poorlydrawnlines.com Open in urlscan Pro
166.62.109.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://poorlydrawnlines.com/
Effective URL:
https://poorlydrawnlines.com/
Submission: On August 27 via manual (August 27th 2023, 7:16:19 pm UTC) from US — Scanned from DE

Summary HTTP 159 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 30 domains to perform 159 HTTP transactions. The main IP is 166.62.109.7, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is poorlydrawnlines.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 7th 2022. Valid for: a year.

This is the only time poorlydrawnlines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	166.62.109.7 166.62.109.7	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:cdb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 33	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	104.18.12.14 104.18.12.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
5	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1 2	91.216.195.18 91.216.195.18	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
8	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:9::210:ee05	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2 2	104.18.39.155 104.18.39.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
2 2	63.34.77.44 63.34.77.44	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.252.154.12 34.252.154.12	16509 (AMAZON-02) (AMAZON-02)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	130.211.44.5 130.211.44.5	15169 (GOOGLE) (GOOGLE)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
2	199.232.192.64 199.232.192.64	54113 (FASTLY) (FASTLY)
1	2600:9000:248... 2600:9000:248d:b600:19:8ca6:3640:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	52.210.25.250 52.210.25.250	16509 (AMAZON-02) (AMAZON-02)
2	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
2	108.138.36.50 108.138.36.50	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:26d... 2600:9000:26da:6c00:d:6d12:1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
18	2600:9000:26d... 2600:9000:26db:f200:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	99.86.114.98 99.86.114.98	16509 (AMAZON-02) (AMAZON-02)
6	108.138.37.209 108.138.37.209	16509 (AMAZON-02) (AMAZON-02)
4	52.222.169.8 52.222.169.8	16509 (AMAZON-02) (AMAZON-02)
2	18.173.159.32 18.173.159.32	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	199.232.194.49 199.232.194.49	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
159	40

20 166.62.109.7 (United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 7.109.62.166.host.secureserver.net

poorlydrawnlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:cdb (United States)

ASN13335 (CLOUDFLARENET, US)

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2606:4700::6812:19ad (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnx.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.14 (None, )

ASN13335 (CLOUDFLARENET, US)

a4.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

poorlydrawnlines.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.216.195.18 (France) 1 redirects

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: std-collect-lb-c03-01-vip.weborama.fr

pgacatalunya1.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:9::210:ee05 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.39.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.77.44 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-77-44.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.154.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-154-12.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.64 (United States)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:248d:b600:19:8ca6:3640:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pathtosuccess.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.25.250 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-25-250.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-50.muc50.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26da:6c00:d:6d12:1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:26db:f200:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.114.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-114-98.lhr61.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.37.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-37-209.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.169.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-8.cdg52.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.159.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-159-32.muc50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	tribalfusion.com 3 redirects s.tribalfusion.com — Cisco Umbrella Rank: 1944 a4.tribalfusion.com — Cisco Umbrella Rank: 27549 cdnx.tribalfusion.com — Cisco Umbrella Rank: 13955 a.tribalfusion.com — Cisco Umbrella Rank: 817	112 KB
21	disquscdn.com s.disquscdn.com — Cisco Umbrella Rank: 44593 c.disquscdn.com — Cisco Umbrella Rank: 5469 a.disquscdn.com — Cisco Umbrella Rank: 14656	1 MB
20	poorlydrawnlines.com 1 redirects poorlydrawnlines.com	999 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	81 KB
12	doubleclick.net 1 redirects ad.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210	375 KB
10	disqus.com poorlydrawnlines.disqus.com disqus.com — Cisco Umbrella Rank: 1167 tempest.services.disqus.com — Cisco Umbrella Rank: 16874 referrer.disqus.com — Cisco Umbrella Rank: 7797	78 KB
8	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 344 aax.amazon-adsystem.com — Cisco Umbrella Rank: 430	129 KB
8	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3357 launchpad.privacymanager.io — Cisco Umbrella Rank: 3187 geo.privacymanager.io — Cisco Umbrella Rank: 2018	37 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	136 KB
5	gstatic.com fonts.gstatic.com	81 KB
5	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 769 simage2.pubmatic.com — Cisco Umbrella Rank: 797 ads.pubmatic.com — Cisco Umbrella Rank: 547	154 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	110 KB
3	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 511 rtb0.doubleverify.com — Cisco Umbrella Rank: 793 rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 17885	106 KB
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 766	140 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	2 KB
2	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594	1 KB
2	weborama.fr 1 redirects pgacatalunya1.solution.weborama.fr	1 KB
2	exponential.com tags.expo9.exponential.com — Cisco Umbrella Rank: 12971	17 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 483	17 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 366 fonts.googleapis.com — Cisco Umbrella Rank: 45	84 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1601	63 KB
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 532	477 B
1	pathtosuccess.global cdn.pathtosuccess.global — Cisco Umbrella Rank: 17725	27 KB
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 325	125 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 648	338 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 646	471 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 481	304 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 364	239 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2369	122 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
159	30

	Domain	Requested by
20	s.tribalfusion.com	tags.expo9.exponential.com s.tribalfusion.com poorlydrawnlines.com
20	poorlydrawnlines.com	1 redirects poorlydrawnlines.com
18	c.disquscdn.com	disqus.com c.disquscdn.com poorlydrawnlines.disqus.com poorlydrawnlines.com
9	a.tribalfusion.com	3 redirects s.tribalfusion.com
8	pagead2.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net poorlydrawnlines.com
6	c.amazon-adsystem.com	poorlydrawnlines.com c.amazon-adsystem.com
6	securepubads.g.doubleclick.net	poorlydrawnlines.disqus.com securepubads.g.doubleclick.net
6	s0.2mdn.net	ad.doubleclick.net s0.2mdn.net poorlydrawnlines.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagservices.com	s.tribalfusion.com www.googletagservices.com s0.2mdn.net
4	geo.privacymanager.io	launchpad.privacymanager.io
4	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com
4	cdnx.tribalfusion.com	poorlydrawnlines.com
3	referrer.disqus.com	poorlydrawnlines.com
3	disqus.com	poorlydrawnlines.disqus.com c.disquscdn.com
3	googleads4.g.doubleclick.net	ad.doubleclick.net
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
2	id.rlcdn.com	poorlydrawnlines.disqus.com
2	s.disquscdn.com	poorlydrawnlines.disqus.com
2	launchpad-wrapper.privacymanager.io	poorlydrawnlines.disqus.com
2	ads.pubmatic.com	poorlydrawnlines.disqus.com
2	tempest.services.disqus.com	poorlydrawnlines.disqus.com
2	image6.pubmatic.com	2 redirects
2	dpm.demdex.net	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	pgacatalunya1.solution.weborama.fr	1 redirects poorlydrawnlines.com
2	poorlydrawnlines.disqus.com	poorlydrawnlines.com
2	ad.doubleclick.net	www.googletagservices.com
2	tags.expo9.exponential.com	poorlydrawnlines.com
2	ssl.google-analytics.com	poorlydrawnlines.com
1	rtbc-ew1.doubleverify.com	cdn.doubleverify.com
1	a.disquscdn.com	poorlydrawnlines.com
1	fonts.googleapis.com	client
1	code.createjs.com	s0.2mdn.net
1	aa.agkn.com	1 redirects
1	cdn.pathtosuccess.global	text
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	ups.analytics.yahoo.com	s.tribalfusion.com
1	cm.g.doubleclick.net	1 redirects
1	simage2.pubmatic.com	1 redirects
1	beacon.krxd.net	s.tribalfusion.com
1	tags.bluekai.com	1 redirects
1	us-u.openx.net	s.tribalfusion.com
1	pixel.rubiconproject.com	s.tribalfusion.com
1	public-prod-dspcookiematching.dmxleo.com	s.tribalfusion.com
1	cdn.doubleverify.com	ad.doubleclick.net
1	a4.tribalfusion.com	poorlydrawnlines.com
1	ajax.googleapis.com	poorlydrawnlines.com
0	sync.search.spotxchange.com Failed	s.tribalfusion.com
159	50

This site contains links to these domains. Also see Links.

Domain
poorlydrawnstore.com
www.facebook.com
twitter.com
feeds.feedburner.com
www.penguinrandomhouse.com
reddit.com
www.stumbleupon.com
digg.com
creativecommons.org
www.dannywalcoff.com

Subject Issuer	Validity	Valid
poorlydrawnlines.com Go Daddy Secure Certificate Authority - G2	`2022-11-07` - `2023-12-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
exponential.com Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-08` - `2024-09-08`	a year	crt.sh
cdn.pathtosuccess.global Amazon RSA 2048 M02	`2023-04-20` - `2024-05-18`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
*.disquscdn.com Amazon RSA 2048 M02	`2023-04-11` - `2024-05-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
a.disquscdn.com Amazon RSA 2048 M01	`2023-03-01` - `2023-10-29`	8 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://poorlydrawnlines.com/
Frame ID: E7AC2871F9F27B4FFD110F841B45597A
Requests: 42 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/PoorlyDrawnLinescom/ROS/tags.js
Frame ID: BB6B910E6246EAD711CD5D1A22890B5D
Requests: 5 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B30340838.373555316;dc_ver=96.284;sz=320x50;u_sd=1;dc_adk=3926633700;ord=iu9ht7;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa4m5LZdprMZa0GnUXcv51VjupT7T2FrSWFFAUAv0RqMXQVZbrPH7w0W7uV6MM3sQ20b3DUm2n4AU6R6ZbG2dUr0WBJmW6N4PYR5cjeUVJ8UcbfR6FuWdvQUFF02r6uWqrmWTvbSaBJQc3IPbIvRWrlWGbU2repmWqq0qmx3tvBPcJZa4mUIpdINUH3f0bvdYbYj0TqtPbUZbUFUSVdQYnbJuPUBNYTYy4T7c4ajXmTBFXbFgTH7Tn63LmG7qpdUA5qnj2HZaq56ZbGprbE0GfRvDuZbNRiNSF27nDPDTbjhWm7Tt724m9iqttTKN8T5wbEV1PT7tqeyv7Jbs7eWvQYC2tPhrm63nHZaJxmleWZd%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=0,https%3A%2F%2Fpoorlydrawnlines.com%2F$0;xdt=0;crlt=jWC.t1K2WC;stc=1;chaa=1;sttr=38;prcl=s
Frame ID: EF21F1DFD7FFC229D5FEC51E5981E052
Requests: 8 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a5m1h3VWJ90bnd1FJl0qAqPbFHTrMYWHnWmbfuPF7r1EUp4qff4q74naFFYFF7WHf0oPnLnG7pmW7D3T373WZan4AFZanFnE0VU0XVF11VvxpTFV3bvSVbZbZcWm75REMXSVUMQdYt1tbuVPbv2sv4YFvZaVmyn56M6RmFJ4HZbrXWYAnt2v36rY3Gn8Vsn6VGMeR6FNTHZbUWFbX2UesWq7rVav8PqYJQVfZdQFiwStQ9VcMV5b6xodqO0qqV2WbZds9ZaDOreZcTdYDmCXZawmAKu6PHMDQrqmukqa2hnoetV6fPuQy1MHYHALF61c&mediaDataID=8039566&mediaName=frame.html
Frame ID: A1F2923ADE08AF1B3723B04AE69B8973
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a6m0xQ3sr8VcQcUsbhRPUxWdnPTrJ02bauWaUwVE3aSTQKRsjZdPburStY7WcrW2FqvotirXqew4tjFQVbZa4PrIpdasTdBh0rUkXbYk1qqtPbrGUFU2WtrWmFQmRUjt1q3y5EYc4aMRmaMCYrj8TWJWoAvKmsQomWQK5TZbh5teN5PvZbprQEYcQRYVZb41cvxnavR2rZbTTrfGVmU0PEf3QVMmPWZbvYtBrWPnm3Gn0YbUKUPiw2PZbeR67l2dZbOMouZdP8Mxv6AhuSPEsWTUm92CqFMYM9Zauns7hmITFZb2&mediaDataID=6530936&mediaName=frame.html
Frame ID: 6FBC88A941A0607CE856AF83A5578431
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a8mXLt0bnc1UBf0EAOSFBEWUQXWHM1oFfxPFZbMYTQt3TFh5E35mEMEXFjaUtjQoAMDpVvmoHfA5TFh3d6N56FJmrYZcXsU01svV1svymEvT5UQTVbbEW63TPqb0ScUqSHZbr1drwV6vp2GB5XUrIU6Xr2P39QPZbC4HryXHBKpdEo5mBR3sYgTGvdWcZbgSmFuUWFQTUrX5UEmVEYtVTF9QanIRsJZcRrAqStrlVcUP5ruonHqO0qep4dvgQsrZavUmIS8vroWPROQPAtPABVWeGuNnxpF&mediaDataID=2713736&mediaName=frame.html
Frame ID: 70B7A966F5DE71161F3827C6062F0DF6
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a9m1xYVcQbUcbgSm3MWtQTWrrY2UimVqUvVEniQEUZcQVBZbQUEqRW76Vc3R4rmood6M0amv2dbGSVMG46YHoHapUWj7XUQk1Fb91TqmSrJHWUM2TH34oFjxPbrr1E3r3aZba4qjPmT7IYFU9UHFSnP3ZcpGnnptYB5Tr85dmq3A7GnbbZd0G301s3YXsrumqvT3bFPWbvGUmv2QqQ5QcBnQHbu0W7qT63N3GUVYbMZaUAqp5mZbeR6MK4WQ00dBAVCbMNb6PvsioqSe8SQE7sUIXoCqpQCiqw630obm7qBiH3d3NVE1fQX&mediaDataID=9148826&mediaName=frame.html
Frame ID: 2D2D3813D61BBF39A7377D2789BD9739
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aam0xQ1c34XG7wpEjR5FJUTFFDUPvYQE3QQsrNQdBNYtftWAYN2cBYYbrZcTAyo2PYgRmbA2WZbsXHJKntZao5AMV4sQ6TVvjUsB8S6FOTtFWWrB13rarUaQvVaJaSTYZaQcJCPbqxRHMiWcbU4FXmntAm0quu3WUHSVZbZd26JZbmdAyTHQ60b3kXr7i1EZaOSFJHUbB5WWB5oFJpQbBmYEJm5abf5Ev4oTFFXFBgTtZbWnmnImc7wmHfJ5EQE3HmNubAJPmEZbNGekvSypmtaJVQXNxAMtNBuhpDMlxJaM1p&mediaDataID=6546596&mediaName=frame.html
Frame ID: EB34117C6757AC62C3E4273C104A0B57
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=abm01S1UBhXairRbnATFZb0Ttn0mbBoQFZbNYTMO5EBl2an3nqBFYbUbTtFUmmvIpGrumWnD3EZbe5duq5PfGnUYLYGUPYVJVXVFnmavS2FFVTF7CW6U4PTYQQVZbsStZbyYH7uVmfn2s3UXbZbJTmTn5AvdR6jB3dMtXHvDpt2u36YY5cj7VcMjVsBgSmvxTHFWUFM22FTmUErnWaM7QTZbJSc7ZdQU6rPHY7Vcn25rPqnWisYTep4dbZdSGff4AJHUC7prRm8NbetuAZaBN7UXVRXfoPAnpcTZdR6qS2cfFT52V0L&mediaDataID=5436426&mediaName=frame.html
Frame ID: 113747371468548FB9C3C680CCD9957A
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=acm0pPUcbgPP3MUWJVTbZbY5baqVE7oWEnlQEvGSGFJRresSd37WGbS5rXsmWas0qyn4tMFQGrF26BZbotIyTtjaYbUaYbQ9XqIMSUJATFBYTtY1nrjoPUJNYaJm3abc2T74mTjGXrbfUWf1mPfLpsfootfC5EUf2dim46FGnrvLYGvXXsJTXG7nnEvT5UY2WbnAVPQWPEY2ScUsStbuYdfxVmry3Vv30bMIUmXt4AMeQmJF2tBm1WMZdntIO36BY3sjgTWjcUcyHtEuNo9PMWoaOw6JV1HnCPelist&mediaDataID=5578346&mediaName=frame.html
Frame ID: 2C3F2F83707369CF52597FD663736A20
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=admX9qXG7vpT7T3rnWWFJHUAUVQqj0QsrMQdjs1djpT6ry3VMXXFZbZdUATt4637R6fI4HUr0WBJptTu5mQY5VQbUcrdWs78PAvoTWFPTbM05b6pVqMqWarlQaBZcQVJLRF6vRWjkWVv54r6nmdZaqYa2y4drEPsFE26nEmtXsVWJhXrfb1Uj91EusSbrATrBYVHJ1nUYpRbjsXqno5TYe4TQ5nqbE1rjaTtf1nmYZcmsvppdfJ5EZb75ti15mvGVP2LvDISOcEcw8AoMdbbPhjltP&mediaDataID=6807466&mediaName=frame.html
Frame ID: 54588EF650356D92376FBAD6C382EFD7
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aem09TXairPbQHUFr0WWr4orbuQr7nXqMy5Ejd4qrYoTjHXUfaUWMTnmQZansnomHML5TUh3tmt3PnZanbrEXcUUXcv20V7npEF42bFQWUnEUA35QT35QGnMQHUNYt7nTPMp2cZbWXUQDTAim4Pr9QmJF4W3q1dnIptan3mBS3srgTsJcUcJ8SmruWtrRTUM03U2qVTbnTaQdParLSV3ZcPFIqSdv6UV3R5rqunWEmYEmw3HbZdSGrZa2mU8oWXypoeav6IdOUXuxn71snqlnT2hnoetV6fPuQy1MHYH4RXrna&mediaDataID=6719746&mediaName=frame.html
Frame ID: BBD05EDFDEF7531B1D3308427DDA79B5
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/PoorlyDrawnLinescom/ROS/tags.js
Frame ID: 23AE1CF04A46ED12476E138BA255B8BA
Requests: 8 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a8mYSw0bnc1UBe0aiNPUMEWUM1VWvUnrfxPFbMYTnt3TBd5EvQmEMEXFjaUtjQoAMDpVvmoHfA5TFh3d6N56FJmrYLYV701svV1svymEvT5UUUWUvEV63TPqb0ScUqSHZbr1drwV6vp2GB5XUrIU6Xr2P39QPZbC4HryXHBKpdEo5mBR3sYgUVU9VGj6SmFuUWFQTUrX5UEmVEYtVTF9QanIRsJZcRrAqStrlVcUP5ruonHqO0qep4dvgQsrZavUmIS8vroWPWO6ICN67IsnJk4VUsuO3IWr&mediaDataID=4056396&mediaName=frame.html
Frame ID: A94CAA1702494C7BE8777CCE1FD920D1
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aam01S1c34XG7upEfS5FJUTFBCUPU0PT3QQs3NQd7NYtjxWAMm2cBYYbrZcTAyp2PYgRmbA2WZbsXHJKntZao5AMV4sQbUGUjUsB8S6FOTtFWWrBY3bPqVqQvVaJaSTYZaQcJCPbqxRHMiWcbU4FXmntAm0quu3WUHSVZbZd26JZbmdAyTHQ60b3kXUjk1qIOSFJHUbB5WWB5oFJpQbBmYEJm5abf5Ev4oTFFXFBgTtZbWnmnImc7wmHfJ5EQE3HmNubAJPmEZbNGelyoy4xp6ur9ewwPENpTiVrUEy2tvgvEKVwa&mediaDataID=7665496&mediaName=frame.html
Frame ID: 63D8EC26F9CE113A3E8057CA70C3F558
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=acm0SRUcbgPP3vTHZbVUrfY5betUaUnWanlQEQGSGbJRriwSdvlWGbS5rXsmWas0qyn4tMFQGrF26BZbotIyTtjaYbU7XrB9XqIMSUJATFBYTtYUnrFrPrJNYqFt3TZbj2TvRmEnKYrJfUtMRmAQKmVUrmHvC2qMf5dIM3PvZaprMEXVfQ1cnV1cfNmT7V2rFVVrnCV6f2RqMYPVvpQtYv1HJrWAMO4svXYbYAUA2r56U7QAMK4WZbOXW3bnW2ouFuVNpZa9ocIWoSafxcnYv8avpmqNYSZbwmQMC2dnEZbN&mediaDataID=6347136&mediaName=frame.html
Frame ID: 16C169628041F5B13F62C8DA4BCB9DEA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8BE41EB44DBD04CF6C114C3532AC1EB5
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0D00A49723E0D8B09D20AD3601304E2A
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=poorlydrawnlines&t_i=8968&t_u=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&t_d=Poorly%20Drawn%20Lines&t_t=Poorly%20Drawn%20Lines&s_o=default
Frame ID: 30AAA72F54F9EB56D784946C476FD4EE
Requests: 28 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1820114.1141592EXPONENTIAL.COM/B28402876.344985555;dc_ver=96.284;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=4266213722;ord=2l3881;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaUm7yv5EUf5ten4AjEnrrZb0GnPYsYY0cnOpT7V5b3QVrnHUmU4RqMQQcUpPtFyYd7uTPvu2GY30UBITAmm4PZb7QPBG3HrrXHBCmW2M36YR5Gj6Vcr6VsrlSAvoUd3TTr7S5U2qUE7oWTvlQEUGSGQIRFmnRt7dUVMW5UyrnHIOXqqy3drZbPVvZc2mQKoWXnTdZbhXUfb1UBgXaitRUvGUrv4TtQ2or7sRFbMYTUp4qji2TQYnTJFYbbfTWJWm6bZcmG3roWME5EZb75tmN5EifYAyZbvo7OqQ2ZdpsMwsqb45P6otnAgtb7TNDyJvQqavmTdo6uivWPdnBXjsae0xtI5pWq2WGAQ1mm63tYZbnVuuSS38tJPsRN%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fpoorlydrawnlines.com%2F$0;xdt=0;crlt=jWC.t1K2WC;stc=1;chaa=1;sttr=37;prcl=s
Frame ID: 32D9AE649319CD4CC60E7E2FC3496C22
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10366604321134229268/index.html?ev=01_250
Frame ID: 220A18B48B7A5F576CEAE548C406A60F
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Frame ID: B13317D952FA9DA88042866BAFC00B06
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Frame ID: 9CC6A6D2C5B5AC46BAB5A315B036C306
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9787461B8B322FEA62B5E00CDF56AE26
Requests: 3 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 33B49AC74D4BE2D577D3A5A71EA3A19A
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: C2BF34216C8AE03BBB9384482C65A330
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Poorly Drawn Linesfacebookinstagramleft-navmailmenupdl-titleSlice 1right-navshareshuffleleft-navtumblrtwitter

