d06768210027aae9d
4436635e94108fa053f9ddc3fda722679db9ca393391ec488ae4373cabe1e72f
44a89e43aca476a63f197c996556196377c8945cb8f0f5759c19a4c0371b30c3
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
4a92f3bc62ab3c45967f99faba9869e6ce87186367b3ecc3a3ce1f93b61dc84d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ec59b67acebc605719c0cf9ad405720854a5e8bdfc65f8164786ee14df852f4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50c8d681ebefb8fa94b60691e89d4e31c3d283310c13457028898a70f1998cc0
530ada81665d4f8f68e14afba4d6ae64128d80240dda6ddc8919b31d65a69702
538ec062f09fcbfdac97cbf4972796367ee75cb5dc07a974956b46fe5537e122
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55c05dfa890ddde7d2ed894efde5f09510a9932aaa3dbff46a2c93e9cc658fb0
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
584d623ec3125bfc106a88a57bfccb15faf6ec72547191f81b894612ad910cc1
588b559f74a6e1f3fd40683bf5bc2cc791f5acfdf91f712dc5adc875c5ddc79e
58a42f3d77d2c6742ee2c9ce970ab67297c671eb5026f9f1e8cdc43381e843f0
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
672e7776e5266bf7601201a8f1c946757d5aee5917650201cc4fe89dd9b05e03
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6d0ebd01b192ec24580cead2980021bf75da808a75efb7898bd7d23ada8d81e4
6d622dd9aa7439a2b0bdc437d5a36ed51efd2bdb2c683bd8293fa11cbbcda559
71efdcd9089b186abcfbe7bbad03576f3b42381c4d19d9947bc6fbe176df7098
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
824ca75564f14c6fd0537d19509e1ee69ca2e80024d2355fbcf0950c709f95d5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8704650cfb8bf873b0e1972bc6a3e34546d08be5bb5419968ebba009a86e8c15
8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b7d67d06bac26572d57ed774c41cb2b261812c74d791f1385e4220f5f1bbac3
8c46f125663227f070b1ec0f3e9095cdb7d5bd04b765e450255c3bd1c05adb39
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcc2a3e81e040bdf585898fd362ce33edae40cb172331100290562a1d1c5cd7
9373dfb95ea536a09faa24b4ed2751b1e416eca0a3c7a86ca1f06b916e66a501
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
9662766ef45fe26a2de5437d7eabfcd797e625bbe023b0aa4c327c7f4c7052b7
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99e15f03ee4c38a6e86057f9117593a826814b01a627c69323af00fda5b3cfc9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8aebe236b6bb032f10ed20af07ef52bebcfa8c129b3453020e0bb807f347a7
9c8df5d029f6c7bec0db3c33e6d752b958a50d1c4cb92f0ef2a8c20329240a5e
9d21ce859ca8be253a0b73ee6a36f05795583222d47002b3b8b6316f763ac183
9fcac1f94c498b6d9c21d43efb5fa71f703c6fa6f9e1b9c5e8e883db14f6b0df
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3379ce6c4b46db67fff77511c1976ce08011e973ce3c7e479277bbf11f23ff7
a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a525824d7672e22ce39795da065ac4ef98058bebc829124c84b7bb67e4243029
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8b213069fba78b53ed1607644056bd85bcc294b2fb83ed79614763690fa251c
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
ab8a1374207a8a89dbc6f011100b31c49ea166bfa1f5a8a5e1ad961ce85971dc
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31152f20482b0fe704bf31430fec9cbb90d15acdf2891384f44a379e049f6f5
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b58e017757b5e4bdbf3846f7babc814bafb92ae822421455ee01fbe43414543b
b5d033dcd8cdbe1e9b27d11942299523b2e5f4f082226b46bfec97e332fba60d
b7cf70f0bf5147acae2ef467a5a8446dd6a9a4aa5e90736c63ac8408cd0fc9bf
ba1149c0daa9d1c0441a535fbfb73d50630db5b75687291836a52e5bf18314f6
bdaf5b33d205ea8fe2f435ac615c3364e56818cc6e544bc1d4d7c760ec09ec67
bf9df56725eb15488085fffb0a24d4edee7e1a6fe321fa3734865c15f868cdc9
c214669197e42b3ff91df62e238c536ee56bd9669983770e1ea97345de1bbf97
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4efca2c134a5f6ba732720b241f61563dc10b8201246074b3862d89191665bd
c66a8580fafe921a35a79706ab3d48b5a29ea4ae5a435af0c7337726529c987d
c769572077ca861e51689e9c59d2dc1ce148a1ee07f12f88b753e9402218d0e0
c7fea7b0113ae6fdb085de4fda6c1c5d2920fc700be5fb52142a4d17b09c01f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c
da5e8214006d8af2b48e443ab56b4a079cf08a3adc54d680e871602ef54306b3
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e38cec42de067f98f682ad5fa5364b9c951ac92d7ac5dda97ca833144d57f1af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e9710b1f879a5dd922b5ae8e11e578449dcd97f00e7ae18b4746f1ae8329716e
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f08bda7e60fadca736bd7ed81684d6dd9bd11951aada10c84e66cbeac3c52197
f09e6a14209bad208f376135759a7ede7553052c97ca91ee106424f4ae1e89ef
f242f280a342b863b71dc67408bcdde0ce2dcf2d02e9dfa8500605dc26a06ed9
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
fa00ee14f7b15d9fb52a1b1c740a439f9902a2ba0c2d0be4a79233a00c86eeb7
fcc650dabdeef66e791d2159bddf7e6ec415841c265e2e121bfdf8da9f898837
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffcf6bd5c8af885047a46946fc7e9b1793a5a85e815173c66479ce3029245543

theinterview.top Open in urlscan Pro 18.158.98.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

264 Requests

82 %HTTPS

40 %IPv6

60 Domains

89 Subdomains

60 IPs

11 Countries

2308 kBTransfer

6936 kBSize

73 Cookies

0 Outgoing links

Page URL History

Redirected requests

264 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

theinterview.top Open in urlscan Pro
18.158.98.109 Public Scan

Screenshot
Live screenshot

Full Image

264
Requests

82 %
HTTPS

40 %
IPv6

60
Domains

89
Subdomains

60
IPs

11
Countries

2308 kB
Transfer

6936 kB
Size

73
Cookies

264 HTTP transactions
4 data transactions