Page URL History Show full URLs

http://poorlydrawnlines.com/ HTTP 301
https://poorlydrawnlines.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

159
Requests

92 %
HTTPS

36 %
IPv6

30
Domains

50
Subdomains

40
IPs

6
Countries

3698 kB
Transfer

8146 kB
Size

22
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://poorlydrawnstore.com/
Title: Store

Search URL Search Domain Scan URL

URL: http://www.facebook.com/poorlydrawnlines
Title: facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/PDLComics
Title: twitter

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/PoorlyDrawnLines
Title: rss

Search URL Search Domain Scan URL

URL: http://www.penguinrandomhouse.com/books/559577/comics-for-a-strange-world-by-reza-farazmand/9780735219885

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://poorlydrawnlines.com/?p=8968&t=Pretty%20Sensitive
Title: facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=RT%20@PDLComics%20-%20Pretty%20Sensitive%20-%20https://poorlydrawnlines.com/?p=8968
Title: twitter

Search URL Search Domain Scan URL

URL: http://reddit.com/submit?url=https://poorlydrawnlines.com/comic/pretty-sensitive/&title=Pretty%20Sensitive
Title: reddit

Search URL Search Domain Scan URL

URL: http://www.stumbleupon.com/submit?url=https://poorlydrawnlines.com/comic/pretty-sensitive/&title=Pretty%20Sensitive
Title: stumble

Search URL Search Domain Scan URL

URL: http://digg.com/submit?url=https://poorlydrawnlines.com/comic/pretty-sensitive/&title=Pretty%20Sensitive
Title: digg

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-nc/3.0/
Title: Creative Commons Attribution-NonCommercial 3.0 Unported License

Search URL Search Domain Scan URL

URL: http://www.dannywalcoff.com/
Title: Danny Walcoff

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://poorlydrawnlines.com/ HTTP 301
https://poorlydrawnlines.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://pgacatalunya1.solution.weborama.fr/fcgi-bin/dispatch.fcgi?a.A=im&a.si=8541&a.te=1522&a.he=1&a.wi=1&a.hr=p&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_284}&a.ra=24474458 HTTP 302
https://pgacatalunya1.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=800383&a.A=im&a.si=8541&a.te=1522&a.he=1&a.wi=1&a.hr=p&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_284}&a.ra=24474458

Request Chain 60

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662105688055635&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662105688055635&C=1 HTTP 302
https://a.tribalfusion.com/i.match?p=b20&u=ZOug.2PsnAB7YeMeCeibegAA

Request Chain 61

https://a.tribalfusion.com/i.match?p=b24&u=18072662105688055635&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662105688055635

Request Chain 62

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662105688055635&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662105688055635&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b13&u=69095979533401661190874260761253783259

Request Chain 63

https://a.tribalfusion.com/i.match?p=b10&u=18072662105688055635&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662105688055635&expires=180

Request Chain 65

https://tags.bluekai.com/site/4229?id=18072662105688055635&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

Request Chain 66

https://a.tribalfusion.com/i.match?p=b22&u=18072662105688055635&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662105688055635

Request Chain 69

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662105688055635%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662105688055635%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662105688055635&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b11&u=9C5FB2C1-712A-402D-8ADC-0BA5CAFF932E

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662105688055635 HTTP 302
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEJSP-nyuNHIrejsnDyT-0xo&google_cver=1&google_ula=2786954,0

Request Chain 88

https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662105688055635 HTTP 302
https://a.tribalfusion.com/i.match?p=b23&u=219813204621004426659

159 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
poorlydrawnlines.com/
Redirect Chain

http://poorlydrawnlines.com/
https://poorlydrawnlines.com/

892 KB
426 KB

621ms
309ms

Document
text/html

166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://poorlydrawnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

356c2e6b79c9bbee106974f1cc52abe9d26b6796353d88810f748d8338c276ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12296
content-encoding: gzip
content-length: 435180
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sun, 27 Aug 2023 19:20:04 GMT
server: openresty
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
vary: Accept-Encoding, User-Agent
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 2,5,24
x-php-version: 7.4
x-xss-protection: 1; mode=block

Redirect headers

Age: 12245
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 195
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 27 Aug 2023 19:14:51 GMT
Location: https://poorlydrawnlines.com/
Server: openresty
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: User-Agent, Accept-Encoding
X-Cache: cached
X-Cache-Hit: HIT
X-Cacheable: YES:Forced
X-Cacheproxy-Retries: 0/2
X-Content-Type-Options: nosniff
X-Php-Version: 7.4
X-Xss-Protection: 1; mode=block

GET
H2 200 style.css
poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/ 13 KB
4 KB 1124ms
1123ms Stylesheet
text/css 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

bbfb0723366f23bec524102db929a525334819bd28220db2f1cbe61b26308d3f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 185150
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 3264
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Feb 2016 01:05:10 GMT
server: openresty
x-php-version: 7.4
etag: "34f2-52bb07de5bd80-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
83 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 08:16:01 GMT
x-content-type-options: nosniff
age: 39606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84320
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Aug 2024 08:16:01 GMT

GET
H2 200 custom.js Show response
poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/js/ 811 B
732 B 1125ms
1124ms Script
application/javascript 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/js/custom.js

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

0474d395e3d562bb491ef9304b9dbd255fd1e1774640627020ad6fae8d900ac3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 185150
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 293
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jun 2015 23:53:51 GMT
server: openresty
x-php-version: 7.4
etag: "32b-518fbc09e21c0-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 style.min.css
poorlydrawnlines.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 1124ms
1123ms Stylesheet
text/css 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://poorlydrawnlines.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 185150
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 13841
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Aug 2023 12:40:51 GMT
server: openresty
x-php-version: 7.4
etag: "19824-602e15f64ccb8;5caa09d2b82c5
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 pagenavi-css.css
poorlydrawnlines.com/wp-content/plugins/wp-pagenavi/ 374 B
669 B 1124ms
1124ms Stylesheet
text/css 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://poorlydrawnlines.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 185150
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 239
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 16:42:28 GMT
server: openresty
x-php-version: 7.4
etag: "176-5fb09175c3582-gzip"
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 63ms
16ms Script
text/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 27 Aug 2023 17:51:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5070
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sun, 27 Aug 2023 19:51:38 GMT

GET
DATA 200
OK truncated
/ 22 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c869b73ad8067b7ceedcd4d0b950fd3208ae831b17cfd18d9caf45f0bf0a44b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 23 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46835eba98ec27615940d0427a87864b7f19bf779c4fa62e71b32fe1bd9e0ec7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 24 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f61e22e43caeb98a5e711806031d357cfcea49a2ea7c3e91c2d66a8b3ac6e4c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 57 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd1da987adaa0fdfbf2322dcebd71cb7173a7560ee66627613a48c5f6d190fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 body-bg.jpg
poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/ 1011 B
1 KB 1637ms
1637ms Image
image/jpeg 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/body-bg.jpg

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

c43a8db3c8c490b7a7e9ef505fb6653be0f97dd95540f03ef8698af7860f6bc0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:06 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
age: 185151
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 1011
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jun 2015 23:53:39 GMT
server: openresty
x-php-version: 7.4
etag: "3f3-518fbbfe706c0"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
BLOB 200
OK 0b16c099-461b-43ba-b957-5b2328010312
https://poorlydrawnlines.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://poorlydrawnlines.com/0b16c099-461b-43ba-b957-5b2328010312
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 24ms
24ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=952357031&utmhn=poorlydrawnlines.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Poorly%20Drawn%20Lines&utmhid=1869666600&utmr=-&utmp=%2F&utmht=1693163768779&utmac=UA-5840703-1&utmcc=__utma%3D245411077.1100359424.1693163769.1693163769.1693163769.1%3B%2B__utmz%3D245411077.1693163769.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=70723147&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3df1e3133fef6e0e84f5800dbe3c797919cbe3f746696b98375d969ca214ab25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 44 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1d08fd24da0d006c934b6840bf8b49170055fa88f065433c8dfe58ab00bf317

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/PoorlyDrawnLinescom/ROS/ 7 KB
2 KB 237ms
187ms Script
application/x-javascript 2606:4700::6812:cdb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/PoorlyDrawnLinescom/ROS/tags.js
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:cdb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400
content-length: 2317
x-function: 151
last-modified: Wed, 26 Jul 2023 06:51:38 GMT
server: cloudflare
x-reuse-index: 69
etag: 5909443542969422214
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, public
cf-ray: 7fd6a5bf59874d70-FRA
expires: Sun, 27 Aug 2023 20:16:10 GMT

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/PoorlyDrawnLinescomMobile/ROS/ 60 KB
14 KB 221ms
170ms Script
application/x-javascript 2606:4700::6812:cdb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/PoorlyDrawnLinescomMobile/ROS/tags.js
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:cdb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c13148a6289bbd4590a0656b1db36a3bb4fe929fde571987f268c7bc2444394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400
content-length: 14345
x-function: 151
last-modified: Wed, 26 Jul 2023 06:51:53 GMT
server: cloudflare
x-reuse-index: 8
etag: 5487693232143786845
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 7fd6a5bf59894d70-FRA
expires: Sun, 27 Aug 2023 20:16:10 GMT

GET
H2 200 pdl-title.svg
poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/ 90 KB
90 KB 311ms
310ms Image
image/svg+xml 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/pdl-title.svg

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

39d31ab934f12bed7f4b0fb18b09d94f3811f50700eae1027d2b09b688362685

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:08 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES:Forced
age: 12066
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 91731
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jun 2015 04:30:15 GMT
server: openresty
x-php-version: 7.4
etag: "16653-51913baf143c0"
vary: User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 comment_count.js Show response
poorlydrawnlines.com/wp-content/plugins/disqus-comment-system/public/js/ 889 B
880 B 157ms
156ms Script
application/javascript 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://poorlydrawnlines.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.23

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 185154
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 440
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Apr 2023 15:08:04 GMT
server: openresty
x-php-version: 7.4
etag: "379-5f9b1ca75cad4-gzip"
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 tags.js Show response
s.tribalfusion.com/real/tags/PoorlyDrawnLinescom/ROS/ Frame BB6B 60 KB
14 KB 217ms
173ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/PoorlyDrawnLinescom/ROS/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/PoorlyDrawnLinescom/ROS/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d4e77da5212f4809528e263008c24546832c2a22957503bb07dcb3b8a33812d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400
content-length: 14322
x-function: 151
last-modified: Wed, 26 Jul 2023 06:51:53 GMT
server: cloudflare
x-reuse-index: 792
etag: 18127143326031140342
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 7fd6a5c0ecef9c10-FRA
expires: Sun, 27 Aug 2023 20:16:11 GMT

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ 677 B
691 B 217ms
176ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.9&th=6095664336
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/PoorlyDrawnLinescomMobile/ROS/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f9ff5eb5e1a4ea2b17ffa9e1f8a2120e12e9f1487c3801b4d82ae2cb3aefb10

Request headers

Referer: https://poorlydrawnlines.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 27 Aug 2023 19:16:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 153
last-modified: Wed, 26 Jul 2023 06:51:38 GMT
server: cloudflare
x-reuse-index: 617
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private
cf-ray: 7fd6a5c0ecf39c10-FRA
alt-svc: h3=":443"; ma=86400
content-length: 333
expires: Sat, 25 Nov 2023 19:16:11 GMT

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ Frame BB6B 679 B
646 B 174ms
173ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.9&th=6095664336
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/PoorlyDrawnLinescom/ROS/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f161571a52446315ef86daf7d95c6070c9c778a6ad63562cd1a02f73453525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 153
last-modified: Wed, 26 Jul 2023 06:51:38 GMT
server: cloudflare
x-reuse-index: 130
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private
cf-ray: 7fd6a5c20eee9c10-FRA
alt-svc: h3=":443"; ma=86400
content-length: 332
expires: Sat, 25 Nov 2023 19:16:11 GMT

GET
H2 200 j.ad Show response
s.tribalfusion.com/ 6 KB
3 KB 171ms
171ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=6095664336&tagKey=2682756367&loaderVer=0.1&site=poorlydrawnlinescommobile&adSpace=ros&center=1&size=320x50&env=display&url=https%3A%2F%2Fpoorlydrawnlines.com%2F&f=0&p=3692221&tKey=a6mneM4cYbTGF8VcBjRAQOYTYcSHYi2G&a=1&adContainerId=richmedia_2&rnd=3691290
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/PoorlyDrawnLinescomMobile/ROS/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1cd4a525c2a207547b2b36eb5e57098fc3028b74e11f01131c02962c837bd20

Request headers

Referer: https://poorlydrawnlines.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 101
server: cloudflare
x-reuse-index: 646
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 7fd6a5c21f019c10-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3104
expires: 0

GET
H3 200 j.ad Show response
s.tribalfusion.com/ Frame BB6B 5 KB
3 KB 178ms
177ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=6095664336&tagKey=2682756367&loaderVer=0.1&site=poorlydrawnlinescom&adSpace=ros&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=728x90&busted=1&url=https%3A%2F%2Fpoorlydrawnlines.com%2F&f=0&p=3692221&tKey=atmneMVGQP4biqndImXayNPTvqSHYwZbZd&a=3&adContainerId=richmedia_4&rnd=3693041
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/PoorlyDrawnLinescom/ROS/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15686e149340660e221bddd1ff558d89e1d83f9ff74eb83dba72e284cf3c1527

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 101
server: cloudflare
x-reuse-index: 7
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 7fd6a5c32e919b4b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2509
expires: 0

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ 16 KB
7 KB 74ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=6095664336&tagKey=2682756367&loaderVer=0.1&site=poorlydrawnlinescommobile&adSpace=ros&center=1&size=320x50&env=display&url=https%3A%2F%2Fpoorlydrawnlines.com%2F&f=0&p=3692221&tKey=a6mneM4cYbTGF8VcBjRAQOYTYcSHYi2G&a=1&adContainerId=richmedia_2&rnd=3691290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://poorlydrawnlines.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 27 Aug 2023 18:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Wed, 24 May 2023 18:59:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 27 Aug 2023 19:45:41 GMT

GET
H2 200 ipg
a4.tribalfusion.com/ 43 B
291 B 206ms
169ms Image
image/gif 104.18.12.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4.tribalfusion.com/ipg?ip6=2a00:c98:2050:a007:2::9&kv=%7B%22ord%22%3A%2024474101%2C%20%22clientID%22%3A%20770113%7D
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:11 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fd6a5c36ba99bc8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 impl_v96.js Show response
www.googletagservices.com/dcm/ 49 KB
20 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v96.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://poorlydrawnlines.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 27 Aug 2023 03:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20157
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:41:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 03:46:26 GMT

GET
H2 200 B30340838.373555316;dc_ver=96.284;sz=320x50;u_sd=1;dc_adk=3926633700;ord=iu9ht7;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa4m5LZdprMZa0GnUXcv51VjupT7T2FrSWFFAUAv0RqMXQVZbrPH7w0W7uV6MM3sQ20... Show response
ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/ Frame EF21 78 KB
33 KB 124ms
57ms Document
text/html 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B30340838.373555316;dc_ver=96.284;sz=320x50;u_sd=1;dc_adk=3926633700;ord=iu9ht7;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa4m5LZdprMZa0GnUXcv51VjupT7T2FrSWFFAUAv0RqMXQVZbrPH7w0W7uV6MM3sQ20b3DUm2n4AU6R6ZbG2dUr0WBJmW6N4PYR5cjeUVJ8UcbfR6FuWdvQUFF02r6uWqrmWTvbSaBJQc3IPbIvRWrlWGbU2repmWqq0qmx3tvBPcJZa4mUIpdINUH3f0bvdYbYj0TqtPbUZbUFUSVdQYnbJuPUBNYTYy4T7c4ajXmTBFXbFgTH7Tn63LmG7qpdUA5qnj2HZaq56ZbGprbE0GfRvDuZbNRiNSF27nDPDTbjhWm7Tt724m9iqttTKN8T5wbEV1PT7tqeyv7Jbs7eWvQYC2tPhrm63nHZaJxmleWZd%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=0,https%3A%2F%2Fpoorlydrawnlines.com%2F$0;xdt=0;crlt=jWC.t1K2WC;stc=1;chaa=1;sttr=38;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f6.1e100.net

Software

cafe /

Resource Hash

d5a5bb2c8dcafe80ce8e69e27a9059c3b6d3b29f685782f8011cbf7032028f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 33033
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 19:16:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame A1F2 305 B
504 B 172ms
170ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a5m1h3VWJ90bnd1FJl0qAqPbFHTrMYWHnWmbfuPF7r1EUp4qff4q74naFFYFF7WHf0oPnLnG7pmW7D3T373WZan4AFZanFnE0VU0XVF11VvxpTFV3bvSVbZbZcWm75REMXSVUMQdYt1tbuVPbv2sv4YFvZaVmyn56M6RmFJ4HZbrXWYAnt2v36rY3Gn8Vsn6VGMeR6FNTHZbUWFbX2UesWq7rVav8PqYJQVfZdQFiwStQ9VcMV5b6xodqO0qqV2WbZds9ZaDOreZcTdYDmCXZawmAKu6PHMDQrqmukqa2hnoetV6fPuQy1MHYHALF61c&mediaDataID=8039566&mediaName=frame.html
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dcc923915401762efd974be8d75cf19c366733efaab38b01d5483224d8fa2cd

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fd6a5c408329b4b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 27 Aug 2023 19:16:11 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 7

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 6FBC 271 B
477 B 171ms
169ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a6m0xQ3sr8VcQcUsbhRPUxWdnPTrJ02bauWaUwVE3aSTQKRsjZdPburStY7WcrW2FqvotirXqew4tjFQVbZa4PrIpdasTdBh0rUkXbYk1qqtPbrGUFU2WtrWmFQmRUjt1q3y5EYc4aMRmaMCYrj8TWJWoAvKmsQomWQK5TZbh5teN5PvZbprQEYcQRYVZb41cvxnavR2rZbTTrfGVmU0PEf3QVMmPWZbvYtBrWPnm3Gn0YbUKUPiw2PZbeR67l2dZbOMouZdP8Mxv6AhuSPEsWTUm92CqFMYM9Zauns7hmITFZb2&mediaDataID=6530936&mediaName=frame.html
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baf1a8895afbc85cee461b7043c683561d78fb374dd0063b61c50558267b0870

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fd6a5c408369b4b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 27 Aug 2023 19:16:11 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 7

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 70B7 255 B
469 B 175ms
173ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a8mXLt0bnc1UBf0EAOSFBEWUQXWHM1oFfxPFZbMYTQt3TFh5E35mEMEXFjaUtjQoAMDpVvmoHfA5TFh3d6N56FJmrYZcXsU01svV1svymEvT5UQTVbbEW63TPqb0ScUqSHZbr1drwV6vp2GB5XUrIU6Xr2P39QPZbC4HryXHBKpdEo5mBR3sYgTGvdWcZbgSmFuUWFQTUrX5UEmVEYtVTF9QanIRsJZcRrAqStrlVcUP5ruonHqO0qep4dvgQsrZavUmIS8vroWPROQPAtPABVWeGuNnxpF&mediaDataID=2713736&mediaName=frame.html
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 053f4395561c90814e6d6a615526390c1403a7972e20f2f0e8808287da79146e

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fd6a5c408389b4b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 27 Aug 2023 19:16:11 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 7

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 2D2D 275 B
485 B 176ms
174ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a9m1xYVcQbUcbgSm3MWtQTWrrY2UimVqUvVEniQEUZcQVBZbQUEqRW76Vc3R4rmood6M0amv2dbGSVMG46YHoHapUWj7XUQk1Fb91TqmSrJHWUM2TH34oFjxPbrr1E3r3aZba4qjPmT7IYFU9UHFSnP3ZcpGnnptYB5Tr85dmq3A7GnbbZd0G301s3YXsrumqvT3bFPWbvGUmv2QqQ5QcBnQHbu0W7qT63N3GUVYbMZaUAqp5mZbeR6MK4WQ00dBAVCbMNb6PvsioqSe8SQE7sUIXoCqpQCiqw630obm7qBiH3d3NVE1fQX&mediaDataID=9148826&mediaName=frame.html
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df8cd83c350b8bee45d55b1e2828b02e919b873caa9eb08723010f9c193b9250

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fd6a5c4083c9b4b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 27 Aug 2023 19:16:11 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 7

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame EB34 377 B
534 B 174ms
172ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aam0xQ1c34XG7wpEjR5FJUTFFDUPvYQE3QQsrNQdBNYtftWAYN2cBYYbrZcTAyo2PYgRmbA2WZbsXHJKntZao5AMV4sQ6TVvjUsB8S6FOTtFWWrB13rarUaQvVaJaSTYZaQcJCPbqxRHMiWcbU4FXmntAm0quu3WUHSVZbZd26JZbmdAyTHQ60b3kXr7i1EZaOSFJHUbB5WWB5oFJpQbBmYEJm5abf5Ev4oTFFXFBgTtZbWnmnImc7wmHfJ5EQE3HmNubAJPmEZbNGekvSypmtaJVQXNxAMtNBuhpDMlxJaM1p&mediaDataID=6546596&mediaName=frame.html
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd39296683d8c126559922d18b909f24399955777f558a71503b7d6a1b22ae6b

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fd6a5c4083e9b4b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 27 Aug 2023 19:16:11 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 7

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 1137 320 B
512 B 172ms
171ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=abm01S1UBhXairRbnATFZb0Ttn0mbBoQFZbNYTMO5EBl2an3nqBFYbUbTtFUmmvIpGrumWnD3EZbe5duq5PfGnUYLYGUPYVJVXVFnmavS2FFVTF7CW6U4PTYQQVZbsStZbyYH7uVmfn2s3UXbZbJTmTn5AvdR6jB3dMtXHvDpt2u36YY5cj7VcMjVsBgSmvxTHFWUFM22FTmUErnWaM7QTZbJSc7ZdQU6rPHY7Vcn25rPqnWisYTep4dbZdSGff4AJHUC7prRm8NbetuAZaBN7UXVRXfoPAnpcTZdR6qS2cfFT52V0L&mediaDataID=5436426&mediaName=frame.html
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1ccad362017ae6483b3249de04d66f1309762618cdce7aafc36d2e3a6bc06e0

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fd6a5c408409b4b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 27 Aug 2023 19:16:11 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 93

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 2C3F 260 B
472 B 171ms
170ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=acm0pPUcbgPP3MUWJVTbZbY5baqVE7oWEnlQEvGSGFJRresSd37WGbS5rXsmWas0qyn4tMFQGrF26BZbotIyTtjaYbUaYbQ9XqIMSUJATFBYTtY1nrjoPUJNYaJm3abc2T74mTjGXrbfUWf1mPfLpsfootfC5EUf2dim46FGnrvLYGvXXsJTXG7nnEvT5UY2WbnAVPQWPEY2ScUsStbuYdfxVmry3Vv30bMIUmXt4AMeQmJF2tBm1WMZdntIO36BY3sjgTWjcUcyHtEuNo9PMWoaOw6JV1HnCPelist&mediaDataID=5578346&mediaName=frame.html
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1742160230e4086e4ae2c332490e572580ab3da62fa4e61538ce3cea3d3a4252

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fd6a5c408419b4b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 27 Aug 2023 19:16:11 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 58

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 5458 298 B
499 B 173ms
172ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=admX9qXG7vpT7T3rnWWFJHUAUVQqj0QsrMQdjs1djpT6ry3VMXXFZbZdUATt4637R6fI4HUr0WBJptTu5mQY5VQbUcrdWs78PAvoTWFPTbM05b6pVqMqWarlQaBZcQVJLRF6vRWjkWVv54r6nmdZaqYa2y4drEPsFE26nEmtXsVWJhXrfb1Uj91EusSbrATrBYVHJ1nUYpRbjsXqno5TYe4TQ5nqbE1rjaTtf1nmYZcmsvppdfJ5EZb75ti15mvGVP2LvDISOcEcw8AoMdbbPhjltP&mediaDataID=6807466&mediaName=frame.html
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 176e767e17579bf0b25d0e77fbaadcff7bfc093f4a0c5bcc349d35c02dcf902c

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fd6a5c408429b4b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 27 Aug 2023 19:16:11 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 58

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame BBD0 443 B
566 B 182ms
181ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aem09TXairPbQHUFr0WWr4orbuQr7nXqMy5Ejd4qrYoTjHXUfaUWMTnmQZansnomHML5TUh3tmt3PnZanbrEXcUUXcv20V7npEF42bFQWUnEUA35QT35QGnMQHUNYt7nTPMp2cZbWXUQDTAim4Pr9QmJF4W3q1dnIptan3mBS3srgTsJcUcJ8SmruWtrRTUM03U2qVTbnTaQdParLSV3ZcPFIqSdv6UV3R5rqunWEmYEmw3HbZdSGrZa2mU8oWXypoeav6IdOUXuxn71snqlnT2hnoetV6fPuQy1MHYH4RXrna&mediaDataID=6719746&mediaName=frame.html
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b8c9120613f02009b6d2e4ab39c59eed212ad1713083a94169aad22c1911115

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fd6a5c408439b4b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 27 Aug 2023 19:16:11 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 8

GET
H2 200 bg-shared.png
poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/ 132 KB
133 KB 437ms
436ms Image
image/png 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/bg-shared.png

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

9dfb325df46b6278738fc0745b95f6ef474a8249524b53a29fc42e6d204368a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:09 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
age: 185154
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 135570
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jun 2015 23:53:39 GMT
server: openresty
x-php-version: 7.4
etag: "21192-518fbbfe706c0"
content-type: image/png
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 header-social-bg.png
poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/ 16 KB
16 KB 285ms
284ms Image
image/png 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/header-social-bg.png

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

fcbb035f86f8c6564a75b382760de11e598c103ed4692c85d0f3ffd69a912b8e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:09 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
age: 185154
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 16142
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jun 2015 23:53:42 GMT
server: openresty
x-php-version: 7.4
etag: "3f0e-518fbc014cd80"
content-type: image/png
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 social-icons.png
poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/ 31 KB
31 KB 1364ms
1363ms Image
image/png 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/social-icons.png

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

a20cdc8dad12834fc7c5dc570cd9657262c478a0094309de86e49beec5086673

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:09 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
age: 185154
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 31563
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jun 2015 23:53:44 GMT
server: openresty
x-php-version: 7.4
etag: "7b4b-518fbc0335200"
content-type: image/png
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 book-buy-button.png
poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/ 32 KB
33 KB 595ms
594ms Image
image/png 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/book-buy-button.png

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

c7bfb5a7bbdc284507b3e35b2a1a6ca57f9ca64d2e2c24f07cd3b7b3ec2e9cf3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:09 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
age: 185154
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 32940
x-xss-protection: 1; mode=block
last-modified: Mon, 15 May 2017 00:08:19 GMT
server: openresty
x-php-version: 7.4
etag: "80ac-54f84da3902c0"
content-type: image/png
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 post-nav.png
poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/ 16 KB
16 KB 1056ms
1055ms Image
image/png 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/post-nav.png

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

3b7fcb9603907208ca85a2662adc4e032470e044cfe3d2e8d1e91e682e760de5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:09 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
age: 185154
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 16164
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jun 2015 23:53:43 GMT
server: openresty
x-php-version: 7.4
etag: "3f24-518fbc0240fc0"
content-type: image/png
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 share-bg.png
poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/ 5 KB
6 KB 1363ms
1362ms Image
image/png 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/share-bg.png

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

09ed7f0b415c5eaaad3f4e4c160d63e421f0d421bcd2d81dc044b720378821ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:09 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
age: 185154
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 5586
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jun 2015 23:53:43 GMT
server: openresty
x-php-version: 7.4
etag: "15d2-518fbc0240fc0"
content-type: image/png
x-cache-hit: HIT
accept-ranges: bytes

GET
H3 200 tags.js Show response
s.tribalfusion.com/real/tags/PoorlyDrawnLinescom/ROS/ Frame 23AE 60 KB
14 KB 174ms
174ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/PoorlyDrawnLinescom/ROS/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/PoorlyDrawnLinescom/ROS/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d4e77da5212f4809528e263008c24546832c2a22957503bb07dcb3b8a33812d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400
content-length: 14322
x-function: 151
last-modified: Wed, 26 Jul 2023 06:51:53 GMT
server: cloudflare
x-reuse-index: 58
etag: 18127143326031140342
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 7fd6a5c418459b4b-FRA
expires: Sun, 27 Aug 2023 20:16:11 GMT

GET
H2 200 pretty_sensitive-1024x890.png
poorlydrawnlines.com/wp-content/uploads/2023/08/ 188 KB
188 KB 1356ms
1356ms Image
image/png 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poorlydrawnlines.com/wp-content/uploads/2023/08/pretty_sensitive-1024x890.png

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

a16fc8c9bca7cb55cddfacf410fa15150bda83e0a09b2cf5cae699fdfef366c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:09 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
age: 185154
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 192236
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Aug 2023 16:22:07 GMT
server: openresty
x-php-version: 7.4
etag: "2eeec-60399834c1bc3"
content-type: image/png
x-cache-hit: HIT
accept-ranges: bytes

GET
H/1.1 200
OK embed.js Show response
poorlydrawnlines.disqus.com/ 78 KB
25 KB 214ms
163ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://poorlydrawnlines.disqus.com/embed.js

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

da349d48ec2a67f341a1a140b68a0abb52a84b000a59c1d8e3f1486458217d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 19:16:11 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 0
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25461

GET
H/1.1 200
OK count.js Show response
poorlydrawnlines.disqus.com/ 1 KB
2 KB 70ms
11ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://poorlydrawnlines.disqus.com/count.js

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.23

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 19:16:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 22
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 25 Aug 2023 23:39:55 GMT
Server: nginx
ETag: "64e93bcb-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: YhA1iSR850R3koAImdFZu0M9khG7m4621xbpPQYrV5G1rleiVD2N7w==

GET
H2 200 comment.png
poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/ 9 KB
9 KB 1355ms
1354ms Image
image/png 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/comment.png

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

e576243e2f67e209fbdb9b0f6d47b9d0572f4e82d5e5eb6d1750ae0e4afb7f93

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:09 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
age: 185153
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 9188
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jun 2015 23:53:40 GMT
server: openresty
x-php-version: 7.4
etag: "23e4-518fbbff64900"
content-type: image/png
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 footer-bg.png
poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/ 21 KB
21 KB 1355ms
1355ms Image
image/png 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/footer-bg.png

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

636118b8849daf391b1b6f29776bb9cfe9b1054d313a650d9fb953ee83fcdabe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:09 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
age: 185153
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 21054
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jun 2015 23:53:41 GMT
server: openresty
x-php-version: 7.4
etag: "523e-518fbc0058b40"
content-type: image/png
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 license.jpg
poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/ 2 KB
2 KB 1354ms
1354ms Image
image/jpeg 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/images/license.jpg

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

152618efa33c7f7cc8a46de6212fcaa9aa0ffd11f47010fdc0ba200783434b71

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLinesResponsive/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:09 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
age: 185153
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 1736
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jun 2015 23:53:42 GMT
server: openresty
x-php-version: 7.4
etag: "6c8-518fbc014cd80"
content-type: image/jpeg
x-cache-hit: HIT
accept-ranges: bytes

GET
H2 200 wp-emoji-release.min.js Show response
poorlydrawnlines.com/wp-includes/js/ 18 KB
5 KB 1351ms
1351ms Script
application/javascript 166.62.109.7
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://poorlydrawnlines.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

166.62.109.7 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

7.109.62.166.host.secureserver.net

Software

openresty /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: YES
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
age: 185153
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 5039
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Aug 2023 12:40:52 GMT
server: openresty
x-php-version: 7.4
etag: "4904-602e15f6bc201;5caa09d2b82c5
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: bytes

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame A94C 238 B
436 B 171ms
171ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a8mYSw0bnc1UBe0aiNPUMEWUM1VWvUnrfxPFbMYTnt3TBd5EvQmEMEXFjaUtjQoAMDpVvmoHfA5TFh3d6N56FJmrYLYV701svV1svymEvT5UUUWUvEV63TPqb0ScUqSHZbr1drwV6vp2GB5XUrIU6Xr2P39QPZbC4HryXHBKpdEo5mBR3sYgUVU9VGj6SmFuUWFQTUrX5UEmVEYtVTF9QanIRsJZcRrAqStrlVcUP5ruonHqO0qep4dvgQsrZavUmIS8vroWPWO6ICN67IsnJk4VUsuO3IWr&mediaDataID=4056396&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/PoorlyDrawnLinescom/ROS/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17b89c69f84a20ef2ddad141b25f23dc60ab0c9ffa50a2f0cd6193a6b63a7637

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fd6a5c4589f9b4b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 27 Aug 2023 19:16:11 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 8

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 63D8 197 B
422 B 667ms
666ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aam01S1c34XG7upEfS5FJUTFBCUPU0PT3QQs3NQd7NYtjxWAMm2cBYYbrZcTAyp2PYgRmbA2WZbsXHJKntZao5AMV4sQbUGUjUsB8S6FOTtFWWrBY3bPqVqQvVaJaSTYZaQcJCPbqxRHMiWcbU4FXmntAm0quu3WUHSVZbZd26JZbmdAyTHQ60b3kXUjk1qIOSFJHUbB5WWB5oFJpQbBmYEJm5abf5Ev4oTFFXFBgTtZbWnmnImc7wmHfJ5EQE3HmNubAJPmEZbNGelyoy4xp6ur9ewwPENpTiVrUEy2tvgvEKVwa&mediaDataID=7665496&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/PoorlyDrawnLinescom/ROS/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be66547db89e948f8ccf942500b61b9cc03c58c9bf2a3505503cd0fa6a413f23

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fd6a5c458ad9b4b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 27 Aug 2023 19:16:12 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 1

GET
H3 200 p.media Show response
s.tribalfusion.com/ Frame 16C1 209 B
428 B 174ms
174ms Document
text/html 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=acm0SRUcbgPP3vTHZbVUrfY5betUaUnWanlQEQGSGbJRriwSdvlWGbS5rXsmWas0qyn4tMFQGrF26BZbotIyTtjaYbU7XrB9XqIMSUJATFBYTtYUnrFrPrJNYqFt3TZbj2TvRmEnKYrJfUtMRmAQKmVUrmHvC2qMf5dIM3PvZaprMEXVfQ1cnV1cfNmT7V2rFVVrnCV6f2RqMYPVvpQtYv1HJrWAMO4svXYbYAUA2r56U7QAMK4WZbOXW3bnW2ouFuVNpZa9ocIWoSafxcnYv8avpmqNYSZbwmQMC2dnEZbN&mediaDataID=6347136&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/PoorlyDrawnLinescom/ROS/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c58c206c1f6bb9cebcc340b541c540ecce06161a0ce73402b0a1b7b4a0fe231

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fd6a5c458ae9b4b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 27 Aug 2023 19:16:11 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 8

GET
H2 200 GINESTA_728_DE.gif
cdnx.tribalfusion.com/media/11544486/ Frame BB6B 56 KB
57 KB 43ms
24ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnx.tribalfusion.com/media/11544486/GINESTA_728_DE.gif
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b5f3049346addca272d028d292b5c8efe677ae89d4293151498386b2b7a6f6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:11 GMT
cf-cache-status: HIT
age: 7050
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400
content-length: 57786
x-function: 301
last-modified: Wed, 09 Aug 2023 11:37:11 GMT
server: cloudflare
etag: 1691581031
vary: Accept-Encoding
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
cf-ray: 7fd6a5c47bfd9c10-FRA
expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1

200
OK

dispatch.fcgi
pgacatalunya1.solution.weborama.fr/fcgi-bin/ Frame BB6B
Redirect Chain

https://pgacatalunya1.solution.weborama.fr/fcgi-bin/dispatch.fcgi?a.A=im&a.si=8541&a.te=1522&a.he=1&a.wi=1&a.hr=p&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_284}&a.ra=24474458
https://pgacatalunya1.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=800383&a.A=im&a.si=8541&a.te=1522&a.he=1&a.wi=1&a.hr=p&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_284}&a.ra=24474458

67 B
483 B

35ms
34ms

Image
image/gif

91.216.195.18
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pgacatalunya1.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=800383&a.A=im&a.si=8541&a.te=1522&a.he=1&a.wi=1&a.hr=p&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_284}&a.ra=24474458
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: HTTP/1.1
Server: 91.216.195.18 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS: std-collect-lb-c03-01-vip.weborama.fr
Software: Apache /
Resource Hash: e1ef44bacf5da572d77131f447646f8c3da2fc7765e90c73a664c69121c71e87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:11 GMT
last-modified: Sun, 27 Aug 2023 19:16:11 GMT
server: Apache
transfer-encoding: chunked
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:11 GMT
last-modified: Sun, 27 Aug 2023 19:16:11 GMT
server: Apache
transfer-encoding: chunked
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
location: https://pgacatalunya1.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=800383&a.A=im&a.si=8541&a.te=1522&a.he=1&a.wi=1&a.hr=p&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_284}&a.ra=24474458
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame EF21 11 KB
5 KB 94ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B30340838.373555316;dc_ver=96.284;sz=320x50;u_sd=1;dc_adk=3926633700;ord=iu9ht7;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa4m5LZdprMZa0GnUXcv51VjupT7T2FrSWFFAUAv0RqMXQVZbrPH7w0W7uV6MM3sQ20b3DUm2n4AU6R6ZbG2dUr0WBJmW6N4PYR5cjeUVJ8UcbfR6FuWdvQUFF02r6uWqrmWTvbSaBJQc3IPbIvRWrlWGbU2repmWqq0qmx3tvBPcJZa4mUIpdINUH3f0bvdYbYj0TqtPbUZbUFUSVdQYnbJuPUBNYTYy4T7c4ajXmTBFXbFgTH7Tn63LmG7qpdUA5qnj2HZaq56ZbGprbE0GfRvDuZbNRiNSF27nDPDTbjhWm7Tt724m9iqttTKN8T5wbEV1PT7tqeyv7Jbs7eWvQYC2tPhrm63nHZaJxmleWZd%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=0,https%3A%2F%2Fpoorlydrawnlines.com%2F$0;xdt=0;crlt=jWC.t1K2WC;stc=1;chaa=1;sttr=38;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 04:29:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Sep 2023 04:29:15 GMT

GET
H/1.1 200
OK dvbm.js Show response
cdn.doubleverify.com/ Frame EF21 428 KB
101 KB 76ms
18ms Script
application/javascript 2a02:26f0:480:9::210:ee05
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbm.js
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1153793.3739983VDX.TV/B30340838.373555316;dc_ver=96.284;sz=320x50;u_sd=1;dc_adk=3926633700;ord=iu9ht7;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2Fa4m5LZdprMZa0GnUXcv51VjupT7T2FrSWFFAUAv0RqMXQVZbrPH7w0W7uV6MM3sQ20b3DUm2n4AU6R6ZbG2dUr0WBJmW6N4PYR5cjeUVJ8UcbfR6FuWdvQUFF02r6uWqrmWTvbSaBJQc3IPbIvRWrlWGbU2repmWqq0qmx3tvBPcJZa4mUIpdINUH3f0bvdYbYj0TqtPbUZbUFUSVdQYnbJuPUBNYTYy4T7c4ajXmTBFXbFgTH7Tn63LmG7qpdUA5qnj2HZaq56ZbGprbE0GfRvDuZbNRiNSF27nDPDTbjhWm7Tt724m9iqttTKN8T5wbEV1PT7tqeyv7Jbs7eWvQYC2tPhrm63nHZaJxmleWZd%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=0,https%3A%2F%2Fpoorlydrawnlines.com%2F$0;xdt=0;crlt=jWC.t1K2WC;stc=1;chaa=1;sttr=38;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee05 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 7bd887208f90811f69029f99399a0740203702cc1cad617faf33f8b8dd62c475

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 19:16:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Aug 2023 08:01:59 GMT
Server: UploadServer
ETag: "c2cbb3f5444a791f1cabd6c980f8bfcb"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=900,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103235
Expires: Thu, 24 Aug 2023 08:18:24 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame EF21 111 KB
39 KB 586ms
17ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 16:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Aug 2023 16:19:52 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EF21 41 KB
14 KB 79ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 142496
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 03:41:15 GMT

GET
H2

200

i.match
a.tribalfusion.com/ Frame 6FBC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662105688055635&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662105688055635&C=1
https://a.tribalfusion.com/i.match?p=b20&u=ZOug.2PsnAB7YeMeCeibegAA

43 B
578 B

187ms
187ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b20&u=ZOug.2PsnAB7YeMeCeibegAA
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a6m0xQ3sr8VcQcUsbhRPUxWdnPTrJ02bauWaUwVE3aSTQKRsjZdPburStY7WcrW2FqvotirXqew4tjFQVbZa4PrIpdasTdBh0rUkXbYk1qqtPbrGUFU2WtrWmFQmRUjt1q3y5EYc4aMRmaMCYrj8TWJWoAvKmsQomWQK5TZbh5teN5PvZbprQEYcQRYVZb41cvxnavR2rZbTTrfGVmU0PEf3QVMmPWZbvYtBrWPnm3Gn0YbUKUPiw2PZbeR67l2dZbOMouZdP8Mxv6AhuSPEsWTUm92CqFMYM9Zauns7hmITFZb2&mediaDataID=6530936&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:12 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fd6a5c62f1d9c10-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgK4RDomIkB3i17OVLDb5v4SDnn8b1fwtdRrUBVG62qTqZa4zuXu%2BRB2NKhOzKSh6qBGKHbvtKz0EbH%2F3wV7AD%2BHNT9hdPaDNwNFLOKiGTpwKvotPsPzQ1iNwfNLLdn2oEloS2AN5SbNHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://a.tribalfusion.com/i.match?p=b20&u=ZOug.2PsnAB7YeMeCeibegAA
cache-control: no-cache
cf-ray: 7fd6a5c5fcf71c9f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame A1F2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b24&u=18072662105688055635&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662105688055635

0
122 B

83ms
25ms

Image
text/plain

188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662105688055635

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a5m1h3VWJ90bnd1FJl0qAqPbFHTrMYWHnWmbfuPF7r1EUp4qff4q74naFFYFF7WHf0oPnLnG7pmW7D3T373WZan4AFZanFnE0VU0XVF11VvxpTFV3bvSVbZbZcWm75REMXSVUMQdYt1tbuVPbv2sv4YFvZaVmyn56M6RmFJ4HZbrXWYAnt2v36rY3Gn8Vsn6VGMeR6FNTHZbUWFbX2UesWq7rVav8PqYJQVfZdQFiwStQ9VcMV5b6xodqO0qqV2WbZds9ZaDOreZcTdYDmCXZawmAKu6PHMDQrqmukqa2hnoetV6fPuQy1MHYHALF61c&mediaDataID=8039566&mediaName=frame.html

Protocol

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-rmgqd
date: Sun, 27 Aug 2023 19:16:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:11 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 525
content-type: text/html
location: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662105688055635
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fd6a5c55d959c10-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame 2C3F
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662105688055635&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662105688055635&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://a.tribalfusion.com/i.match?p=b13&u=69095979533401661190874260761253783259

43 B
733 B

184ms
184ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b13&u=69095979533401661190874260761253783259
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=acm0pPUcbgPP3MUWJVTbZbY5baqVE7oWEnlQEvGSGFJRresSd37WGbS5rXsmWas0qyn4tMFQGrF26BZbotIyTtjaYbUaYbQ9XqIMSUJATFBYTtY1nrjoPUJNYaJm3abc2T74mTjGXrbfUWf1mPfLpsfootfC5EUf2dim46FGnrvLYGvXXsJTXG7nnEvT5UY2WbnAVPQWPEY2ScUsStbuYdfxVmry3Vv30bMIUmXt4AMeQmJF2tBm1WMZdntIO36BY3sjgTWjcUcyHtEuNo9PMWoaOw6JV1HnCPelist&mediaDataID=5578346&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:12 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fd6a5c6ccd49b4b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v050-0e4ebe0ec.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: UknW358XSuw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://a.tribalfusion.com/i.match?p=b13&u=69095979533401661190874260761253783259
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1137
Redirect Chain

https://a.tribalfusion.com/i.match?p=b10&u=18072662105688055635&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662105688055635&expires=180

0
239 B

77ms
14ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662105688055635&expires=180
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=abm01S1UBhXairRbnATFZb0Ttn0mbBoQFZbNYTMO5EBl2an3nqBFYbUbTtFUmmvIpGrumWnD3EZbe5duq5PfGnUYLYGUPYVJVXVFnmavS2FFVTF7CW6U4PTYQQVZbsStZbyYH7uVmfn2s3UXbZbJTmTn5AvdR6jB3dMtXHvDpt2u36YY5cj7VcMjVsBgSmvxTHFWUFM22FTmUErnWaM7QTZbJSc7ZdQU6rPHY7Vcn25rPqnWisYTep4dbZdSGff4AJHUC7prRm8NbetuAZaBN7UXVRXfoPAnpcTZdR6qS2cfFT52V0L&mediaDataID=5436426&mediaName=frame.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:11 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 337
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662105688055635&expires=180
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fd6a5c54d929c10-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame EB34 43 B
304 B 78ms
24ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aam0xQ1c34XG7wpEjR5FJUTFFDUPvYQE3QQsrNQdBNYtftWAYN2cBYYbrZcTAyo2PYgRmbA2WZbsXHJKntZao5AMV4sQ6TVvjUsB8S6FOTtFWWrB13rarUaQvVaJaSTYZaQcJCPbqxRHMiWcbU4FXmntAm0quu3WUHSVZbZd26JZbmdAyTHQ60b3kXr7i1EZaOSFJHUbB5WWB5oFJpQbBmYEJm5abf5Ev4oTFFXFBgTtZbWnmnImc7wmHfJ5EQE3HmNubAJPmEZbNGekvSypmtaJVQXNxAMtNBuhpDMlxJaM1p&mediaDataID=6546596&mediaName=frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:11 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame 70B7
Redirect Chain

https://tags.bluekai.com/site/4229?id=18072662105688055635&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

43 B
739 B

182ms
182ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a8mXLt0bnc1UBf0EAOSFBEWUQXWHM1oFfxPFZbMYTQt3TFh5E35mEMEXFjaUtjQoAMDpVvmoHfA5TFh3d6N56FJmrYZcXsU01svV1svymEvT5UQTVbbEW63TPqb0ScUqSHZbr1drwV6vp2GB5XUrIU6Xr2P39QPZbC4HryXHBKpdEo5mBR3sYgTGvdWcZbgSmFuUWFQTUrX5UEmVEYtVTF9QanIRsJZcRrAqStrlVcUP5ruonHqO0qep4dvgQsrZavUmIS8vroWPROQPAtPABVWeGuNnxpF&mediaDataID=2713736&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:12 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fd6a5c6ac8d9b4b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
date: Sun, 27 Aug 2023 19:16:11 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 5458
Redirect Chain

https://a.tribalfusion.com/i.match?p=b22&u=18072662105688055635&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662105688055635

0
338 B

351ms
33ms

Image
text/plain

34.252.154.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662105688055635
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=admX9qXG7vpT7T3rnWWFJHUAUVQqj0QsrMQdjs1djpT6ry3VMXXFZbZdUATt4637R6fI4HUr0WBJptTu5mQY5VQbUcrdWs78PAvoTWFPTbM05b6pVqMqWarlQaBZcQVJLRF6vRWjkWVv54r6nmdZaqYa2y4drEPsFE26nEmtXsVWJhXrfb1Uj91EusSbrATrBYVHJ1nUYpRbjsXqno5TYe4TQ5nqbE1rjaTtf1nmYZcmsvppdfJ5EZb75ti15mvGVP2LvDISOcEcw8AoMdbbPhjltP&mediaDataID=6807466&mediaName=frame.html
Protocol: H2
Server: 34.252.154.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-154-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: beacon-n023-dub-prod.krxd.net
date: Sun, 27 Aug 2023 19:16:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1693163772
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:11 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 1648
content-type: text/html
location: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662105688055635
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fd6a5c55db19c10-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET partner
sync.search.spotxchange.com/ Frame 2D2D 0
0

GET
H3 200 displayAd.js Show response
s.tribalfusion.com/ Frame 23AE 678 B
593 B 170ms
167ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.9&th=6095664336
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/PoorlyDrawnLinescom/ROS/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b31ec22f2e82a694620c949a99dadaf7bce4401a61fb9e2cb29a955a002d097d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 153
last-modified: Wed, 26 Jul 2023 06:51:38 GMT
server: cloudflare
x-reuse-index: 8
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private
cf-ray: 7fd6a5c57a3a9b4b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 331
expires: Sat, 25 Nov 2023 19:16:11 GMT

GET
H3

200

i.match
a.tribalfusion.com/ Frame BBD0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726621056...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726621056...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662105688055635&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
https://a.tribalfusion.com/i.match?p=b11&u=9C5FB2C1-712A-402D-8ADC-0BA5CAFF932E

43 B
749 B

186ms
185ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b11&u=9C5FB2C1-712A-402D-8ADC-0BA5CAFF932E
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aem09TXairPbQHUFr0WWr4orbuQr7nXqMy5Ejd4qrYoTjHXUfaUWMTnmQZansnomHML5TUh3tmt3PnZanbrEXcUUXcv20V7npEF42bFQWUnEUA35QT35QGnMQHUNYt7nTPMp2cZbWXUQDTAim4Pr9QmJF4W3q1dnIptan3mBS3srgTsJcUcJ8SmruWtrRTUM03U2qVTbnTaQdParLSV3ZcPFIqSdv6UV3R5rqunWEmYEmw3HbZdSGrZa2mU8oWXypoeav6IdOUXuxn71snqlnT2hnoetV6fPuQy1MHYH4RXrna&mediaDataID=6719746&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:12 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fd6a5c6ccce9b4b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b11&u=9C5FB2C1-712A-402D-8ADC-0BA5CAFF932E
date: Sun, 27 Aug 2023 19:16:11 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

i.match
a.tribalfusion.com/ Frame A94C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662105688055635
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEJSP-nyuNHIrejsnDyT-0xo&google_cver=1&google_ula=2786954,0

43 B
553 B

195ms
195ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEJSP-nyuNHIrejsnDyT-0xo&google_cver=1&google_ula=2786954,0
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a8mYSw0bnc1UBe0aiNPUMEWUM1VWvUnrfxPFbMYTnt3TBd5EvQmEMEXFjaUtjQoAMDpVvmoHfA5TFh3d6N56FJmrYLYV701svV1svymEvT5UUUWUvEV63TPqb0ScUqSHZbr1drwV6vp2GB5XUrIU6Xr2P39QPZbC4HryXHBKpdEo5mBR3sYgUVU9VGj6SmFuUWFQTUrX5UEmVEYtVTF9QanIRsJZcRrAqStrlVcUP5ruonHqO0qep4dvgQsrZavUmIS8vroWPWO6ICN67IsnJk4VUsuO3IWr&mediaDataID=4056396&mediaName=frame.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:12 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fd6a5c64f6b9c10-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEJSP-nyuNHIrejsnDyT-0xo&google_cver=1&google_ula=2786954,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/57628/ Frame 16C1 0
125 B 502ms
26ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662105688055635&_origin=1&redir=true

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=acm0SRUcbgPP3vTHZbVUrfY5betUaUnWanlQEQGSGbJRriwSdvlWGbS5rXsmWas0qyn4tMFQGrF26BZbotIyTtjaYbU7XrB9XqIMSUJATFBYTtYUnrFrPrJNYqFt3TZbj2TvRmEnKYrJfUtMRmAQKmVUrmHvC2qMf5dIM3PvZaprMEXVfQ1cnV1cfNmT7V2rFVVrnCV6f2RqMYPVvpQtYv1HJrWAMO4svXYbYAUA2r56U7QAMK4WZbOXW3bnW2ouFuVNpZa9ocIWoSafxcnYv8avpmqNYSZbwmQMC2dnEZbN&mediaDataID=6347136&mediaName=frame.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8BE4 22 KB
8 KB 22ms
20ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 45866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 06:31:45 GMT
expires: Mon, 26 Aug 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame EF21 8 KB
4 KB 166ms
34ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?ctx=3758893&cmp=30340838&sid=6596925&plc=373555316&crt=196748807&advid=12325410&adsrv=1&mon=1&blk=1&dvp_cawf=crtwrp&cm360cw=1&unit=320x50&adid=&app=&dup=&gmnpo=&isdvvid=&supplySource=&tagtype=&aUrlD=0&brid=3&bridua=3&brver=116.0.5845.110&brh=2&vavbkt=&lvvn=28&fcifrms=12&winh=0&winw=0&chro=1&noc=4&wouh=1200&wouw=1600&htmlmsging=1&refD=1&scah=1200&scaw=1600&jsver=4555&uid=1693163771813473&srcurlD=0&ttfrms=43&num=6&dvp_isOnHead=0&flvr=1&ver=4555&jsCallback=__verify_callback_1693163771813473&jsTagObjCallback=__tagObject_callback_1693163771813473&ssl=1&prndr=1&dvf=&m1=13&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=8198618774.315697&dvp_tukv=4393537968.078374&eparams=DC4FC%3Dl9EEADTbpTauTauA%40%40C%3DJ5C2H%3F%3D%3A%3F6D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauA%40%40C%3DJ5C2H%3F%3D%3A%3F6D%5D4%40%3ETar9EEADTbpTauTau25%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&referrer=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN1153793.3739983VDX.TV%2FB30340838.373555316%3Bdc_ver%3D96.284%3Bsz%3D320x50%3Bu_sd%3D1%3Bdc_adk%3D3926633700%3Bord%3Diu9ht7%3Bclick%3Dhttps%253A%252F%252Fs.tribalfusion.com%252Fh.click%252Fa4m5LZdprMZa0GnUXcv51VjupT7T2FrSWFFAUAv0RqMXQVZbrPH7w0W7uV6MM3sQ20b3DUm2n4AU6R6ZbG2dUr0WBJmW6N4PYR5cjeUVJ8UcbfR6FuWdvQUFF02r6uWqrmWTvbSaBJQc3IPbIvRWrlWGbU2repmWqq0qmx3tvBPcJZa4mUIpdINUH3f0bvdYbYj0TqtPbUZbUFUSVdQYnbJuPUBNYTYy4T7c4ajXmTBFXbFgTH7Tn63LmG7qpdUA5qnj2HZaq56ZbGprbE0GfRvDuZbNRiNSF27nDPDTbjhWm7Tt724m9iqttTKN8T5wbEV1PT7tqeyv7Jbs7eWvQYC2tPhrm63nHZaJxmleWZd%252F%3Buach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%3Bdc_rfl%3D0%2Chttps%253A%252F%252Fpoorlydrawnlines.com%252F%240%3Bxdt%3D0%3Bcrlt%3DjWC.t1K2WC%3Bstc%3D1%3Bchaa%3D1%3Bsttr%3D38%3Bprcl%3Ds
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: d71c2c5ea716263eac5553685cbefaec7c8a61751e753a06449039c2655a1843

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Aug 2023 19:16:11 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 08/26/2023 19:16:11

GET
H2 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BE4 37 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 19:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Aug 2024 19:00:29 GMT

GET
H3 200 j.ad Show response
s.tribalfusion.com/ Frame 23AE 3 KB
2 KB 173ms
172ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=6095664336&tagKey=2682756367&loaderVer=0.1&site=poorlydrawnlinescom&adSpace=ros&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=160x600&busted=1&url=https%3A%2F%2Fpoorlydrawnlines.com%2F&f=0&p=3692221&tKey=aymneMnP3ZcncjrpHUG3TYiQEiFSHYRbQ&a=5&adContainerId=richmedia_6&rnd=3694453
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/PoorlyDrawnLinescom/ROS/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfa851ec194a49851f9d42650c64df658e8ec4a2d5299f4cc841bfec9f32645d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 101
server: cloudflare
x-reuse-index: 8
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 7fd6a5c68c709b4b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1771
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BE4 0
20 B 219ms
218ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzYm_-6DrZLyKJeGe9u8Pira5yAQAAAAAOAHgBAI&bg=!JCelJ2jNAAYkVgHwBFY7ADQBe5WfOETJf-uyYoBVwNLj35TMQ0W1S7Oh_XZOExGlemYh8_wdtiC0VSmorSXT4FXurOyfAgAAAFhSAAAACGgBBwoAaLVUs8vE5dFBerQ_a13sz7c9se3TvmtpL-YtEpcz1qLHKlC0U9l-3sqBetOrfK45SmCdXqh9YzXMDmMfPNGzgoVOoy7S17Q92nJM1Pdq-4oZ1022INgkUg3MBZyxT9EX8ExJx7Qj6M-QmQLmGCv9PDWAc3BIGsaq5Mx3sAZsNIy3ZjCRoiQxGLOUoIyy4JNW5NWCy_im5jDSehPXI0XQRXqrrrCaAe6rt58vdgY7gxdccRDjBe6aE5iHPBkwqcwNxq_QJdDeXm13ZuNUzwI_zDMdUWG7VW0Uxf-lFdWM63tF7KoBxxWRVB976AO4sKoic2avU9i_5tThkXjVz7GoZrTt-n6xXgIL_Nv4DYzV2i_Il6qoC9EU3wjOF-Ln5237t9GtHR8g8UR2qixRY6Lm9crWn3NGXgQ-9uGWBMcWk1gq8RYfsNAzJ0CmPBHDoXeBd6DiQfIq0HaC9-lzilKleD513EZA1Hr1k2I2U_kOCEffmclml4MFRaiPaeM2PMswlQblFLUrbKgBLnETxwcVjlcuU0vR6sgqlhtPdfhtyutA_Vao2IArULEXMzr329Hv_oAe-t9eU6C3usLQ0KvMw7WiNnPtg2GTcR0_OeP3vxbZXUN8o4qzVxdgiCrJhq08-S7lbePp86Z8fNhr_KQn8FAQ7SF60XOk26UMM_MGrWn_vmZeYH9hjEJoyTod6Q7JZxReJ3TaOv6X8Z85dmjDwtYYGsVU24PNbpNpOUAuDpv8-VLOr9Q43E25x7ictkujFAJqiIyXhjn2lEaLWClEOfqkrJanZe90R8Rhdvqo4u1QggDUX5-luOGdjg4lMp4hyLk1tnwUzo5oCbpQjeaQzPF1yAAiKxM-CgthCG0gNqreNYWyJ-pndR75hYnFFA9xbPJQShEYAx2lodylpvcljKkzJnPRH8KafLHXiUxG_lN4iN3qlnfb-tHJ71_1kvQgbr0MK1UwxnOBpGiMnXh_3TnJINvFTzmNH92NVKThFE9EVqOlgP0ZHPQg5QS2EU7kUX_t_oQFaOl_1zvN83nWnjXXefxtixUAvCwAgM4_RzvpIazciuOuGiaVQtAOcfGUBVYIq-_jc8OIS0ySWdQAWtF4xfquhNrpx9fmfGQ_d8tYVw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated Show response
/ Frame 0D00 350 B
350 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cab1ba33f149def0830604c53d942d5c8d88b4e3046b7bb612e6450a31cfa3a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EF21 0
482 B 301ms
54ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrYpZfeb76EzMBMaDkGO3E7vhtsx-TjlpoYtcb0yKUyrQekzBpUuor25XGPNKshFm62abzqd-N9ETV8zig36Ap0RNUweDqO-8d56486TBj5J09hOAopJBI2RDyC7mWXXOgW5LXFc2fWCGmLGk2Ik60X5Or3w&sai=AMfl-YSPytxFnq0iADKVIWMD7KzRi9QYrumLg7jQnN45VbvJIfdi1tclt75ogA1Ssr1pVshCvMY1uL0q0gGSnk0&sig=Cg0ArKJSzG5OI8U95hl8EAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 tf_adChoice11.js Show response
cdnx.tribalfusion.com/media/common/adChoice/ Frame 23AE 4 KB
1 KB 28ms
27ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnx.tribalfusion.com/media/common/adChoice/tf_adChoice11.js
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
content-encoding: gzip
cf-cache-status: HIT
x-function: 301
last-modified: Tue, 11 Apr 2023 06:26:26 GMT
server: cloudflare
age: 570
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: public
cf-ray: 7fd6a5c7ae049b4b-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 23AE 16 KB
7 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/PoorlyDrawnLinescom/ROS/tags.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 18:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Wed, 24 May 2023 18:59:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 27 Aug 2023 19:45:41 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 30AA 29 KB
7 KB 155ms
111ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=poorlydrawnlines&t_i=8968&t_u=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&t_d=Poorly%20Drawn%20Lines&t_t=Poorly%20Drawn%20Lines&s_o=default

Requested by

Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

07fe727e35e8d33331dd43899c06ad7ba61384e62dda70f565aab19c750d74f5

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 6086
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 27 Aug 2023 19:16:12 GMT
ETag: W/"lounge:view:9825632585.3b4115898bf93799e35c6f71926dfd8b.2"
Last-Modified: Sun, 27 Aug 2023 17:05:40 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/google/ 30 KB
10 KB 252ms
134ms XHR
text/html 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/google/?position=top&shortname=poorlydrawnlines&experiment=prebidbidisrequired&variant=active&service=dynamic&anchorColor=%231e81a8&colorScheme=light&sourceUrl=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&typeface=sans-serif&disqus_version=current
Requested by: Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 985016178b37a675a29c6115e9d2484676defc4bb0160472e1b29673e7a586c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 19:16:12 GMT
Content-Encoding: gzip
Server: openresty
Vary: Accept-Encoding,
transfer-encoding: chunked
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/google/ 30 KB
10 KB 247ms
134ms XHR
text/html 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/google/?position=bottom&shortname=poorlydrawnlines&experiment=prebidbidisrequired&variant=active&service=dynamic&anchorColor=%231e81a8&colorScheme=light&sourceUrl=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&typeface=sans-serif&disqus_version=current
Requested by: Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 8fbfaeef2ae4db303bab159893d2cea826d7f60cb92d6f07565645ecedb0cb6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 19:16:12 GMT
Content-Encoding: gzip
Server: openresty
Vary: Accept-Encoding,
transfer-encoding: chunked
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 207ms
103ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=2st927r3m4gdlp&experiment=prebidbidisrequired&variant=active&service=dynamic&area=top&product=embed&forum=poorlydrawnlines&zone=thread&version=d3a7e0f9d834ec1287136e3d51e7ef82&page_url=https%3A%2F%2Fpoorlydrawnlines.com%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Aprebidbidisrequired%3Aactive&section=default&verb=call&adjective=1&forum_id=763908

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 19:16:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 202ms
97ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=2st927r3m4gdlp&experiment=prebidbidisrequired&variant=active&service=dynamic&area=bottom&product=embed&forum=poorlydrawnlines&zone=thread&version=d3a7e0f9d834ec1287136e3d51e7ef82&page_url=https%3A%2F%2Fpoorlydrawnlines.com%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Aprebidbidisrequired%3Aactive&section=default&verb=call&adjective=1&forum_id=763908

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 19:16:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3 200 impl_v96.js Show response
www.googletagservices.com/dcm/ Frame 23AE 49 KB
20 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v96.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 03:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20157
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:41:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 03:46:26 GMT

GET
H2 200 DV_GlobalPassback_Update_320x50.jpg
cdn.pathtosuccess.global/ Frame 0D00 27 KB
27 KB 159ms
23ms Image
image/jpeg 2600:9000:248d:b600:19:8ca6:3640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathtosuccess.global/DV_GlobalPassback_Update_320x50.jpg
Requested by: Host: text
URL: data:text/html,%0A%20%20%20%20%20%20%3Chtml%20style%3D%22margin%3A0%3B%20padding%3A0%3B%20overflow%3Ahidden%3B%22%3E%0A%20%20%20%20%20%20%20%20%3Chead%3E%3C%2Fhead%3E%0A%20%20%20%20%20%20%20%20%3Cbody%20style%3D%22margin%3A0%3B%20padding%3A0%3B%20overflow%3Ahidden%3B%22%3E%0A%20%20%20%20%20%20%20%20%20%20%3Ca%20href%3D%22https%3A%2F%2Fwww.pathtosuccess.global%22%20target%3D%22_blank%22%3E%3Cimg%20src%3D%22https%3A%2F%2Fcdn.pathtosuccess.global%2FDV_GlobalPassback_Update_320x50.jpg%22%20width%3D%22320%22%20height%3D%2250%22%3E%3C%2Fa%3E%0A%20%20%20%20%20%20%20%20%3C%2Fbody%3E%0A%20%20%20%20%20%20%3C%2Fhtml%3E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:248d:b600:19:8ca6:3640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63e0adc4f283366ae0bfdf58d1ff7d58125eadeacd8e679b2f6ca4656ca5df57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 05:00:13 GMT
via: 1.1 fbc6f7f05a31b293d8eb3d08c7baf01c.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2023 17:51:37 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-P2
age: 51360
x-amz-server-side-encryption: AES256
etag: "007aa86c8b2c62e61418c24617cbd917"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 27247
x-amz-cf-id: 5R3IfMgUzgz_jp2FfKzbFhX-X4S4ww8EnP0CLSDyzGf3MfAkw3QP7g==

GET
H3

200

i.match
a.tribalfusion.com/ Frame 63D8
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662105688055635
https://a.tribalfusion.com/i.match?p=b23&u=219813204621004426659

43 B
770 B

177ms
177ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b23&u=219813204621004426659
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aam01S1c34XG7upEfS5FJUTFBCUPU0PT3QQs3NQd7NYtjxWAMm2cBYYbrZcTAyp2PYgRmbA2WZbsXHJKntZao5AMV4sQbUGUjUsB8S6FOTtFWWrBY3bPqVqQvVaJaSTYZaQcJCPbqxRHMiWcbU4FXmntAm0quu3WUHSVZbZd26JZbmdAyTHQ60b3kXUjk1qIOSFJHUbB5WWB5oFJpQbBmYEJm5abf5Ev4oTFFXFBgTtZbWnmnImc7wmHfJ5EQE3HmNubAJPmEZbNGelyoy4xp6ur9ewwPENpTiVrUEy2tvgvEKVwa&mediaDataID=7665496&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:12 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fd6a5c958bf9b4b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:12 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://a.tribalfusion.com/i.match?p=b23&u=219813204621004426659
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 B28402876.344985555;dc_ver=96.284;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=4266213722;ord=2l3881;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaUm7yv5EUf5ten4AjEnrrZb0GnPYsYY0cnOpT7V5b3QVrnHUm... Show response
ad.doubleclick.net/ddm/adi/N1820114.1141592EXPONENTIAL.COM/ Frame 32D9 63 KB
30 KB 60ms
59ms Document
text/html 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1820114.1141592EXPONENTIAL.COM/B28402876.344985555;dc_ver=96.284;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=4266213722;ord=2l3881;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaUm7yv5EUf5ten4AjEnrrZb0GnPYsYY0cnOpT7V5b3QVrnHUmU4RqMQQcUpPtFyYd7uTPvu2GY30UBITAmm4PZb7QPBG3HrrXHBCmW2M36YR5Gj6Vcr6VsrlSAvoUd3TTr7S5U2qUE7oWTvlQEUGSGQIRFmnRt7dUVMW5UyrnHIOXqqy3drZbPVvZc2mQKoWXnTdZbhXUfb1UBgXaitRUvGUrv4TtQ2or7sRFbMYTUp4qji2TQYnTJFYbbfTWJWm6bZcmG3roWME5EZb75tmN5EifYAyZbvo7OqQ2ZdpsMwsqb45P6otnAgtb7TNDyJvQqavmTdo6uivWPdnBXjsae0xtI5pWq2WGAQ1mm63tYZbnVuuSS38tJPsRN%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fpoorlydrawnlines.com%2F$0;xdt=0;crlt=jWC.t1K2WC;stc=1;chaa=1;sttr=37;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f6.1e100.net

Software

cafe /

Resource Hash

c6d6387482d3f3181d446cc28811da21e602dad4e778424b3c365bd4cb1f0045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://poorlydrawnlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 30271
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 19:16:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame 32D9 11 KB
4 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1820114.1141592EXPONENTIAL.COM/B28402876.344985555;dc_ver=96.284;dc_eid=40004001;sz=160x600;u_sd=1;dc_adk=4266213722;ord=2l3881;click=https%3A%2F%2Fs.tribalfusion.com%2Fh.click%2FaUm7yv5EUf5ten4AjEnrrZb0GnPYsYY0cnOpT7V5b3QVrnHUmU4RqMQQcUpPtFyYd7uTPvu2GY30UBITAmm4PZb7QPBG3HrrXHBCmW2M36YR5Gj6Vcr6VsrlSAvoUd3TTr7S5U2qUE7oWTvlQEUGSGQIRFmnRt7dUVMW5UyrnHIOXqqy3drZbPVvZc2mQKoWXnTdZbhXUfb1UBgXaitRUvGUrv4TtQ2or7sRFbMYTUp4qji2TQYnTJFYbbfTWJWm6bZcmG3roWME5EZb75tmN5EifYAyZbvo7OqQ2ZdpsMwsqb45P6otnAgtb7TNDyJvQqavmTdo6uivWPdnBXjsae0xtI5pWq2WGAQ1mm63tYZbnVuuSS38tJPsRN%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fpoorlydrawnlines.com%2F$0;xdt=0;crlt=jWC.t1K2WC;stc=1;chaa=1;sttr=37;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 04:29:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Sep 2023 04:29:15 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 32D9 111 KB
39 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 16:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Aug 2023 16:19:52 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 32D9 41 KB
13 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 142497
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 03:41:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 32D9 181 KB
56 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Aug 2023 19:16:12 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10366604321134229268/ Frame 220A 6 KB
2 KB 79ms
15ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10366604321134229268/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f582db822630f25692a7b870c732863f6af13d34496e240e88cc0ce8371237b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 165887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2317
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 21:11:25 GMT
expires: Sat, 24 Aug 2024 21:11:25 GMT
last-modified: Thu, 10 Aug 2023 08:44:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 32D9 0
0 100ms
56ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3ihcF2JGVB8430xHeYlQsSsrhi7TU9znuo2ChVNUL7KR0qqstZSIvn_LQoMdYbvzDLkQ3gMKw83FCg3khPgzCXyCdoeDEQh_VMKE78vVFKeCsxPTK7WQyU51MY1vQfNeg3bYJJoZhIM2lBnbb0vm-p-SJCKcbfsNcEQh-MNEWSFkx97U&sai=AMfl-YQKGLQHdpufC0tfMLIqnNBSvr7lSSHpqxUhP3X_X6J-UE8BPjB8flK2sTrMLOaha69_REy2zzhft_UDEwalTYmwnZyXg5Y_3bgKSg&sig=Cg0ArKJSzKMxge24iqZaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=29&cbvp=1&cstd=25&cisv=r20230823.96914&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Aug 2023 19:16:12 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158685/2513/ Frame B133 250 KB
76 KB 80ms
26ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Requested by: Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 463b290a37f3ac335b268869dd06f1be957c52e9edbc6f8310160d9d1286b4c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:27:00 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=161230
accept-ranges: bytes
content-length: 77843
expires: Tue, 29 Aug 2023 16:03:22 GMT

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/ Frame B133 12 KB
3 KB 64ms
17ms Script
text/javascript 108.138.36.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/launchpad-liveramp.js
Requested by: Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-50.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 489e5151a8058d85bf4291c373844409ca756250b61146e317b1816ee37521c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 17:15:09 GMT
x-amz-version-id: 2pf2a8XksqUp5cUMCEG83NNN2a5lYEyn
content-encoding: gzip
via: 1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 7264
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Tue, 25 Jul 2023 20:35:28 GMT
server: AmazonS3
etag: W/"cd747230cce5004ac407a6dfeeb75b7b"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: A7KZSgVggX2WhQRBdT9UDBdriXR2C11CeNImLIgnAPXq4FKNvmar6A==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B133 97 KB
29 KB 155ms
84ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbb734a0862421fd3576acc8502b6c3e2adceb9b3a0509b7a64cab2def7b23b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28767
x-xss-protection: 0
server: cafe
etag: 710 / 19596 / 31077354 / config-hash: 7028521147000579048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 19:16:12 GMT

GET
H2 200 prebid.7.52.0.js Show response
s.disquscdn.com/prebid/ Frame B133 394 KB
395 KB 100ms
21ms Script
application/javascript 2600:9000:26da:6c00:d:6d12:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.disquscdn.com/prebid/prebid.7.52.0.js
Requested by: Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:6c00:d:6d12:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9dfa109f21f859ef24892669441b88c483f178791604bd4b93152c8c194b535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: hXO4Z5UXHJIjTrFkC0u.4WHYnUscsR5T
date: Sun, 27 Aug 2023 07:08:51 GMT
via: 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 09:46:56 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 43643
x-amz-server-side-encryption: AES256
etag: "ada611cd90e168d7190f9984a125d0d6"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 403760
x-amz-cf-id: UckFeUB2-65DKfuhpXlHTIuet_X-r6D-jOLZ1v_FWpIj9ESr3gGm3g==

GET
H2 451 711970.gif
id.rlcdn.com/ Frame B133 0
98 B 80ms
22ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711970.gif
Requested by: Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158685/2513/ Frame 9CC6 250 KB
76 KB 56ms
9ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Requested by: Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 463b290a37f3ac335b268869dd06f1be957c52e9edbc6f8310160d9d1286b4c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:27:00 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=161230
accept-ranges: bytes
content-length: 77843
expires: Tue, 29 Aug 2023 16:03:22 GMT

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/ Frame 9CC6 12 KB
3 KB 58ms
18ms Script
text/javascript 108.138.36.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/launchpad-liveramp.js
Requested by: Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-50.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 489e5151a8058d85bf4291c373844409ca756250b61146e317b1816ee37521c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 17:15:09 GMT
x-amz-version-id: 2pf2a8XksqUp5cUMCEG83NNN2a5lYEyn
content-encoding: gzip
via: 1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 7264
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Tue, 25 Jul 2023 20:35:28 GMT
server: AmazonS3
etag: W/"cd747230cce5004ac407a6dfeeb75b7b"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: dUWPUzQordoGGY9SC4FKWMB4JFKrVr0z8gjZt1Rh9grj5pRtr5RUNg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 9CC6 97 KB
28 KB 248ms
183ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29aae3c802f036e18807477b23438c1e6b6c0c8ad85e6fb47ffa6bacaec7f82b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28767
x-xss-protection: 0
server: cafe
etag: 708 / 19596 / 31077354 / config-hash: 7028521147000579048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 27 Aug 2023 19:16:12 GMT

GET
H2 200 prebid.7.52.0.js Show response
s.disquscdn.com/prebid/ Frame 9CC6 394 KB
395 KB 171ms
98ms Script
application/javascript 2600:9000:26da:6c00:d:6d12:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.disquscdn.com/prebid/prebid.7.52.0.js
Requested by: Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:6c00:d:6d12:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9dfa109f21f859ef24892669441b88c483f178791604bd4b93152c8c194b535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: hXO4Z5UXHJIjTrFkC0u.4WHYnUscsR5T
date: Sun, 27 Aug 2023 07:08:51 GMT
via: 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 09:46:56 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 43643
x-amz-server-side-encryption: AES256
etag: "ada611cd90e168d7190f9984a125d0d6"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 403760
x-amz-cf-id: j3dnSJM-WbdR2F03HiU_sJafjSnNRGn26fDlD1tq3ADKT8im5nOROA==

GET
H2 451 711970.gif
id.rlcdn.com/ Frame 9CC6 0
42 B 74ms
22ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711970.gif
Requested by: Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 lounge.load.d3a7e0f9d834ec1287136e3d51e7ef82.js Show response
c.disquscdn.com/next/embed/ Frame 30AA 1 KB
1 KB 73ms
16ms Script
application/javascript 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.d3a7e0f9d834ec1287136e3d51e7ef82.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=poorlydrawnlines&t_i=8968&t_u=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&t_d=Poorly%20Drawn%20Lines&t_t=Poorly%20Drawn%20Lines&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

538c8d101b33511e7c6f56992713b9891a97aa6f8243d01464226949a06f5a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=poorlydrawnlines&t_i=8968&t_u=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&t_d=Poorly%20Drawn%20Lines&t_t=Poorly%20Drawn%20Lines&s_o=default
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 21 Aug 2023 16:20:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 306e1cc20ffb597e5d6d7d7cc23384f4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 528932
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 622
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Mon, 21 Aug 2023 16:02:52 GMT
server: nginx
etag: "64e38aac-26e"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: IZnjPNOOl1sf1WbNGn8zwoRQuw2YszgL66FAVPpsZ-PjtX6GFgcKig==
expires: Tue, 20 Aug 2024 16:20:39 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9787 22 KB
8 KB 17ms
16ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 45867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 06:31:45 GMT
expires: Mon, 26 Aug 2024 06:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame 9787 37 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 19:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Aug 2024 19:00:29 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 220A 236 KB
63 KB 125ms
27ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10366604321134229268/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sun, 27 Aug 2023 19:31:12 GMT

GET
H3 200 160x600.js Show response
s0.2mdn.net/sadbundle/10366604321134229268/ Frame 220A 81 KB
17 KB 19ms
18ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10366604321134229268/160x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10366604321134229268/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f840bc2dcc68de4a12db891b28a714eb6b6f27e9e0697f7621d758df3238ed26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10366604321134229268/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 04:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 572459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17469
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 08:44:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Aug 2024 04:15:13 GMT

GET
H2 200 common.bundle.f2a270bb37834887ad900431f6cb27eb.js Show response
c.disquscdn.com/next/embed/ Frame 30AA 280 KB
93 KB 66ms
27ms Script
application/javascript 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.f2a270bb37834887ad900431f6cb27eb.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.d3a7e0f9d834ec1287136e3d51e7ef82.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

17dfdeb0ea6a4edf44cba4f38a953e89af8094d116796ef91157a2a86a459a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=poorlydrawnlines&t_i=8968&t_u=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&t_d=Poorly%20Drawn%20Lines&t_t=Poorly%20Drawn%20Lines&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 21 Aug 2023 16:20:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 528932
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94118
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 21 Aug 2023 16:02:52 GMT
server: nginx
etag: "64e38aac-16fa6"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: lFO7ZndSDMVsl4aCwL8iCheRq18cRbRVEfqjWUSGKICrWYFDVTX-YQ==
expires: Tue, 20 Aug 2024 16:20:40 GMT

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ Frame 9CC6 48 KB
15 KB 110ms
31ms Script
application/x-javascript 99.86.114.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.114.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-114-98.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d9710c2a09a97b82f8ef3234516bbb07e11502b0b8e2ca75afc9aea49006a2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: uNUH2AHrYo2ZUfT.LbZTjT8KL1vCRxUI
content-encoding: gzip
via: 1.1 d1a8cc0bb52400f43698b4c3cd691acc.cloudfront.net (CloudFront)
date: Sun, 27 Aug 2023 18:44:42 GMT
x-amz-cf-pop: LHR61-C1
age: 1891
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:2372f326-bca9-40d0-8140-f6b9a30dca6d
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1885e895ec4a8a119242f9de4482a866
last-modified: Thu, 24 Aug 2023 15:44:38 GMT
server: AmazonS3
etag: W/"3145370849b79227e392569b89209345"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 0b0c5f69aae60ef9a0cff5a6b310217c2463820da7e916144e5eab502891f6fe
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: ifNp_G4LqrYiVCwSVviFJo6QYlFl94bn4tBi3CgfFa1lPJEd2-b6_A==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 9CC6 248 KB
61 KB 133ms
47ms Script
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 18:38:07 GMT
content-encoding: gzip
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
last-modified: Thu, 24 Aug 2023 18:15:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MUC50-P2
age: 2286
etag: W/"bfd42dc650471371e7b049251fcaca58"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: n7ZMe57sAfFC_k-w5SVNqxPRhMXJtT3dcSDBR3yfRLBqlA3TWnfnSw==

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ Frame B133 48 KB
15 KB 104ms
36ms Script
application/x-javascript 99.86.114.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/876583a8-81cb-4d63-9d57-50a52a0bd20a/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.114.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-114-98.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d9710c2a09a97b82f8ef3234516bbb07e11502b0b8e2ca75afc9aea49006a2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: uNUH2AHrYo2ZUfT.LbZTjT8KL1vCRxUI
content-encoding: gzip
via: 1.1 d1a8cc0bb52400f43698b4c3cd691acc.cloudfront.net (CloudFront)
date: Sun, 27 Aug 2023 18:44:42 GMT
x-amz-cf-pop: LHR61-C1
age: 1891
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:2372f326-bca9-40d0-8140-f6b9a30dca6d
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 1885e895ec4a8a119242f9de4482a866
last-modified: Thu, 24 Aug 2023 15:44:38 GMT
server: AmazonS3
etag: W/"3145370849b79227e392569b89209345"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 0b0c5f69aae60ef9a0cff5a6b310217c2463820da7e916144e5eab502891f6fe
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: kojHngObDMmPhBBExsIxIx7uYQYqelvNL-_93OAhaH_5sx_c1ri7uQ==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame B133 248 KB
61 KB 99ms
25ms Script
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 18:38:07 GMT
content-encoding: gzip
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
last-modified: Thu, 24 Aug 2023 18:15:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MUC50-P2
age: 2286
etag: W/"bfd42dc650471371e7b049251fcaca58"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Kwfl3e7Tuej8S-5e6b6Ea_zEQRr3v960uCs5dd-DOiQybQS_dryoZQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/ Frame B133 404 KB
127 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077354

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 12:03:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25940
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129911
x-xss-protection: 0
server: cafe
etag: 14269624574612719477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 26 Aug 2024 12:03:52 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame B133 53 B
79 B 95ms
52ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=poorlydrawnlines.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fdc210d057d5bc774b58ab61631b20a6985f4815572752eaff27816f4b89cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55
x-xss-protection: 0
expires: Sun, 27 Aug 2023 19:16:12 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ Frame 9CC6 28 B
606 B 24ms
17ms Fetch
application/json 52.222.169.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.169.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-169-8.cdg52.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept: application/json
Referer: https://poorlydrawnlines.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Aug 2023 01:27:26 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront), 1.1 652331095b841aa2e89ce3a0cd676d04.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, CDG52-P2
age: 64126
x-amzn-requestid: 5fb42e25-5928-4420-884c-38e9d4ca7e8e
x-amzn-trace-id: Root=1-64eaa67e-449137995b36ad584fd78e21;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: KS7z2G7zjoEFQSQ=
content-length: 28
x-amz-cf-id: MdX26ZMiqCYziDccwFYlwELadgQzdnJeTuAUy61uFlq-ea9m8OT1Fg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 131ms
44ms Preflight
application/json 52.222.169.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.169.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-169-8.cdg52.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://poorlydrawnlines.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 27 Aug 2023 19:16:12 GMT
via: 1.1 8550fccb865aec06cbc12a054e9c2728.cloudfront.net (CloudFront), 1.1 652331095b841aa2e89ce3a0cd676d04.cloudfront.net (CloudFront)
x-amz-apigw-id: KVYXjFy4joEFsVw=
x-amz-cf-id: 8gZDPVqf1jjMZCF-HjWqEb8-kAtS1B86UaSLdTQOKg-2sQnHL95mLw==
x-amz-cf-pop: CDG50-C1 CDG52-P2
x-amzn-requestid: 8cf6f3c6-9a42-4224-91c4-92bd0a715163
x-cache: Miss from cloudfront

GET
H2 200 lounge.dbc47866f009f9d6f1556cd58214d9a3.css
c.disquscdn.com/next/embed/styles/ Frame 30AA 233 KB
33 KB 18ms
18ms Stylesheet
text/css 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f2a270bb37834887ad900431f6cb27eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=poorlydrawnlines&t_i=8968&t_u=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&t_d=Poorly%20Drawn%20Lines&t_t=Poorly%20Drawn%20Lines&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 30 May 2023 18:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 7690972
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33282
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 30 May 2023 18:28:53 GMT
server: nginx
etag: "64764065-8202"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: YUDdSCz-xlbIqooHtXfMZbzlKf1hKGyER-yLjRx_DW1CdJ-VX_3oEg==
expires: Wed, 29 May 2024 18:53:20 GMT

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 168ms
83ms Preflight
application/json 52.222.169.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.169.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-169-8.cdg52.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://poorlydrawnlines.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 27 Aug 2023 19:16:12 GMT
via: 1.1 ec0e2f034bee82259de23281111aa344.cloudfront.net (CloudFront), 1.1 652331095b841aa2e89ce3a0cd676d04.cloudfront.net (CloudFront)
x-amz-apigw-id: KVYXjE0mjoEFVLA=
x-amz-cf-id: LdUPLiioNuzF4bZYzPz5al8EjxaYxc1n--u8X10K_iLJXy9l8ozV3A==
x-amz-cf-pop: CDG50-C1 CDG52-P2
x-amzn-requestid: 619da246-ac1d-4085-87e3-9427e186b06d
x-cache: Miss from cloudfront

GET
H2 200 / Show response
geo.privacymanager.io/ Frame B133 28 B
606 B 17ms
17ms Fetch
application/json 52.222.169.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.169.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-169-8.cdg52.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept: application/json
Referer: https://poorlydrawnlines.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Aug 2023 01:27:26 GMT
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront), 1.1 652331095b841aa2e89ce3a0cd676d04.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, CDG52-P2
age: 64126
x-amzn-requestid: 5fb42e25-5928-4420-884c-38e9d4ca7e8e
x-amzn-trace-id: Root=1-64eaa67e-449137995b36ad584fd78e21;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: KS7z2G7zjoEFQSQ=
content-length: 28
x-amz-cf-id: 0JmDhOYoeM4A_vg0Gp0m-VjXWQHu6-I_DLl4cS_JTBfzI8voUlAEEQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame B133 0
316 B 29ms
29ms XHR
text/plain 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpoorlydrawnlines.com&pubid=31d3a4c9-a8a6-4ae0-a5ae-d3b0de43284c
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 13:57:46 GMT
via: 1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P2
age: 19105
x-cache: Hit from cloudfront
access-control-allow-origin: https://poorlydrawnlines.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: YGM_5dMKfCuWODTAI46XJGEKZieuuWB9XgDhiOem7Tn0oUIHAOXNuw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame B133 23 B
466 B 259ms
133ms XHR
text/javascript 18.173.159.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpoorlydrawnlines.com%2F&pid=Rcj9VydPELq7c&cb=0&ws=670x32&v=23.821.1806&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F101482493%2Fpublisher%2Fpoorlydrawnlines_top_desktop%22%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F101482493%2Fpublisher%2Fpoorlydrawnlines_top_desktop%22%7D%5D&pubid=31d3a4c9-a8a6-4ae0-a5ae-d3b0de43284c&gdprl=%7B%22status%22%3A%22tcfv2-error%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.159.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-159-32.muc50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3f7bbc22c659b2b7470c819d073f58b6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P3
x-amz-rid: NQK25F9SM3MZ08W5YRZ9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://poorlydrawnlines.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: aKUZLefYDyg9aB4BAWvMOngH6W-DzonK0esXAEhnKGDVA6t0ePFoXw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B133 6 KB
3 KB 54ms
19ms XHR
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 349eb6985da057f318665aa6bde74732.cloudfront.net (CloudFront)
date: Sun, 27 Aug 2023 06:17:41 GMT
x-amz-cf-pop: MUC50-P2
age: 46712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: OEzCNBc8YoQ_ftN9PokDZAY-jTQ0bKjpCAXLYmOeqeUsvTBg-t4H3w==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 9CC6 0
314 B 19ms
18ms XHR
text/plain 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpoorlydrawnlines.com&pubid=31d3a4c9-a8a6-4ae0-a5ae-d3b0de43284c
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 13:57:46 GMT
via: 1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P2
age: 19105
x-cache: Hit from cloudfront
access-control-allow-origin: https://poorlydrawnlines.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: x216JxtFARaJVZF0Sfzag_CmJr0DmCaCyo5xqeFOcbkeNDmSc7zpug==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 9CC6 23 B
467 B 255ms
136ms XHR
text/javascript 18.173.159.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpoorlydrawnlines.com%2F&pid=gHiFlK1sXfGKG&cb=0&ws=670x32&v=23.821.1806&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F101482493%2Fpublisher%2Fpoorlydrawnlines_bottom_desktop%22%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F101482493%2Fpublisher%2Fpoorlydrawnlines_bottom_desktop%22%7D%5D&pubid=31d3a4c9-a8a6-4ae0-a5ae-d3b0de43284c&gdprl=%7B%22status%22%3A%22tcfv2-error%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.159.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-159-32.muc50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3f7bbc22c659b2b7470c819d073f58b6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P3
x-amz-rid: BB0DTPCQGG5HKXS9GBXP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://poorlydrawnlines.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 3Y_pbQMKjuvk-P5b1Ajw1xHD5yV-rmq_cYtjBCqxGy458FSpOVIVoA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9CC6 6 KB
3 KB 49ms
20ms XHR
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 349eb6985da057f318665aa6bde74732.cloudfront.net (CloudFront)
date: Sun, 27 Aug 2023 06:17:41 GMT
x-amz-cf-pop: MUC50-P2
age: 46712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: ffHiV9jvwjdHdZflWmXTcrBSqOi-AU4vIghSDN34B-NJo_TGD5F1lg==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B133 0
0 114ms
113ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe&e=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077354

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/ Frame 9CC6 404 KB
127 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077354

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 12:03:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25940
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129911
x-xss-protection: 0
server: cafe
etag: 14269624574612719477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 26 Aug 2024 12:03:52 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 9CC6 42 B
68 B 79ms
79ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=poorlydrawnlines.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

321279014ffe5c1e8995ce84dbbf8af012d030330f41ac99491e1b591417888c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
expires: Sun, 27 Aug 2023 19:16:12 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/10366604321134229268/ Frame 220A 10 KB
10 KB 35ms
35ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10366604321134229268/bg.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

086287736cc042c221591772980ed9319fb8ff5546a194adaa320bc64e007d63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10366604321134229268/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:06:58 GMT
x-content-type-options: nosniff
age: 421754
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10659
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 08:44:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Aug 2024 22:06:58 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 32D9 0
0 60ms
60ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3ihcF2JGVB8430xHeYlQsSsrhi7TU9znuo2ChVNUL7KR0qqstZSIvn_LQoMdYbvzDLkQ3gMKw83FCg3khPgzCXyCdoeDEQh_VMKE78vVFKeCsxPTK7WQyU51MY1vQfNeg3bYJJoZhIM2lBnbb0vm-p-SJCKcbfsNcEQh-MNEWSFkx97U&sai=AMfl-YQKGLQHdpufC0tfMLIqnNBSvr7lSSHpqxUhP3X_X6J-UE8BPjB8flK2sTrMLOaha69_REy2zzhft_UDEwalTYmwnZyXg5Y_3bgKSg&sig=Cg0ArKJSzKMxge24iqZaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=420&vt=11&dtpt=391&dett=3&cstd=25&cisv=r20230823.96914&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Aug 2023 19:16:12 GMT

GET
H2 200 lounge.bundle.17fe850f095e5d3d285fe1d862e5f57c.js Show response
c.disquscdn.com/next/embed/ Frame 30AA 513 KB
129 KB 43ms
43ms Script
application/javascript 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.17fe850f095e5d3d285fe1d862e5f57c.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f2a270bb37834887ad900431f6cb27eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

51475e34a257dfa57c5ef198f8a06563b3aa32d3f4bc66e52caa54075b5d9ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=poorlydrawnlines&t_i=8968&t_u=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&t_d=Poorly%20Drawn%20Lines&t_t=Poorly%20Drawn%20Lines&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 21 Aug 2023 16:20:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 528932
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 131019
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 21 Aug 2023 16:02:52 GMT
server: nginx
etag: "64e38aac-1ffcb"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: bDJ_dzBHBxHuQncAEnHiMkZhlozwkEWPHZkHn-RESYHfITa77DkCpQ==
expires: Tue, 20 Aug 2024 16:20:40 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 30AA 18 KB
19 KB 21ms
21ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f2a270bb37834887ad900431f6cb27eb.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b6f93e4cc75b593d86626b9ed9013ec0feac6b794eeff8a51de946a22557e2c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=poorlydrawnlines&t_i=8968&t_u=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&t_d=Poorly%20Drawn%20Lines&t_t=Poorly%20Drawn%20Lines&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 19:16:12 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 6
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 18762
X-XSS-Protection: 1; mode=block

GET
H3 200 imageA2.png
s0.2mdn.net/sadbundle/10366604321134229268/ Frame 220A 28 KB
28 KB 23ms
17ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10366604321134229268/imageA2.png

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0218a5572d05880358edfac370b9ba5fe11532c3be7aff835663361fc19747e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10366604321134229268/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 04:15:13 GMT
x-content-type-options: nosniff
age: 572459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28347
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 08:44:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Aug 2024 04:15:13 GMT

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 30AA 3 KB
4 KB 159ms
159ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=poorlydrawnlines&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f2a270bb37834887ad900431f6cb27eb.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

204bdf6a044401c6e38d6edeb1dba07df05b9f414723ccd2122621d56f79f33f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=poorlydrawnlines&t_i=8968&t_u=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&t_d=Poorly%20Drawn%20Lines&t_t=Poorly%20Drawn%20Lines&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 19:16:13 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3170
X-XSS-Protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CC6 0
0 116ms
116ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe&e=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077354

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9787 0
20 B 120ms
120ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZeE9_KDrZI-oEsu4x_APxNOQsAUAAAAAOAHgBAI&bg=!Xl2lXRLNAAYkVgHwBFY7ADQBe5WfOLqfWg-f4jhf2OPrGTfayCfq00ftZdBiBuFk_X8xP2Hku-L12XpV_C8C4q3wimVkAgAAAURSAAAABGgBBwoAdeN64aW8ri9S5xoxvNQ5EZmqbZXbAWJvVhe9KCm3UMkK0idETgxzFEekW6iWYySRWIKQvilOphFr1j3bC_kkdozEIMS_39DukI0WJlQZ1GLfO_o7gWYmxVoQjHIcugOG_h7m0rPtVzjV-mUXZk0TaBfnD8KG65kC_zaJ9ECH1HHM0MH-P3uSy1QGdnOlSbRyG6EYILgVsV_tRNTsKiMqMbjhTTC2HiQ7AVVJA4S7fkmFFgFU-FtaFqUorUZBC3P2XidyMtc3kljUxrpsv51ly2OVADY2fnKc7eIsR5fLyINEtlwhuXb02FmzUCbook0BtH2nu_HEfVSrQjIwWovh3jCaHZ2uUhBD3bM08AymvgGJMQtTx9CV4q6qxDCWZfbP8LMtoMqhUA81m2Km4Fei_pN7j2rpONikzMiQmr0TI8gnn-bxhbGJpOQM-JxjjY74qUYwtP28SNRVMB_F0wPnDeoEjaC-3wi7eSkAbv1HePVRu4RIhz9112QtqZhFWkcjQN7ccdKh8Sz1o5Bjgg_bf10NNKub5uriqftyc7HWS0mGTDaWAihg8shBbvlQfEBldfEgLWjiPITv3nGnDgabt7dRiIEq-ymNQ6Bbl5IdbIJlwfZXJG1x9pmhnthDM8u2CvaMzXpDSUwRwUvrXvHFajb7C4NNz4xc0i-MKE43TABgV9vD933d4LkMGjP478mFc4pobKs8Bqntatyj56K3rBLpNkn5SXIeuaxkG3Dpr1bszuHOMJRsMRt-iIawQcebkHk_szQipLS33UC_g7JbUdjI12ygUYQnLjorA5gEhpr-0wXyM-_SwdZk0C4IZIJZjLuF6nuosTXkbqCxV3pumOYWa5wvtWVKQkNJnZXg7lXB6diSxAazE-tqdIMIbgAbIhrvMWTU5k8FC-Qqd3ooEKEq-ams4PnglIvmmunieA23GbmlAx2Z36V2fq5QD6_XX-dnjRzbgCZsTRdpJtSzfs1QD8mPgJ0dQtUS2cxSVeAEiCFElj_URpcbRiiPIBLLxkaipieLfg8_avnyu0MNAMAjSlQwMf0PIwuERNC5NzoN7UtlfXU7T_oShkin2wH0ZNCBegkqxxjpI_U1QfRqe0Go46EtdAdMM4cv4xAr5nxweexdEKCx48CIfsK45f7j-7pW4YZyLJ_lK62AbMbYaXKCYx6so4f_

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 19:16:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 30AA 11 KB
1 KB 102ms
28ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=poorlydrawnlines&t_i=8968&t_u=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&t_d=Poorly%20Drawn%20Lines&t_t=Poorly%20Drawn%20Lines&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 27 Aug 2023 19:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 27 Aug 2023 18:04:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Aug 2023 19:16:13 GMT

GET
DATA 200
OK truncated
/ Frame 30AA 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 30AA 13 KB
13 KB 21ms
21ms Image
image/svg+xml 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 20 May 2023 12:57:54 GMT
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 8576298
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 18 May 2023 20:44:46 GMT
server: nginx
etag: "64668e3e-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: _VlFwmC21yUzK5d9ReYKBx3s3yzbm57wfBI7T3CGplvLQ31O8fKOJQ==
expires: Sun, 19 May 2024 12:57:54 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 30AA 3 KB
3 KB 20ms
20ms Image
image/gif 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 15 May 2023 04:11:29 GMT
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 9039882
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 09 May 2023 18:32:30 GMT
server: nginx
etag: "645a91be-b9b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: rvmf7oqaqinNLDFgRW6F84QVZrFZSgMkBIHfhx9lrI53rgZ1gU0iQA==
expires: Tue, 14 May 2024 04:11:29 GMT

GET
H2 200 email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame 30AA 840 B
1 KB 20ms
20ms Image
image/svg+xml 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 22 May 2023 07:46:28 GMT
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 8422184
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 840
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 18 May 2023 20:44:46 GMT
server: nginx
etag: "64668e3e-348"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: MUf--4BC55rP0MrhsMYoFmXGQBS9BiaZvm_4L8JZ2CHPNZuV5sLaSQ==
expires: Tue, 21 May 2024 07:46:28 GMT

GET
H2 200 privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame 30AA 891 B
1 KB 20ms
20ms Image
image/svg+xml 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 12 May 2023 01:14:12 GMT
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 9309720
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 891
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 09 May 2023 18:32:30 GMT
server: nginx
etag: "645a91be-37b"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: kR7Xytj1LJawR8LHoQW3NtfJNAa9WPsFX9xhVpg6VCE3dEXvCa-Reg==
expires: Sat, 11 May 2024 01:14:12 GMT

GET
H2 200 warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame 30AA 605 B
1 KB 20ms
20ms Image
image/svg+xml 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 19 May 2023 05:10:26 GMT
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 8690746
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 605
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 18 May 2023 20:44:46 GMT
server: nginx
etag: "64668e3e-25d"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: jamMm_74nyaxxAs1K4Worbl86RRgQbgeTgpF5OH-JSJjP3NP3nbQug==
expires: Sat, 18 May 2024 05:10:26 GMT

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 30AA 2 KB
2 KB 21ms
20ms Image
image/png 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 09 May 2023 02:17:05 GMT
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 9565147
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 05 May 2023 08:10:53 GMT
server: nginx
etag: "6454ba0d-6e3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: OGOfENGiPH7UGWnk_aMvkjQVjpJHiUQ0l-YsHX9iPDwlkGQXtg4SPQ==
expires: Wed, 08 May 2024 02:17:05 GMT

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 30AA 8 KB
8 KB 21ms
21ms Font
application/octet-stream 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 09 May 2023 18:27:36 GMT
via: 1.1 306e1cc20ffb597e5d6d7d7cc23384f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 9506916
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 05 May 2023 08:10:53 GMT
server: nginx
etag: "6454ba0d-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: r5BEckoTpn50hvTcNClvMhdrhZKHo0apZ3DN8QIJyTePQxGqWhAM4Q==
expires: Wed, 08 May 2024 18:27:36 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1691537568/images/ Frame 30AA 2 KB
2 KB 300ms
25ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1691537568/images/noavatar92.png

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=poorlydrawnlines&t_i=8968&t_u=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&t_d=Poorly%20Drawn%20Lines&t_t=Poorly%20Drawn%20Lines&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:13 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 1550805
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: QLtLdpW-J4HMUCwdCdE6n_AyULUTLCbeVLRdpb5zDt9bwrdNCg21og==
x-xss-protection: 1; mode=block
expires: Fri, 08 Sep 2023 20:29:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 30AA 15 KB
16 KB 66ms
14ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 106734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 13:37:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 30AA 15 KB
15 KB 85ms
35ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 227361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 04:06:52 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 30AA 17 KB
17 KB 67ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 16:18:35 GMT
x-content-type-options: nosniff
age: 97058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 16:18:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 30AA 16 KB
16 KB 86ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 146464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 02:35:09 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 30AA 17 KB
17 KB 73ms
30ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 09:21:37 GMT
x-content-type-options: nosniff
age: 122076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 09:21:37 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 30AA 43 B
339 B 99ms
98ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=326&event=init_embed&thread=9825632585&forum=poorlydrawnlines&forum_id=763908&imp=2st927r3m4gdlp&thread_slug=poorly_drawn_lines_pretty_sensitive&user_type=anon&referrer=https%3A%2F%2Fpoorlydrawnlines.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=prebidbidisrequired&variant=active&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=poorlydrawnlines&t_i=8968&t_u=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&t_d=Poorly%20Drawn%20Lines&t_t=Poorly%20Drawn%20Lines&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 19:16:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 33B4 337 B
842 B 15ms
15ms Stylesheet
text/css 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 18 May 2023 12:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 8751633
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 17 May 2023 16:02:42 GMT
server: nginx
etag: "6464faa2-f4"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: NKFwsqlrgEEgIU0_Oq0u7XrGfXDxxXbdXsCznXbxJhZfNcV4ZDjvSQ==
expires: Fri, 17 May 2024 12:15:40 GMT

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame C2BF 337 B
840 B 16ms
16ms Stylesheet
text/css 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: poorlydrawnlines.disqus.com
URL: https://poorlydrawnlines.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 18 May 2023 12:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 8751633
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 17 May 2023 16:02:42 GMT
server: nginx
etag: "6464faa2-f4"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: NnGeVdiStIBf4_YXhkTC9pDdUmuk15i5uB0HTfrQMh-Qw1wg7czudQ==
expires: Fri, 17 May 2024 12:15:40 GMT

GET
H2 200 follow-v2.411b1215980cdde315e43cc006cfbea6.svg
c.disquscdn.com/next/embed/assets/img/ Frame 30AA 2 KB
2 KB 14ms
14ms Image
image/svg+xml 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/follow-v2.411b1215980cdde315e43cc006cfbea6.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5ab9af97734b7a1b76e65a6aff767898e4dd763725c46ee56d340a5fd116e6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 09 May 2023 04:40:16 GMT
via: 1.1 306e1cc20ffb597e5d6d7d7cc23384f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 9556557
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1557
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 05 May 2023 08:10:53 GMT
server: nginx
etag: "6454ba0d-615"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 33mnd2wQ7v__GYx4tFgjBS19H0ExtbgpTXDAWL3Fkp_twO41l5Vk4w==
expires: Wed, 08 May 2024 04:40:16 GMT

GET
H2 200 like.855606fb4e3a7a6448e6c782f3f54e5a.svg
c.disquscdn.com/next/embed/assets/img/ Frame 30AA 2 KB
2 KB 14ms
14ms Image
image/svg+xml 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/like.855606fb4e3a7a6448e6c782f3f54e5a.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3b8a8d998dd7dc014bdb52a01adea8ec1be82193e7e7c6e0c7067a58435b7c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 10 May 2023 01:05:32 GMT
via: 1.1 306e1cc20ffb597e5d6d7d7cc23384f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 9483041
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1655
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 09 May 2023 18:32:30 GMT
server: nginx
etag: "645a91be-677"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: CGuYCbLTwhTHwkEVJEKa1Qb2v4FOg-EnqGwSYP07jn7arw0YTxwIow==
expires: Thu, 09 May 2024 01:05:32 GMT

GET
H2 200 dislike.612d8ba98928c381e4c789c1b309cda1.svg
c.disquscdn.com/next/embed/assets/img/ Frame 30AA 2 KB
2 KB 14ms
14ms Image
image/svg+xml 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/dislike.612d8ba98928c381e4c789c1b309cda1.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8bd3068a31f037d3d198e40d59ae6acf610e3550c11ebff7b6c66bdf8e8b2e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.dbc47866f009f9d6f1556cd58214d9a3.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 14 May 2023 04:29:42 GMT
via: 1.1 306e1cc20ffb597e5d6d7d7cc23384f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 9125191
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1796
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 09 May 2023 18:32:30 GMT
server: nginx
etag: "645a91be-704"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 4lMDAPv4tA-SduPYloVA0ehVsCtceoNSKAeStrSVowRZu4dob9SrnA==
expires: Mon, 13 May 2024 04:29:42 GMT

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/23193/5395/ Frame 30AA 4 KB
4 KB 16ms
15ms Image
image/jpeg 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/23193/5395/avatar92.jpg?1518093495

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a535a8a8b6f3a5bf70f1478bb43ec56f9d7f032fd3606a0b52ca64629922a1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=poorlydrawnlines&t_i=8968&t_u=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&t_d=Poorly%20Drawn%20Lines&t_t=Poorly%20Drawn%20Lines&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 15 May 2023 02:32:57 GMT
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 9045796
x-cache: Hit from cloudfront
content-length: 3931
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Thu, 08 Feb 2018 12:38:15 GMT
server: nginx
etag: "a2d9f9ebf5131d4e0eba518e046ff29c"
content-type: image/jpeg
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-amz-cf-id: ub2QoMnKYFlvIIyNQVjK-dZ_DQUc800CYi2m43GKLmmZAGZGcqHXSg==
expires: Tue, 14 May 2024 02:32:57 GMT

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/16424/444/ Frame 30AA 2 KB
3 KB 16ms
15ms Image
image/jpeg 2600:9000:26db:f200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/16424/444/avatar92.jpg?1693012539

Requested by

Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:f200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0903fcbf1fa334d097c0ed99e456b5af2ab0873b1e1c76cdc3217b04aa09b66e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=poorlydrawnlines&t_i=8968&t_u=https%3A%2F%2Fpoorlydrawnlines.com%2Fcomic%2Fpretty-sensitive%2F&t_d=Poorly%20Drawn%20Lines&t_t=Poorly%20Drawn%20Lines&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 26 Aug 2023 01:17:47 GMT
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 151106
x-cache: Hit from cloudfront
content-length: 2487
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Sat, 26 Aug 2023 01:15:40 GMT
server: nginx
etag: "8523ed5875963572af35f582d7fe4fbb"
content-type: image/jpeg
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-amz-cf-id: Lkt5hNWdUlBhaHs_nAHvxrLhatkzfNn7cX1gc96toi4glKZgd656aw==
expires: Sun, 25 Aug 2024 01:17:47 GMT

GET
H3 200 ad_choices_i_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame 23AE 513 B
774 B 16ms
16ms Image
image/png 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_i_UR.png
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:14 GMT
cf-cache-status: HIT
age: 1022
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400
content-length: 513
x-function: 301
last-modified: Tue, 11 Apr 2023 06:26:26 GMT
server: cloudflare
etag: 1681194386
vary: Accept-Encoding
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
cf-ray: 7fd6a5d4fbdc9b4b-FRA
expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H3 200 ad_choices_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame 23AE 2 KB
2 KB 21ms
20ms Image
image/png 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_UR.png
Requested by: Host: poorlydrawnlines.com
URL: https://poorlydrawnlines.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poorlydrawnlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 19:16:14 GMT
cf-cache-status: HIT
age: 33873
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400
content-length: 1608
x-function: 301
last-modified: Tue, 11 Apr 2023 06:26:26 GMT
server: cloudflare
etag: 1681194386
vary: Accept-Encoding
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
cf-ray: 7fd6a5d4fbdd9b4b-FRA
expires: Tue, 31 Dec 2030 00:00:00 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame EF21 0
234 B 65ms
25ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?impid=4743e8e9c16d489cacb37ae8aa9557f6&flavor=1&gdpr=&gdpr_consent=&dvp_ac_version=0810&dvp_acibv=&bsigr=19860153565698&tagsrv=1&eoid=2&tgdur=98&vfdur=167&vfsz=4436&tuveims=44&tuveems=217&ttfurm=3199&cbust=1693163774991683
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sun, 27 Aug 2023 19:16:15 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 08/26/2023 19:16:15

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662105688055635&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.poorlydrawnlines.com/	1970-01-20 23:55:23	Name: __utma Value: 245411077.1100359424.1693163769.1693163769.1693163769.1
.poorlydrawnlines.com/	1969-12-31 23:59:59	Name: __utmc Value: 245411077
.poorlydrawnlines.com/	1970-01-20 18:42:11	Name: __utmz Value: 245411077.1693163769.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.poorlydrawnlines.com/	1970-01-20 14:19:24	Name: __utmt Value: 1
.poorlydrawnlines.com/	1970-01-20 14:19:25	Name: __utmb Value: 245411077.1.10.1693163769
.doubleclick.net/	1970-01-20 18:38:35	Name: APC Value: AfxxVi5qgoGWUJQb0GKDI1UMC86eGIxsYjs2vyqaZcstkai76vFxLA
.weborama.fr/	1970-01-20 23:45:18	Name: AFFICHE_W Value: IsUUT22EGJ0i41
.casalemedia.com/	1970-01-20 23:04:59	Name: CMID Value: ZOug.2PsnAB7YeMeCeibegAA
.casalemedia.com/	1970-01-20 16:28:59	Name: CMPS Value: 3239
.casalemedia.com/	1970-01-20 16:28:59	Name: CMPRO Value: 3239
.pubmatic.com/	1970-01-20 14:20:50	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 23:04:59	Name: KADUSERCOOKIE Value: 9C5FB2C1-712A-402D-8ADC-0BA5CAFF932E
.doubleclick.net/	1970-01-20 23:40:59	Name: IDE Value: AHWqTUmBdybujAikhDw6iUWi46lsdTtp_c5F-Xvur_bbGccm6lAXkkoHlo4h-0IPHy8
.demdex.net/	1970-01-20 18:38:35	Name: demdex Value: 69095979533401661190874260761253783259
.bluekai.com/	1970-01-20 18:44:21	Name: bku Value: CH999wrQbtxfOq1O
.bluekai.com/	1970-01-20 18:44:21	Name: bkpa Value: KJy9qQYHd02pSUHknpx01MAdSVx21EQyBp/tBM/h1eDtmeQyBEDt1pDZzZPASU/2ScH6zc1k16Wk1ARk1AjCn7H0SVJCqsjNztkFqi8Mqt6k1AjonZNC5sBGJEBszYDpHs/pJE/t5uDpHYD0Ba2YuN2PPDkW9yeHpOdb
.pubmatic.com/	1970-01-20 15:02:35	Name: KRTBCOOKIE_1051 Value: 22884-18072662105688055635
.pubmatic.com/	1970-01-20 15:02:35	Name: PugT Value: 1693163771
.dpm.demdex.net/	1970-01-20 18:38:35	Name: dpm Value: 69095979533401661190874260761253783259
.krxd.net/	1970-01-20 18:38:35	Name: _kuid_ Value: Pwr6Cqt4
.agkn.com/	1970-01-20 23:04:59	Name: ab Value: 0001%3AcdepfzMR7SyM3yCI8AxGw7IC4VLZIAmB
.tribalfusion.com/	1970-01-20 16:28:59	Name: ANON_ID Value: aHnR0SolXVcQuWx7IZawQNQ9J6GWVFmlxZcSWFMJviD6k2opfIYYA1cSPSUVaZdjWDf5SYSJCvYrRWxGcQgPGh2LvtSZb95rJc4U7mvLj4qGoSpruXeFY5wxsvtBXHSxuxOcJsGjZdgdOVxLsB6wDraC2VuLvZcKZdav1Ew4b0ESSqvXsZcZdxFhZclZbSrlEXfTU9oTWsWCeIEuJFdukJWWLfN

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://tags.expo9.exponential.com/tags/PoorlyDrawnLinescomMobile/ROS/tags.js(Line 828) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.tribalfusion.com/displayAd.js?dver=0.9&th=6095664336, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.expo9.exponential.com/tags/PoorlyDrawnLinescomMobile/ROS/tags.js(Line 828) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.tribalfusion.com/displayAd.js?dver=0.9&th=6095664336, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.expo9.exponential.com/tags/PoorlyDrawnLinescomMobile/ROS/tags.js(Line 1704) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=6095664336&tagKey=2682756367&loaderVer=0.1&site=poorlydrawnlinescommobile&adSpace=ros&center=1&size=320x50&env=display&url=https%3A%2F%2Fpoorlydrawnlines.com%2F&f=0&p=3692221&tKey=a6mneM4cYbTGF8VcBjRAQOYTYcSHYi2G&a=1&adContainerId=richmedia_2&rnd=3691290, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.expo9.exponential.com/tags/PoorlyDrawnLinescomMobile/ROS/tags.js(Line 1704) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=6095664336&tagKey=2682756367&loaderVer=0.1&site=poorlydrawnlinescommobile&adSpace=ros&center=1&size=320x50&env=display&url=https%3A%2F%2Fpoorlydrawnlines.com%2F&f=0&p=3692221&tKey=a6mneM4cYbTGF8VcBjRAQOYTYcSHYi2G&a=1&adContainerId=richmedia_2&rnd=3691290, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=6095664336&tagKey=2682756367&loaderVer=0.1&site=poorlydrawnlinescommobile&adSpace=ros&center=1&size=320x50&env=display&url=https%3A%2F%2Fpoorlydrawnlines.com%2F&f=0&p=3692221&tKey=a6mneM4cYbTGF8VcBjRAQOYTYcSHYi2G&a=1&adContainerId=richmedia_2&rnd=3691290(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=6095664336&tagKey=2682756367&loaderVer=0.1&site=poorlydrawnlinescommobile&adSpace=ros&center=1&size=320x50&env=display&url=https%3A%2F%2Fpoorlydrawnlines.com%2F&f=0&p=3692221&tKey=a6mneM4cYbTGF8VcBjRAQOYTYcSHYi2G&a=1&adContainerId=richmedia_2&rnd=3691290(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/dcmads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 31) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v96.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/dcm/dcmads.js(Line 31) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/dcm/impl_v96.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 89) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662105688055635&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://poorlydrawnlines.disqus.com/embed.js(Line 46) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://poorlydrawnlines.disqus.com/embed.js(Line 46) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/711970.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/711970.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
a.tribalfusion.com
a4.tribalfusion.com
aa.agkn.com
aax.amazon-adsystem.com
ad.doubleclick.net
ads.pubmatic.com
ajax.googleapis.com
beacon.krxd.net
c.amazon-adsystem.com
c.disquscdn.com
cdn.doubleverify.com
cdn.pathtosuccess.global
cdnx.tribalfusion.com
cm.g.doubleclick.net
code.createjs.com
disqus.com
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
googleads4.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
pagead2.googlesyndication.com
pgacatalunya1.solution.weborama.fr
pixel.rubiconproject.com
poorlydrawnlines.com
poorlydrawnlines.disqus.com
public-prod-dspcookiematching.dmxleo.com
referrer.disqus.com
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
s.disquscdn.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssl.google-analytics.com
sync.search.spotxchange.com
tags.bluekai.com
tags.expo9.exponential.com
tempest.services.disqus.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.googletagservices.com
sync.search.spotxchange.com
104.18.12.14
104.18.39.155
108.138.36.50
108.138.37.209
130.211.44.5
142.250.185.194
151.101.192.134
166.62.109.7
18.173.159.32
185.64.191.210
188.65.124.66
198.47.127.19
199.232.192.134
199.232.192.64
199.232.194.49
2.23.197.190
216.58.206.38
216.58.212.130
23.32.184.192
2600:9000:248d:b600:19:8ca6:3640:93a1
2600:9000:26da:6c00:d:6d12:1c0:93a1
2600:9000:26db:f200:6:8656:f5c0:93a1
2606:4700::6812:19ad
2606:4700::6812:cdb
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::2006
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2001
2a02:26f0:3500:11::215:14dc
2a02:26f0:480:9::210:ee05
3.71.149.231
34.252.154.12
35.244.159.8
35.244.174.68
52.210.25.250
52.222.169.8
63.34.77.44
69.173.144.165
91.216.195.18
99.86.114.98
0218a5572d05880358edfac370b9ba5fe11532c3be7aff835663361fc19747e5
0474d395e3d562bb491ef9304b9dbd255fd1e1774640627020ad6fae8d900ac3
053f4395561c90814e6d6a615526390c1403a7972e20f2f0e8808287da79146e
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07fe727e35e8d33331dd43899c06ad7ba61384e62dda70f565aab19c750d74f5
086287736cc042c221591772980ed9319fb8ff5546a194adaa320bc64e007d63
0903fcbf1fa334d097c0ed99e456b5af2ab0873b1e1c76cdc3217b04aa09b66e
09ed7f0b415c5eaaad3f4e4c160d63e421f0d421bcd2d81dc044b720378821ff
0d4e77da5212f4809528e263008c24546832c2a22957503bb07dcb3b8a33812d
0d9710c2a09a97b82f8ef3234516bbb07e11502b0b8e2ca75afc9aea49006a2d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
152618efa33c7f7cc8a46de6212fcaa9aa0ffd11f47010fdc0ba200783434b71
15686e149340660e221bddd1ff558d89e1d83f9ff74eb83dba72e284cf3c1527
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1742160230e4086e4ae2c332490e572580ab3da62fa4e61538ce3cea3d3a4252
176e767e17579bf0b25d0e77fbaadcff7bfc093f4a0c5bcc349d35c02dcf902c
17b89c69f84a20ef2ddad141b25f23dc60ab0c9ffa50a2f0cd6193a6b63a7637
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
17dfdeb0ea6a4edf44cba4f38a953e89af8094d116796ef91157a2a86a459a1a
1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f
1b5f3049346addca272d028d292b5c8efe677ae89d4293151498386b2b7a6f6e
204bdf6a044401c6e38d6edeb1dba07df05b9f414723ccd2122621d56f79f33f
29aae3c802f036e18807477b23438c1e6b6c0c8ad85e6fb47ffa6bacaec7f82b
321279014ffe5c1e8995ce84dbbf8af012d030330f41ac99491e1b591417888c
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
356c2e6b79c9bbee106974f1cc52abe9d26b6796353d88810f748d8338c276ed
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
39d31ab934f12bed7f4b0fb18b09d94f3811f50700eae1027d2b09b688362685
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3b7fcb9603907208ca85a2662adc4e032470e044cfe3d2e8d1e91e682e760de5
3b8a8d998dd7dc014bdb52a01adea8ec1be82193e7e7c6e0c7067a58435b7c28
3df1e3133fef6e0e84f5800dbe3c797919cbe3f746696b98375d969ca214ab25
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
463b290a37f3ac335b268869dd06f1be957c52e9edbc6f8310160d9d1286b4c1
46835eba98ec27615940d0427a87864b7f19bf779c4fa62e71b32fe1bd9e0ec7
489e5151a8058d85bf4291c373844409ca756250b61146e317b1816ee37521c9
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51475e34a257dfa57c5ef198f8a06563b3aa32d3f4bc66e52caa54075b5d9ada
538c8d101b33511e7c6f56992713b9891a97aa6f8243d01464226949a06f5a97
580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8
5ab9af97734b7a1b76e65a6aff767898e4dd763725c46ee56d340a5fd116e6a3
5c13148a6289bbd4590a0656b1db36a3bb4fe929fde571987f268c7bc2444394
5c58c206c1f6bb9cebcc340b541c540ecce06161a0ce73402b0a1b7b4a0fe231
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
5f9ff5eb5e1a4ea2b17ffa9e1f8a2120e12e9f1487c3801b4d82ae2cb3aefb10
61779c74768b5eb298860ceb7d7cf06f2b228fdc53df72b530490a792a5b8a59
636118b8849daf391b1b6f29776bb9cfe9b1054d313a650d9fb953ee83fcdabe
63e0adc4f283366ae0bfdf58d1ff7d58125eadeacd8e679b2f6ca4656ca5df57
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6f582db822630f25692a7b870c732863f6af13d34496e240e88cc0ce8371237b
6fdc210d057d5bc774b58ab61631b20a6985f4815572752eaff27816f4b89cb1
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7b8c9120613f02009b6d2e4ab39c59eed212ad1713083a94169aad22c1911115
7bd887208f90811f69029f99399a0740203702cc1cad617faf33f8b8dd62c475
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8bd3068a31f037d3d198e40d59ae6acf610e3550c11ebff7b6c66bdf8e8b2e3f
8fbfaeef2ae4db303bab159893d2cea826d7f60cb92d6f07565645ecedb0cb6a
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
985016178b37a675a29c6115e9d2484676defc4bb0160472e1b29673e7a586c1
9dcc923915401762efd974be8d75cf19c366733efaab38b01d5483224d8fa2cd
9dfb325df46b6278738fc0745b95f6ef474a8249524b53a29fc42e6d204368a7
a16fc8c9bca7cb55cddfacf410fa15150bda83e0a09b2cf5cae699fdfef366c0
a1ccad362017ae6483b3249de04d66f1309762618cdce7aafc36d2e3a6bc06e0
a20cdc8dad12834fc7c5dc570cd9657262c478a0094309de86e49beec5086673
a3f161571a52446315ef86daf7d95c6070c9c778a6ad63562cd1a02f73453525
a535a8a8b6f3a5bf70f1478bb43ec56f9d7f032fd3606a0b52ca64629922a1fd
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a9dfa109f21f859ef24892669441b88c483f178791604bd4b93152c8c194b535
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1cd4a525c2a207547b2b36eb5e57098fc3028b74e11f01131c02962c837bd20
b31ec22f2e82a694620c949a99dadaf7bce4401a61fb9e2cb29a955a002d097d
b6f93e4cc75b593d86626b9ed9013ec0feac6b794eeff8a51de946a22557e2c0
baf1a8895afbc85cee461b7043c683561d78fb374dd0063b61c50558267b0870
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbfb0723366f23bec524102db929a525334819bd28220db2f1cbe61b26308d3f
bd39296683d8c126559922d18b909f24399955777f558a71503b7d6a1b22ae6b
be66547db89e948f8ccf942500b61b9cc03c58c9bf2a3505503cd0fa6a413f23
bfa851ec194a49851f9d42650c64df658e8ec4a2d5299f4cc841bfec9f32645d
c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c43a8db3c8c490b7a7e9ef505fb6653be0f97dd95540f03ef8698af7860f6bc0
c6d6387482d3f3181d446cc28811da21e602dad4e778424b3c365bd4cb1f0045
c7bfb5a7bbdc284507b3e35b2a1a6ca57f9ca64d2e2c24f07cd3b7b3ec2e9cf3
c869b73ad8067b7ceedcd4d0b950fd3208ae831b17cfd18d9caf45f0bf0a44b3
cab1ba33f149def0830604c53d942d5c8d88b4e3046b7bb612e6450a31cfa3a8
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1d08fd24da0d006c934b6840bf8b49170055fa88f065433c8dfe58ab00bf317
d5a5bb2c8dcafe80ce8e69e27a9059c3b6d3b29f685782f8011cbf7032028f83
d71c2c5ea716263eac5553685cbefaec7c8a61751e753a06449039c2655a1843
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585
d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a
da349d48ec2a67f341a1a140b68a0abb52a84b000a59c1d8e3f1486458217d51
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
df8cd83c350b8bee45d55b1e2828b02e919b873caa9eb08723010f9c193b9250
e1ef44bacf5da572d77131f447646f8c3da2fc7765e90c73a664c69121c71e87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e576243e2f67e209fbdb9b0f6d47b9d0572f4e82d5e5eb6d1750ae0e4afb7f93
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f61e22e43caeb98a5e711806031d357cfcea49a2ea7c3e91c2d66a8b3ac6e4c1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f840bc2dcc68de4a12db891b28a714eb6b6f27e9e0697f7621d758df3238ed26
fbb734a0862421fd3576acc8502b6c3e2adceb9b3a0509b7a64cab2def7b23b3
fcbb035f86f8c6564a75b382760de11e598c103ed4692c85d0f3ffd69a912b8e
fd1da987adaa0fdfbf2322dcebd71cb7173a7560ee66627613a48c5f6d190fa4

poorlydrawnlines.com Open in urlscan Pro 166.62.109.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

159 Requests

92 %HTTPS

36 %IPv6

30 Domains

50 Subdomains

40 IPs

6 Countries

3698 kBTransfer

8146 kBSize

22 Cookies

12 Outgoing links

Page URL History

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

poorlydrawnlines.com Open in urlscan Pro
166.62.109.7 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

92 %
HTTPS

36 %
IPv6

30
Domains

50
Subdomains

40
IPs

6
Countries

3698 kB
Transfer

8146 kB
Size

22
Cookies

159 HTTP transactions
8 data transactions